veilor-os

History

s8n 4f91fbb8f0 Some checks failed secret-scan / gitleaks (HEAD + history) (push) Has been cancelled Details secret-scan / detect-secrets (entropy + cross-tool) (push) Has been cancelled Details secret-scan / gitleaks (HEAD + history) (pull_request) Has been cancelled Details secret-scan / detect-secrets (entropy + cross-tool) (pull_request) Has been cancelled Details secret-scan / summary (push) Has been cancelled Details secret-scan / summary (pull_request) Has been cancelled Details fix(overlay): preload uas + usb-storage so UAS enclosures bind post-modules-lock veilor-modules-lock sets kernel.modules_disabled=1 about 30s after graphical.target. Without uas already loaded, hot-plugged USB-SATA bridges (ASMedia / JMicron / Realtek) that advertise both BBB and UAS alt-settings fail to bind — the kernel prefers uas, usb-storage stands down, and modprobe uas is denied by the lock. Add /etc/modules-load.d/veilor-storage.conf via the overlay so systemd-modules-load.service preloads uas + usb-storage at boot, before the lock engages. Document the rationale and a runtime quirks workaround in docs/HARDENING.md. Incident: 2026-05-13, onyx, SK Hynix SC311 in ASMT105x (174c:55aa).		2026-05-13 15:04:00 +01:00
..
apparmor.d/veilor.d	sec: AppArmor v0.6 stub — load profiles in complain mode	2026-05-06 11:15:30 +01:00
audisp	sec: AppArmor profile skeletons + audit shipping draft + veilor-firstboot SELinux module (#3 )	2026-05-02 04:39:39 +01:00
audit/plugins.d	sec: AppArmor profile skeletons + audit shipping draft + veilor-firstboot SELinux module (#3 )	2026-05-02 04:39:39 +01:00
firewalld/zones	v0.5.32: ship 7 blockers from 9-agent wave	2026-05-05 15:36:24 +01:00
modules-load.d	fix(overlay): preload uas + usb-storage so UAS enclosures bind post-modules-lock	2026-05-13 15:04:00 +01:00
os-release.d	v0.5.27: rd.luks.uuid via grubby, GRUB rebrand, fbcon=nodefer, ASCII gum cursor	2026-05-05 01:43:00 +01:00
sddm.conf.d	veilor-os v0.1 scaffold — kickstart + hardening + 3-mode power + DuckSans-ready KDE black theme	2026-04-30 03:43:33 +01:00
skel	v0.5.32: ship 7 blockers from 9-agent wave	2026-05-05 15:36:24 +01:00
ssh/sshd_config.d	v0.5.16: sshd UseDNS no — fix banner timeout on NAT/slirp	2026-05-03 15:41:15 +01:00
sudoers.d	veilor-os v0.1 scaffold — kickstart + hardening + 3-mode power + DuckSans-ready KDE black theme	2026-04-30 03:43:33 +01:00
sysctl.d	veilor-os v0.1 scaffold — kickstart + hardening + 3-mode power + DuckSans-ready KDE black theme	2026-04-30 03:43:33 +01:00
systemd/system	v0.5.32: ship 7 blockers from 9-agent wave	2026-05-05 15:36:24 +01:00
tuned/profiles	ci: quote $@ in tuned profile scripts (SC2068) (#10 )	2026-05-02 04:17:22 +01:00
udev/rules.d	veilor-os v0.1 scaffold — kickstart + hardening + 3-mode power + DuckSans-ready KDE black theme	2026-04-30 03:43:33 +01:00
usbguard	v0.5.32: ship 7 blockers from 9-agent wave	2026-05-05 15:36:24 +01:00