mirror of
https://github.com/fleetdm/fleet
synced 2026-05-24 09:28:54 +00:00
442f6d0df3
Some checks are pending
Build binaries / build-binaries (push) Waiting to run
Check automated documentation is up-to-date / check-doc-gen (push) Waiting to run
CodeQL / Analyze (push) Waiting to run
Deploy Fleet website / build (20.x) (push) Waiting to run
Apply latest configuration to dogfood with GitOps / fleet-gitops (push) Waiting to run
Docker publish / publish (push) Waiting to run
Ingest maintained apps / build (push) Waiting to run
OSSF Scorecard / Validate Gradle wrapper (push) Waiting to run
OSSF Scorecard / Scorecard analysis (push) Waiting to run
Sync Maintained Apps Outputs to R2 / sync-to-r2 (push) Waiting to run
Test DB Changes / test-db-changes (push) Waiting to run
Run fleetd-chrome tests / test-fleetd-chrome (ubuntu-latest) (push) Waiting to run
JavaScript Tests / test-js (ubuntu-latest) (push) Waiting to run
JavaScript Tests / lint-js (ubuntu-latest) (push) Waiting to run
Test Mock Changes / test-mock-changes (push) Waiting to run
Test native tooling packaging / test-packaging (local, ubuntu-latest) (push) Waiting to run
Test native tooling packaging / test-packaging (remote, ubuntu-latest) (push) Waiting to run
Test Puppet / test-puppet (push) Waiting to run
Add macOS and Windows screen-lock configuration profiles and manual exclusion labels, and wire them into fleet manifests and policies. - Add macOS mobileconfig (screen-lock-inactivity) to start screensaver after 900s and require a password with a 60s delay. - Add Windows configuration (Screen lock timeout.xml) to set InteractiveLogon_MachineInactivityLimit to 900s (15 minutes). - Create manual labels: "macOS screen lock exclusions" and "Windows screen lock exclusions" (empty host lists). - Register the new labels in it-and-security/default.yml and include the new profiles in workstations.yml with labels_exclude_any pointing to the appropriate exclusion label. - Update macOS and Windows policy YAMLs to exclude hosts in the corresponding exclusion labels. <!-- This is an auto-generated comment: release notes by coderabbit.ai --> ## Summary by CodeRabbit * **New Features** * Added macOS and Windows "screen lock exclusions" labels to allow manual exemption of devices. * Introduced a macOS configuration profile that enforces a 15-minute inactivity screen lock and requires a password on resume. * Introduced a Windows configuration profile setting an equivalent 15-minute inactivity timeout. * Screen-lock policies now support label-based exclusions so exempted devices are not affected. <!-- end of auto-generated comment: release notes by coderabbit.ai --> |
||
|---|---|---|
| .. | ||
| configuration-profiles | ||
| policies | ||
| reports | ||
| scripts | ||
| software | ||