apparmor.d

Author	SHA1	Message	Date
Alexandre Pujol	03d7ef5589	feat(profile): add profile for sshd session. It is only a first draft as recent update in sshd, split sshd in multiple binaries, it will allow us to also split the confinement in multiple profile.	2025-06-21 19:52:22 +02:00
Alexandre Pujol	7dd860f277	feat(profile): minor update & cosmetic.	2025-06-16 23:15:07 +02:00
Alexandre Pujol	2282128cbd	feat(fsp): setup RBAC mapping in auth enabled profiles.	2025-05-31 13:43:57 +02:00
Alexandre Pujol	04b6cade64	feat(profile): use profile variable in rules such as in dbus, ptrace, unix...	2025-05-26 01:17:14 +02:00
Alexandre Pujol	c969faf6e8	feat(profile): add initial version of sshd-auth. Fix #725	2025-05-01 19:46:32 +02:00
Alexandre Pujol	fd17a77b17	feat(profile): use @{sbin} for all program inside /usr/sbin.	2025-04-28 21:27:57 +02:00
Alexandre Pujol	feaf61fb0b	feat(profile): various small improvment.	2025-04-05 22:46:19 +02:00
Alexandre Pujol	334b48749a	feat(profile): various minor update.	2025-03-04 22:33:42 +01:00
nobody43	0769e42ea2	regression: session names 2	2025-01-09 23:34:29 +01:00
Roman Beslik	b35c2a0abf	non-owner accesses authorized_keys	2024-12-23 22:41:42 +01:00
Alexandre Pujol	4e5f4cb06a	feat: profiles and integration tests improvments. Add the udbus variable to be used in `unix bind` rule for dbus.	2024-11-19 19:04:27 +00:00
Alexandre Pujol	61a27bc336	feat(profile): initial integration with attached path. The feature is not yet enabled. See https://apparmor.pujol.io/development/internal/#re-attached-path	2024-10-11 14:13:17 +01:00
Alexandre Pujol	5ed4df6916	feat(profile): update all profile to abi 4.0 by default.	2024-10-02 14:04:08 +01:00
Alexandre Pujol	909d3062b5	feat(profile): ssh: add sshd-session fix #442	2024-08-22 17:43:00 +01:00
REmerald	4d707633a1	feat(groups/{c,d,f,s}*): vim syntax support Add vim modeline instructing the editor to use syntax plugin provided by apparmor. Continuation of #392 to keep the diff list relatively short.	2024-06-16 17:30:44 +01:00
Alexandre Pujol	8b60e56002	feat(profile): general update.	2024-06-04 20:13:40 +01:00
Alexandre Pujol	ad960d477b	feat(profile): replace former regex by the new @{user} variable.	2024-05-15 17:22:20 +01:00
Alexandre Pujol	1739c07ca1	feat(profile): general update.	2024-05-11 17:38:43 +01:00
Alexandre Pujol	095254864f	feat(profile): general update.	2024-04-03 21:04:18 +01:00
Alexandre Pujol	6dd0c36e9a	feat: prefix variables that refer to a profile	2024-04-02 13:41:08 +01:00
Alexandre Pujol	197c1bd78a	feat(profile): general update.	2024-03-27 21:53:11 +00:00
Alexandre Pujol	828f282fc3	feat(profile): cleanup unix_chpwd already present in abs.	2024-03-22 13:11:49 +00:00
Alexandre Pujol	bf22e0770f	feat(profile): improve integration with opensuse.	2024-03-17 22:47:36 +00:00
Alexandre Pujol	467c38724a	feat(profile): clean superfluous openssl abstraction includes apparmor.d equivalent of https://gitlab.com/apparmor/apparmor/-/merge_requests/1179	2024-03-12 16:00:44 +00:00
Alexandre Pujol	ffb189ef65	feat(profile): general update.	2024-02-29 00:32:40 +00:00
Alexandre Pujol	555b5e3c3f	feat(profile): general update.	2024-02-28 17:17:20 +00:00
Alexandre Pujol	cdaf72eb3d	feat(profile): general update.	2024-02-07 13:50:40 +00:00
Alexandre Pujol	2cd14aa6bb	chore: add missing and update copyright year.	2024-02-07 00:16:21 +01:00
Alexandre Pujol	a30c2e5e85	feat: add the new shells variable to ensure support for all interactive shell. Fix #269	2024-01-25 13:16:40 +00:00
Alexandre Pujol	42fc4622ed	feat(profile): general update.	2024-01-21 11:56:02 +00:00
Alexandre Pujol	d81bce5559	feat(profile): general update.	2023-12-08 18:01:39 +00:00
Alexandre Pujol	1cf268b770	refractor(dbus): use the new bus-{systemd,session} abstractions.	2023-12-06 21:56:59 +00:00
Alexandre Pujol	da3b5103e4	feat(dbus): rewrite some dbus rules (5).	2023-12-04 21:54:45 +00:00
Alexandre Pujol	209688fe86	feat(profile): general update.	2023-11-27 19:35:42 +00:00
Alexandre Pujol	2143fb03af	feat(full): add new systemd variable.	2023-11-19 11:13:40 +00:00
Alexandre Pujol	6f98bb9bfb	feat(abs): add more possible resolv.conf path in nameservice. Used a lot by debian.	2023-11-13 19:32:04 +00:00
Alexandre Pujol	22e57b3620	feat(profiles): apply guideline on some profile. Update flags list.	2023-08-27 15:30:18 +01:00
Alexandre Pujol	275d6b6e62	feat(profiles): replace old [0-9]* glob by @{int} Beware some [0-9]* glob are actually not proper @{int}.	2023-08-18 17:09:53 +01:00
Alexandre Pujol	27daa7c9bb	refactor(profiles): use @{bin} and @{lib} in profiles (3)	2023-07-09 14:09:55 +01:00
Alexandre Pujol	3ff8e3847d	feat(profiles): general update.	2023-03-03 12:20:10 +00:00
Alexandre Pujol	ef292b585c	feat(profiles): first set of rules for Ubuntu Core support.	2023-02-19 18:22:18 +00:00
Alexandre Pujol	a402200dbe	feat(profiles): general update.	2023-02-05 00:03:20 +00:00
Alexandre Pujol	bac87f9547	feat(profiles): use /etc read only variable: etc_ro	2023-02-04 23:34:29 +00:00
Alexandre Pujol	9a46df81b9	feat(profiles): remove rules promoted into the base abstraction.	2022-11-28 18:05:29 +00:00
Alexandre Pujol	26f838b73f	feat(profiles): general update.	2022-11-11 22:18:55 +00:00
Jeroen Rijken	689f48b217	motd fixes	2022-08-19 19:25:22 +01:00
Alexandre Pujol	e087349662	feat(profiles): define more xdg variables.	2022-06-26 17:32:12 +01:00
Alexandre Pujol	08bb1b44a6	style(profiles): small rules improvment.	2022-06-14 19:25:45 +01:00
Alexandre Pujol	d998b1dd6e	feat(profiles): improve ubuntu compatibility.	2022-06-13 22:04:12 +01:00
Alexandre Pujol	50a18aac08	feat(profiles): add some core dbus rules.	2022-06-12 23:50:58 +01:00

1 2

56 commits