mustard/qubes-mgmt-ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

revert: do not use hardened_malloc

Browse source
This commit is contained in:
mustard 2025-12-09 20:53:41 +01:00
parent 8b917dc378
commit a75c02d7b1
1 changed files with 0 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

23
roles/baseline/tasks/main.yaml
View file

@ -140,14 +140,6 @@
- name: Mark packages as manually installed to avoid removal
shell: 'dnf mark user flatpak -y && source /etc/environment'
- name: Enable hardened_malloc COPR
shell: 'dnf copr enable secureblue/hardened_malloc -y'
- name: Install hardened_malloc
ansible.builtin.dnf5:
name: 'hardened_malloc'
state: 'present'
when: use_hardened_malloc == true
- name: Install custom packages
ansible.builtin.dnf5:
name:
@ -158,21 +150,6 @@
- 'xdg-desktop-portal-gtk'
- 'qubes-video-companion'
- name: Enable hardened_malloc
ansible.builtin.copy:
src: 'etc/ld.so.preload'
dest: '/etc/ld.so.preload'
mode: '0644'
when: use_hardened_malloc == true
- name: Enable hardened_malloc for system wide flatpak
shell: 'flatpak override --system --filesystem=host-os:ro --env=LD_PRELOAD=/var/run/host/usr/lib64/libhardened_malloc.so'
when: use_hardened_malloc == true
- name: Enable hardened_malloc for user flatpak # has to be run per APP VM
shell: 'flatpak override --user --filesystem=host-os:ro --env=LD_PRELOAD=/var/run/host/usr/lib64/libhardened_malloc.so'
when: use_hardened_malloc == true
- name: Setup dnf repos
ansible.builtin.copy:
src: 'etc/dnf/dnf.conf'