220e791048
- Generate internal CA + CA-signed web TLS cert in postinst (port 443 was falling back to plain HTTP because no cert files existed) - Repair stale sqlx migration checksums for upgrades from <= 1.1.7 - Restore health check as advisory only (never fails the install) - Use runuser instead of sudo (sudo is not guaranteed on minimal images) - Replace predictable /tmp password file with mktemp under /run - Frontend assets root-owned read-only (security) - Drop Pre-Depends: postgresql-16 (misuse); drop argon2 dep (unused) - Add openssl, curl, cron, util-linux as proper dependencies
27 lines
985 B
Plaintext
27 lines
985 B
Plaintext
Package: linux-patch-manager
|
|
Version: 1.1.13-1
|
|
Architecture: amd64
|
|
Maintainer: Moon Dragon <echo@moon-dragon.us>
|
|
Installed-Size: 45000
|
|
Depends: postgresql-16, openssl, curl, cron | cron-daemon, util-linux, libssl3, libc6 (>= 2.39), libfontconfig1
|
|
Recommends: postgresql-client-16, fonts-dejavu-core
|
|
Suggests: gpg
|
|
Section: admin
|
|
Priority: optional
|
|
Description: Enterprise Linux Patch Management System
|
|
Linux Patch Manager is a secure, web-based management interface for
|
|
controlling patching and updates on Linux servers and workstations.
|
|
.
|
|
Features include:
|
|
- Multi-factor authentication (TOTP + WebAuthn)
|
|
- Role-based access control (Admin/Operator)
|
|
- Mutual TLS agent communication
|
|
- Internal Certificate Authority
|
|
- Automated patch deployment with rollback
|
|
- Maintenance window scheduling
|
|
- Real-time WebSocket job monitoring
|
|
- CSV/PDF compliance reporting
|
|
- Audit logging with hash-chain integrity
|
|
- Email notifications
|
|
- Azure SSO (OAuth2/OIDC with PKCE)
|