fix: remove use of sudo to allow running from root shell for repeat runs
This commit is contained in:
		
							parent
							
								
									abf2dd653d
								
							
						
					
					
						commit
						bbd2e01bac
					
				
					 6 changed files with 13 additions and 11 deletions
				
			
		|  | @ -100,7 +100,7 @@ | |||
|   - 'etc/dconf/db/local.d/privacy' | ||||
| 
 | ||||
| - name: Update dconf | ||||
|   shell: sudo dconf update | ||||
|   shell: 'dconf update' | ||||
| 
 | ||||
| - name: Setup ZRAM, flatpak updater and environment variables to disable GJS + WebkitGTK JIT | ||||
|   ansible.builtin.copy: | ||||
|  | @ -125,10 +125,10 @@ | |||
|     state: latest | ||||
| 
 | ||||
| - name: Mark packages as manually installed to avoid removal | ||||
|   shell: 'sudo dnf mark user flatpak gnome-menus qubes-menus -y' | ||||
|   shell: 'dnf mark user flatpak gnome-menus qubes-menus -y' | ||||
| 
 | ||||
| - name: Enable hardened_malloc COPR | ||||
|   shell: 'sudo dnf copr enable secureblue/hardened_malloc -y' | ||||
|   shell: 'dnf copr enable secureblue/hardened_malloc -y' | ||||
| 
 | ||||
| - name: Install hardened_malloc | ||||
|   ansible.builtin.dnf5: | ||||
|  | @ -153,7 +153,7 @@ | |||
|   when: use_hardened_malloc == true | ||||
| 
 | ||||
| - name: Enable hardened_malloc for system wide flatpak | ||||
|   shell: 'sudo flatpak override --system --filesystem=host-os:ro --env=LD_PRELOAD=/var/run/host/usr/lib64/libhardened_malloc.so' | ||||
|   shell: 'flatpak override --system --filesystem=host-os:ro --env=LD_PRELOAD=/var/run/host/usr/lib64/libhardened_malloc.so' | ||||
|   when: use_hardened_malloc == true | ||||
| 
 | ||||
| - name: Enable hardened_malloc for user flatpak # has to be run per APP VM | ||||
|  |  | |||
|  | @ -44,7 +44,7 @@ kernel.unprivileged_userns_clone = 1 | |||
| 
 | ||||
| # Disable ptrace. Not needed on workstations. | ||||
| {% if allow_ptrace %} | ||||
| kernel.yama.ptrace_scope = 2 | ||||
| kernel.yama.ptrace_scope = 1 | ||||
| {% else %} | ||||
| kernel.yama.ptrace_scope = 3 | ||||
| {% endif %} | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue
	
	 mustard
						mustard