apparmor.d

Author	SHA1	Message	Date
Alexandre Pujol	0f017048e4	fix(profile): fix att path in flatpak fix #820	2025-08-22 17:57:40 +02:00
Alexandre Pujol	8b49f9ebf5	feat(profile): update telegram path fix #821	2025-08-22 17:52:57 +02:00
curiosityseeker	ddee051279	Update gnome-boxes	2025-08-22 17:40:56 +02:00
curiosityseeker	b3dd09ce01	Update gnome-boxes ALLOWED gnome-boxes open /usr/share/ladspa/rdf/ comm=gst-plugin-scan requested_mask=r denied_mask=r ALLOWED gnome-boxes open /usr/share/ladspa/rdf/ladspa.rdfs comm=gst-plugin-scan requested_mask=r denied_mask=r ALLOWED gnome-boxes open /usr/share/ladspa/rdf/ladspa-rubberband.rdf comm=gst-plugin-scan requested_mask=r denied_mask=r ALLOWED gnome-boxes open @{sys}/devices/@{pci}/usb2/2-3/bConfigurationValue comm=gnome-boxes requested_mask=r denied_mask=r ALLOWED gnome-boxes open @{sys}/devices/@{pci}/usb1/1-6/1-6.2/bConfigurationValue comm=gnome-boxes requested_mask=r denied_mask=r ALLOWED gnome-boxes open @{sys}/devices/@{pci}/usb1/1-14/bConfigurationValue comm=gnome-boxes requested_mask=r denied_mask=r ALLOWED gnome-boxes open @{sys}/devices/@{pci}/usb1/1-13/bConfigurationValue comm=gnome-boxes requested_mask=r denied_mask=r	2025-08-22 17:40:56 +02:00
curiosityseeker	2c64ab91cb	Update grub-mkrelpath	2025-08-22 17:40:39 +02:00
curiosityseeker	4d15570ff1	Update grub-mkrelpath ALLOWED grub-mkrelpath open /tmp/grub-btrfs.byRQTjiteL/@_backup_2025-08-20T16:43@{busname}.488Z/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r ALLOWED grub-mkrelpath open /tmp/grub-btrfs.byRQTjiteL/@_backup_2025-08-18T13:49@{busname}.739Z/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r ALLOWED grub-mkrelpath open /tmp/grub-btrfs.byRQTjiteL/@_backup_2025-04-11T11@{busname}:58.643Z/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r ALLOWED grub-mkrelpath open /tmp/grub-btrfs.byRQTjiteL/@_backup_@{int16}5/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r ALLOWED grub-mkrelpath open /tmp/grub-btrfs.Xj00SFNAa3/@_backup_2025-08-20T16:43@{busname}.488Z/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r ALLOWED grub-mkrelpath open /tmp/grub-btrfs.Xj00SFNAa3/@_backup_2025-08-18T13:49@{busname}.739Z/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r ALLOWED grub-mkrelpath open /tmp/grub-btrfs.Xj00SFNAa3/@_backup_2025-04-11T11@{busname}:58.643Z/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r ALLOWED grub-mkrelpath open /tmp/grub-btrfs.Xj00SFNAa3/@_backup_@{int16}5/boot/ comm=grub-mkrelpath requested_mask=r denied_mask=r	2025-08-22 17:40:39 +02:00
curiosityseeker	5d7646d9cc	Update mandb ALLOWED mandb exec @{bin}/bzip2 -> mandb//null-@{bin}/bzip2 comm=mandb requested_mask=x denied_mask=x ALLOWED mandb//null-@{bin}/bzip2 file_inherit /usr/share/man/man8/grub-btrfsd.8.bz2 comm=bzip2 requested_mask=r denied_mask=r ALLOWED mandb//null-@{bin}/bzip2 file_inherit /var/cache/man/52062 comm=bzip2 requested_mask=wr denied_mask=wr ALLOWED mandb//null-@{bin}/bzip2 file_mmap @{bin}/bzip2 comm=bzip2 requested_mask=r denied_mask=r ALLOWED mandb//null-@{bin}/bzip2 getattr /usr/share/man/man8/grub-btrfsd.8.bz2 comm=bzip2 requested_mask=r denied_mask=r ALLOWED mandb//null-@{bin}/bzip2 file_inherit /usr/share/man/man8/grub-btrfs.8.bz2 comm=bzip2 requested_mask=r denied_mask=r ALLOWED mandb//null-@{bin}/bzip2 getattr /usr/share/man/man8/grub-btrfs.8.bz2 comm=bzip2 requested_mask=r denied_mask=r	2025-08-22 14:42:20 +02:00
Alexandre Pujol	f3d209e42a	feat(profile): ensure nautilus can access root files.	2025-08-19 22:58:46 +02:00
Alexandre Pujol	c806ec44eb	feat(profile): update virt profiles.	2025-08-19 22:56:07 +02:00
Alexandre Pujol	5e5fde7741	feat(abs): add the sqlite abstraction.	2025-08-19 21:43:20 +02:00
Alexandre Pujol	24f629d326	fix(profile): few fixes related to reattached paths. See #816	2025-08-17 21:43:23 +02:00
Alexandre Pujol	952c4e91a1	feat(aa): add aa --enforce and aa --complain. These are small dev tools, not installed by default.	2025-08-17 20:50:00 +02:00
Alexandre Pujol	7f9664c51f	feat(profile): add profile for mpris-proxy.	2025-08-17 17:51:10 +02:00
Alexandre Pujol	ba16e3c340	feat(profile): cleanup log from well known programs.	2025-08-17 17:20:08 +02:00
