Skip to content

Release 0.11.1#277

Merged
ghantoos merged 33 commits intomainfrom
pre-release
Mar 22, 2026
Merged

Release 0.11.1#277
ghantoos merged 33 commits intomainfrom
pre-release

Conversation

@ghantoos
Copy link
Copy Markdown
Owner

@ghantoos ghantoos commented Mar 22, 2026

v0.11.1 21/03/2026

  • Feature: Added lshell setup-system to provision logging paths/permissions and user/group wiring for deployments.
  • Feature: Added lshell harden-init with hardened templates (sftp-only, rsync-backup, deploy-minimal, readonly-support) plus --dry-run, scoped [grp:*]/[user:*], and validation checks.
  • Feature: Added configurable handling for command not found messages.
  • Feature: Hardened CLI env argument parsing for LSHELL_ARGS.
  • Feature: Added ECS-compatible JSON security audit events via security_audit_json.
  • Feature: Added runtime containment controls: max_sessions_per_user, max_background_jobs, command_timeout, and max_processes (RLIMIT_NPROC), and surfaced them in policy diagnostics.
  • Feature: Improved shell signal behavior for Ctrl+C/interrupt flows and Ctrl+D handling when stopped/background jobs exist.
  • Package: Added packaged Bash completion support (etc/bash_completion.d/lshell).
  • Package: Updated DEB/RPM packaging and smoke-test scripts for more stable build/install validation.
  • Package: Migrated packaging/build metadata to pyproject.toml (PEP 517) and removed setup.py.
  • Tests: Expanded audit test coverage for structured security events.
  • Tests: Added parser fuzzing support (Atheris) and expanded security/property-based tests.

ghantoos and others added 30 commits March 10, 2026 22:50
@ghantoos
Update README and configuration file with improved descriptions and s…
e10437f 
…tructure
@ghantoos
Add PyPI project page link to README
ce28808
@ghantoos
Update RPM packaging for lshell with Fedora scripts and configuration
ba48fd8
@ghantoos
Add command not found message handling and tests
6912eb1
@ghantoos
Update .deb packaging for lshell
350e819
@ghantoos
Merge branch 'f/bash-command-not-found'
33d4f1e
@ghantoos
Update version to 0.11.1rc1 and document command not found message ha…
650c46a 
…ndling in CHANGELOG
@ghantoos
Atheris fuzz (#272)
eb7d534 
* Atheris fuzz initial commit

* Fix pylint

* Update payload alphabet to exclude backtick and dollar characters

* Refactor fuzzing commands and update Dockerfile for dependency installation

* Refactor GitHub Actions workflow to separate testing and linting steps, update dependencies installation, and improve readability

* Separate GA workflows for fuzzing, linting, and SSH end-to-end testing in different files

* Merge all tests into a single file
@ghantoos
Fix GitHub Actions workflow status badges
62d3ef3
@ghantoos
Update to pyproject.toml / PEP 517 (#273)
d466bc6
@ghantoos
Bump version to 0.11.1rc2
3eea38a
@ghantoos
Enhance CLI argument handling by safely parsing LSHELL_ARGS from envi…
1ed062c 
…ronment variables and adding unit tests for validation
@ghantoos
Add ECS JSON security audit logging, setup-system CLI, and stable DEB…
bc0303a 
…/RPM packaging workflows (#274)

* Implement structured security audit logging with JSON output and ECS alignment

* add setup-system command and tests

* extract compose and test helper scripts

* stabilize deb/rpm packaging flow and versioning

* test: add functional coverage for setup-system, audit JSON, and parser module

* bump version to 0.11.1rc3
@ghantoos
Add harden-init profile generator and tests
9d69d79
@ghantoos
Add bash completion support for lshell admins
de5ee51
@ghantoos
Merge pull request #275 from ghantoos/f/harden-templates
904a842 
Add harden-init profiles and bash completion for lshell
@ghantoos
containment: enforce max_sessions_per_user session caps
54e05df
@ghantoos
containment: enforce max_background_jobs for '&' commands
f4d09d9
@ghantoos
containment: add per-command command_timeout enforcement
6a5189a
@ghantoos
containment: apply max_processes via RLIMIT_NPROC
7d56b5f
@ghantoos
ci: enforce main/pre-release release flow and update docs
9a81b2a
@ghantoos
docs: update PyPI project link format in README
2ea3dfa
@ghantoos
fix: improve handling of keyboard interrupts in command execution
bcbffe6
@ghantoos
enhance Ctrl+D handling with existing stopped/bg jobs
3080537
@ghantoos
containment: default unlimited for max_sessions_per_user, max_backgro…
0efd0e3 
…und_jobs, command_timeout, and max_processes
@ghantoos
containment: include runtime limits in policy overview and add relate…
3434de0 
…d tests
@ghantoos
docs: add best practice note for command_timeout and max_processes in…
5e51a3d 
… README and man page
@ghantoos
Merge branch 'pre-release' into f/limits
04fa988
@ghantoos
ci: update GitHub Actions workflow for PyPI publishing with version c…
05fefbe 
…hecks and conditions
@ghantoos
Merge pull request #276 from ghantoos/f/limits
009234d 
New feature: containment: add runtime limits and optional cgroup targeting
@ghantoos ghantoos merged commit eb1b136 into main Mar 22, 2026
13 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@ghantoos