felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3609 commits 5 branches 0 tags 16 MiB
Commit graph

2616 commits

Author SHA1 Message Date
Alexandre Pujol
80f5c50f13 feat(profile): ensure flatpak can handle chromium based software. 
fix  #715
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
c008cbda67 feat(profile): add profile for most of udev internat scripts 
Required by FSP.
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
379a093b10 feat(fsp): small improvment to systemd profiles. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
63e2b9372b fix: snap access to cgroup. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
69aa16625b feat(profile): add support for gimp 3.0 
fix #656
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
5e38394986 fix(profile): snap: simplify cgroup access. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
cd890bb81b feat(profile): minor improvement & update. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
e61529bd04 feat(profile): add integration with role profiles. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
5760ba4e48 feat(abs): fusermount: add mount, umount to fusermount. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
0860667d28 fix(profile): spotify needs to read usb. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
35d42038fd feat(abs): add abstraction for ansible. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
c32884ddeb feat(profile): add base mappings definition. 
Used by profiles before to confine pre login script bfore transitionning to user hat.

It should only be enabled when mapping is enabled as otherwise the shell is not confined.
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
305c2e344f
fix: trailing whitespace. 2025-04-07 22:55:47 +02:00
Alexandre Pujol
ca381c4f07
feat(profile): update aa-notify for apparmor 4.1 2025-04-07 22:50:09 +02:00
beroal
2bc55822d0
Briar: lyrebird, sound (#714) 
* initial

* abi 4 to 3

* abi 3 to 4
 2025-04-07 20:13:46 +00:00
Alexandre Pujol
4c67b21bf3
feat(profile): finish using variable instead of [0-9]. 2025-04-06 20:56:39 +02:00
Alexandre Pujol
c391bdefc1
feat(tunable): add editor_ui variables. 2025-04-06 15:49:15 +02:00
Alexandre Pujol
89fca6d9cf
feat(profile): update pam-tmpdir-helper path. 2025-04-06 15:31:10 +02:00
Alexandre Pujol
1009de7e6c
feat(abs): add the fusermount abstraction. 2025-04-06 15:30:10 +02:00
Alexandre Pujol
feaf61fb0b
feat(profile): various small improvment. 2025-04-05 22:46:19 +02:00
Alexandre Pujol
6b5e586d83
feat(abs): limit number of tty 
Up to 64 tty and 2048 pts.
 2025-04-05 22:39:45 +02:00
Alexandre Pujol
d5e70ca994
fix(test): various integration improvments. 2025-04-05 21:43:55 +02:00
Alexandre Pujol
8d71574e4d
build: improve the use of attached/base. 2025-04-05 21:31:51 +02:00
Alexandre Pujol
b532929f5d
fix(ci): ensure dbus session is confined during tests 2025-04-05 19:19:56 +02:00
Alexandre Pujol
5fb5d03512
feat(abs): ensure attached/consoles is not used manually. 2025-04-05 15:00:08 +02:00
Alexandre Pujol
c2b9f21d85
feat(profile): improve attached paths definition. 2025-04-05 00:38:47 +02:00
Alexandre Pujol
22a214ca1b
feat(abs): add attached dbus path. 2025-04-05 00:32:16 +02:00
Alexandre Pujol
2e79406127
feat(profile): allow dbus to receive failure. 2025-03-30 21:31:33 +02:00
Alexandre Pujol
41ff05369d
fix(profile): integration tests. 2025-03-30 21:07:47 +02:00
Alexandre Pujol
86759f2ef1
feat(profile): update docker profiles. 2025-03-30 21:04:05 +02:00
Alexandre Pujol
c80c82fda2
fix(profile): integration tests. 2025-03-30 19:42:59 +02:00
Alexandre Pujol
71a8bf6be8
feat(profile): improve signal across profiles. 2025-03-30 18:54:27 +02:00
Alexandre Pujol
73e3ac6cbd
feat(profile): snap: improve update-ns. 2025-03-30 18:50:16 +02:00
Alexandre Pujol
94c7c1b33c
feat(profile): run-parts: use the motd profile. 2025-03-30 18:33:36 +02:00
Alexandre Pujol
5173d3177c
fix(profile): qemu: ensure guest addition can shutdown the system. 2025-03-30 18:32:26 +02:00
Alexandre Pujol
e73ea12cea
feat(profile): aa-log - move call to journalctl to a subprofile. 2025-03-30 18:31:25 +02:00
Alexandre Pujol
fbbf68f0ee
feat(profile): udiskd needs ipc_lock. 2025-03-30 18:30:24 +02:00
Alexandre Pujol
1751a9997c
fix(profile): integration tests. 2025-03-30 18:28:50 +02:00
Alexandre Pujol
5975c7f250
feat(profile): add ufw-init. 2025-03-30 17:12:25 +02:00
Alexandre Pujol
ee52841833
feat(profile): add sysstat profiles. 2025-03-30 17:07:51 +02:00
Alexandre Pujol
3ffcc533b4
feat(profile): allow pacman to pwd anywhere. 2025-03-30 16:36:24 +02:00
Alexandre Pujol
735f5de518
feat(profile): general update. 2025-03-30 16:27:41 +02:00
Alexandre Pujol
414d8a3a47
feat(profile): update flatpak profiles. 2025-03-29 13:05:56 +01:00
Alexandre Pujol
2e5c860f0d
feat(profile): docker: add git & init subprofile. 2025-03-28 23:33:12 +01:00
Alexandre Pujol
7a352cb7df
feat(profile): motd: make it more generic. 2025-03-28 23:32:28 +01:00
Alexandre Pujol
fbb71fb47b
fix(profile): thunar 
fix #704
 2025-03-28 18:16:42 +01:00
Alexandre Pujol
4e1b983103
fix(abs): remove duplicated rule 
fix #709
 2025-03-28 18:00:04 +01:00
Alexandre Pujol
7562f87d9d
fix(profile): flatpak 
fix #710
 2025-03-28 17:56:46 +01:00
Roman Beslik
647d22ab9f read access to the hwmon directory 2025-03-26 10:21:22 +01:00
Alexandre Pujol
921503f514
feat(profile): small improvment on UI profiles. 2025-03-24 22:00:54 +01:00