Skip to content

adrelanos/user-sysmaint-split

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

287 Commits
debian
debian
 
 
etc
etc
 
 
usr
usr
 
 
CONTRIBUTING.md
CONTRIBUTING.md
 
 
COPYING
COPYING
 
 
README.md
README.md
 
 
changelog.upstream
changelog.upstream
 
 

Repository files navigation

Role-Based Boot Modes - user versus sysmaint

Adds a GRUB boot menu entry "PERSISTENT mode SYSMAINT (For system maintenance tasks.)"

Makes Privilege Escalation Tools (such as sudo, su, pkexec) inaccessible to limited user accounts such as user "user".

Adds kernel parameter "boot-role=sysmaint" and "systemd.unit=sysmaint-boot.target".

How to install user-sysmaint-split using apt-get

1. Download the APT Signing Key.

wget https://www.kicksecure.com/keys/derivative.asc

Users can check the Signing Key for better security.

2. Add the APT Signing Key.

sudo cp ~/derivative.asc /usr/share/keyrings/derivative.asc

3. Add the derivative repository.

echo "deb [signed-by=/usr/share/keyrings/derivative.asc] https://deb.kicksecure.com bookworm main contrib non-free" | sudo tee /etc/apt/sources.list.d/derivative.list

4. Update your package lists.

sudo apt-get update

5. Install user-sysmaint-split.

sudo apt-get install user-sysmaint-split

How to Build deb Package from Source Code

Can be build using standard Debian package build tools such as:

dpkg-buildpackage -b

See instructions.

NOTE: Replace generic-package with the actual name of this package user-sysmaint-split.

Contact

Donate

user-sysmaint-split requires donations to stay alive!

About

Splits privileges between an unprivileged user account and a separate sysmaint account

www.kicksecure.com/wiki/sysmaint

Topics

security users privilege-separation kicksecure sysmaint

Resources

Readme

License

View license

Contributing

Contributing
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

15 tags

Packages

 
 
 

Contributors

Languages

  • Shell 100.0%