Alexandre Pujol	4dba131fb3	feat(profile): parser: move sysctl to its own subprofile.	2025-08-17 17:16:24 +02:00
Alexandre Pujol	7e79d5abef	feat(profile): improve support for ubuntu & kubuntu.	2025-08-17 17:15:24 +02:00
Alexandre Pujol	523522dd1d	feat(profile): improve kde profiles.	2025-08-17 17:05:38 +02:00
Alexandre Pujol	edc2755d61	feat(profile): kde: add initial dbus definition.	2025-08-17 17:03:17 +02:00
Alexandre Pujol	58aea2b00d	build: update flag manifest.	2025-08-17 11:59:06 +02:00
Alexandre Pujol	4e70cb4c91	fix(profile): workaround in apparmor issue for attached path. See https://gitlab.com/apparmor/apparmor/-/issues/450 Fix #815	2025-08-17 11:57:36 +02:00
Alexandre Pujol	52e9ae9fd6	fix(profile): define missing domain.	2025-08-17 00:29:21 +02:00
Alexandre Pujol	9110a70124	tests: add debian/ubuntu based tests images. Also some cleanup of tests resources.	2025-08-17 00:16:31 +02:00
Alexandre Pujol	7c427aaae6	build: do not overwrite steam.	2025-08-17 00:10:34 +02:00
Alexandre Pujol	d3507e24b9	fix(build): ensure post install script do not fail.	2025-08-17 00:09:28 +02:00
Alexandre Pujol	e55ace4e0a	fix(profile): issue with re-attached paths - Add missing att on some profiles - Fix alias / -> // - Fix aa-log att variable resolution fix #813 #814	2025-08-17 00:07:53 +02:00
Alexandre Pujol	5ee999536c	feat(abs): reorganize the electron & chromium abs.	2025-08-16 19:23:33 +02:00
Alexandre Pujol	f5a4acd37e	feat(abs): graphics: add cpu_capacity	2025-08-16 19:13:59 +02:00
Alexandre Pujol	ca24da7a2a	build(debian): improve post install scripts.	2025-08-15 19:49:43 +02:00
Alexandre Pujol	e805509803	build: opensuse: improve post install script.	2025-08-15 19:42:44 +02:00
Alexandre Pujol	be341a4ca8	feat(profile): syncthing 2.0 uses sqlite.	2025-08-15 18:43:21 +02:00
Alexandre Pujol	c0de5ff71d	ci: also run the integration tests on manual run.	2025-08-15 18:38:46 +02:00
Alexandre Pujol	b0c661931a	fix(build): fsp regex.	2025-08-15 18:23:05 +02:00
Alexandre Pujol	483c0c107d	build: enable re-attach disconnected path by default Ignored on Ubuntu 25.04 and abi3.0	2025-08-15 18:22:07 +02:00
Alexandre Pujol	c51943934e	feat(tunable): add x64 to @{arch}	2025-08-15 18:04:35 +02:00
Alexandre Pujol	c29b4ba536	feat(profile): various security/linter improvement - Ignore some rule from the linter - Move some bin to subprofile	2025-08-15 18:03:36 +02:00
Alexandre Pujol	aafcd1c861	feat(profile): simplify ssh home path.	2025-08-15 17:21:24 +02:00
Alexandre Pujol	3d329fdef8	feat(profile): minor profiles improvement.	2025-08-15 11:39:35 +02:00
Alexandre Pujol	6739b238ce	feat(abs): base-strict: allow communication to children and stacked profiles.	2025-08-15 11:33:29 +02:00
Alexandre Pujol	7d49a1628e	fix(abs): avahi socket path.	2025-08-15 11:32:27 +02:00
Alexandre Pujol	753d36cfa3	fix(profile): manually deny path in git Needed as `44a6bc86e6` raise merged rule with conflicting x modifiers errors.	2025-08-15 11:29:54 +02:00
Alexandre Pujol	5f368403b3	Revert "feat(tunable): add `bin` to XDG_BIN_DIR." This reverts commit `44a6bc86e6`.	2025-08-15 11:27:34 +02:00
Alexandre Pujol	9c9af1d821	feat(profile): improve integration with ubuntu.	2025-08-15 10:59:20 +02:00
Alexandre Pujol	112d54907e	feat(profile): thunderbird/firefox: move rules needed in both programs.	2025-08-15 10:53:52 +02:00
Alexandre Pujol	20546d37a0	feat(profile): fprintd needs sys_admin see #811	2025-08-15 10:51:48 +02:00
Alexandre Pujol	d09f5d055f	feat(profile): improve dbus definitions.	2025-08-15 10:51:16 +02:00
Alexandre Pujol	b90a2a89fe	feat(abs): app-open: kde opener need system id. see #811	2025-08-15 10:44:10 +02:00
Alexandre Pujol	44a6bc86e6	feat(tunable): add `bin` to XDG_BIN_DIR. So it can get allowed/denied by profile using user_bin_dirs. see #811	2025-08-15 10:43:15 +02:00
Alexandre Pujol	e2b1547bf1	feat(profile): ssh: add ssh.hmac Similar to newest version of sshd with sshd.hmac see #811	2025-08-15 10:41:26 +02:00
Alexandre Pujol	e15bd7bea0	feat(abs): improve vim integration with common editors. see #811	2025-08-15 10:40:17 +02:00
Alexandre Pujol	b1b3ee8321	feat(abs): add tty/drivers to pgrrep/pkill subprofiles. see #811	2025-08-15 10:38:15 +02:00

1 2 3 4 5 ...

3802 commits