felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3996 commits 5 branches 0 tags 16 MiB
Commit graph

1812 commits

Author SHA1 Message Date
Alexandre Pujol
5e38394986 fix(profile): snap: simplify cgroup access. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
cd890bb81b feat(profile): minor improvement & update. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
e61529bd04 feat(profile): add integration with role profiles. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
5760ba4e48 feat(abs): fusermount: add mount, umount to fusermount. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
305c2e344f
fix: trailing whitespace. 2025-04-07 22:55:47 +02:00
Alexandre Pujol
ca381c4f07
feat(profile): update aa-notify for apparmor 4.1 2025-04-07 22:50:09 +02:00
Alexandre Pujol
4c67b21bf3
feat(profile): finish using variable instead of [0-9]. 2025-04-06 20:56:39 +02:00
Alexandre Pujol
c391bdefc1
feat(tunable): add editor_ui variables. 2025-04-06 15:49:15 +02:00
Alexandre Pujol
1009de7e6c
feat(abs): add the fusermount abstraction. 2025-04-06 15:30:10 +02:00
Alexandre Pujol
feaf61fb0b
feat(profile): various small improvment. 2025-04-05 22:46:19 +02:00
Alexandre Pujol
d5e70ca994
fix(test): various integration improvments. 2025-04-05 21:43:55 +02:00
Alexandre Pujol
b532929f5d
fix(ci): ensure dbus session is confined during tests 2025-04-05 19:19:56 +02:00
Alexandre Pujol
5fb5d03512
feat(abs): ensure attached/consoles is not used manually. 2025-04-05 15:00:08 +02:00
Alexandre Pujol
c2b9f21d85
feat(profile): improve attached paths definition. 2025-04-05 00:38:47 +02:00
Alexandre Pujol
2e79406127
feat(profile): allow dbus to receive failure. 2025-03-30 21:31:33 +02:00
Alexandre Pujol
41ff05369d
fix(profile): integration tests. 2025-03-30 21:07:47 +02:00
Alexandre Pujol
86759f2ef1
feat(profile): update docker profiles. 2025-03-30 21:04:05 +02:00
Alexandre Pujol
c80c82fda2
fix(profile): integration tests. 2025-03-30 19:42:59 +02:00
Alexandre Pujol
71a8bf6be8
feat(profile): improve signal across profiles. 2025-03-30 18:54:27 +02:00
Alexandre Pujol
73e3ac6cbd
feat(profile): snap: improve update-ns. 2025-03-30 18:50:16 +02:00
Alexandre Pujol
e73ea12cea
feat(profile): aa-log - move call to journalctl to a subprofile. 2025-03-30 18:31:25 +02:00
Alexandre Pujol
fbbf68f0ee
feat(profile): udiskd needs ipc_lock. 2025-03-30 18:30:24 +02:00
Alexandre Pujol
1751a9997c
fix(profile): integration tests. 2025-03-30 18:28:50 +02:00
Alexandre Pujol
5975c7f250
feat(profile): add ufw-init. 2025-03-30 17:12:25 +02:00
Alexandre Pujol
3ffcc533b4
feat(profile): allow pacman to pwd anywhere. 2025-03-30 16:36:24 +02:00
Alexandre Pujol
735f5de518
feat(profile): general update. 2025-03-30 16:27:41 +02:00
Alexandre Pujol
414d8a3a47
feat(profile): update flatpak profiles. 2025-03-29 13:05:56 +01:00
Alexandre Pujol
2e5c860f0d
feat(profile): docker: add git & init subprofile. 2025-03-28 23:33:12 +01:00
Alexandre Pujol
fbb71fb47b
fix(profile): thunar 
fix #704
 2025-03-28 18:16:42 +01:00
Alexandre Pujol
7562f87d9d
fix(profile): flatpak 
fix #710
 2025-03-28 17:56:46 +01:00
Alexandre Pujol
921503f514
feat(profile): small improvment on UI profiles. 2025-03-24 22:00:54 +01:00
Alexandre Pujol
c53c236648
feat(profile): improve gnome profiles. 2025-03-24 22:00:54 +01:00
Alexandre Pujol
dd129c1a03
feat(profile): minor kde improvments. 2025-03-24 22:00:54 +01:00
Alexandre Pujol
28111ab9a5
feat(profile): update gvfsd. 2025-03-24 22:00:54 +01:00
remph
8730fa55e5 Various fixes 
* nvidia-strict: nvidia libraries get argv from /proc/self
* iwd:
  * sends lots of UDP on packet sockets
  * writes to accept_ra and optimistic_dad
  * DNS daemons other than systemd-resolvd may require iwd to use resolvconf
* lynx: now handles brotli'd HTML as well as gzipped
 2025-03-23 16:36:37 +01:00
EliasTheGrandMasterOfMistakes
f1f84045fc wirepumbler: Allow access to /dev/udmabuf 2025-03-23 16:34:59 +01:00
Alexandre Pujol
d44001b71f
feat(profile): snap - ensure snap profile can all rm their own lib_dirs. 2025-03-23 16:33:18 +01:00
Alexandre Pujol
a5385c594a
fix(profile): cosmetic. 2025-03-23 16:28:55 +01:00
Alexandre Pujol
0fce2e526d
Merge branch 'xfce' of github.com:nobody43/apparmor.d into nobody43-xfce 
* 'xfce' of github.com:nobody43/apparmor.d:
  xfce, fixes
  Adapt to RO root
  xfce, flags
  xfce, proper abi
  xfce, new profiles
  xfce, updates
 2025-03-23 16:18:46 +01:00
Alexandre Pujol
7ef841716e
fix(profile): ensure kde-powerdevil can read card state 
see #675
 2025-03-23 15:52:12 +01:00
Alexandre Pujol
21dfc6ea26
feat(profile): improve kde profiles. 
fix #676
 2025-03-23 15:35:27 +01:00
Alexandre Pujol
7684de3459
fix(profile): integration fix. 2025-03-23 15:27:00 +01:00
Alexandre Pujol
291713d902
feat(profile): add nvidia-uvm to the gstreamer abs. 
- Needed internally by multiqueue
- Lots of program using gstreamer was requiring it
 2025-03-23 15:24:05 +01:00
Alexandre Pujol
acf423fd86
feat(profile): add support for qemu-img in gnome-boxes 
fix #698
 2025-03-23 14:19:02 +01:00
Alexandre Pujol
5e225ed0ec
feat(fsp): small improvments. 2025-03-23 14:16:31 +01:00
Alexandre Pujol
46b0b19d5b
fix(profile): various fixes. 2025-03-23 14:08:50 +01:00
Alexandre Pujol
054b723255
feat(profile): improve core snap profiles. 2025-03-23 13:44:50 +01:00
Alexandre Pujol
41757ec4e4
feat(profile): remove now automatically added internal dbus rules. 2025-03-23 13:40:45 +01:00
Alexandre Pujol
ec04495c4a
feat(profile): update for ubuntu/debian based systems. 2025-03-20 00:34:24 +01:00
Alexandre Pujol
bd9ab55bf0
feta(profile): remove the now duplicated @{bin}/perl r. 2025-03-18 23:10:38 +01:00