felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3976 commits 5 branches 0 tags 16 MiB
Commit graph

3976 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alexandre Pujol
34cc1ab131
feat(abs): graphics: limit access to cpu sys value. 2025-09-13 00:42:10 +02:00
Alexandre Pujol
170575fbff
feat(abs): ensure graphics devices are in nvidia-strict. 2025-09-13 00:40:54 +02:00
Alexandre Pujol
26f905bcc2
feat(abs): X-strict: use tunables. 2025-09-13 00:38:34 +02:00
Alexandre Pujol
db347d13de
feat(abs): revisit and restrict the devices-usb abs. 2025-09-13 00:37:35 +02:00
Alexandre Pujol
7cf4719728
feat(abs): add the secrets-service abs. 2025-09-13 00:35:07 +02:00
Alexandre Pujol
122b004c2e
feat(abs): aff the uinput abs. 2025-09-13 00:29:29 +02:00
Alexandre Pujol
56948a54eb
feat(abs): reorganise the audio abstractions. 2025-09-13 00:03:20 +02:00
Alexandre Pujol
fda74f574f
chore(abs): add some device description. 2025-09-13 00:02:35 +02:00
doublez13
53501d8bf4 ssh: allow ssh to write to the kerberos CC when it picks up a ticket 2025-09-12 20:40:35 +02:00
doublez13
c67773947e ssh: allow ssh to authenticate to remote hosts using kerberos tickets 2025-09-12 20:40:35 +02:00
doublez13
1d2b271dfc ssh-keygen: allow execution of ssh-sk-helper 
The ssh-sk-helper  profile was added last year but never hooked into the ssh-keygen profile.

This is needed for generating SSH keys that live on a yubikey.
 2025-09-12 20:03:40 +02:00
doublez13
1540315d5c mdadm: include all config file locations 
pulled from strings
 2025-09-12 20:03:18 +02:00
doublez13
c4bad04fed mdadm 
Make the linter happy :)
 2025-09-12 20:03:18 +02:00
doublez13
0c90adb24d Update mdadm 
There were lots of missing components of mdadm.

I have a few scripts that create and tear down MD RAID arrays.  I've ran them all and added the missing entries.

Note that mdadm has the ability to run in daemon mode and send mail when an array fails. That's why it requires all the network entries.
 2025-09-12 20:03:18 +02:00
Alexandre Pujol
865bac4cc6
feat(abs): update org.freedesktop.ColorManager. 2025-09-11 23:59:07 +02:00
Alexandre Pujol
76c5586688
feat(abs): add org.freedesktop.IBus.Portal 2025-09-11 23:58:11 +02:00
Alexandre Pujol
8f0ee24000
feat(abs): add org.gtk.vfs.MountOperation 2025-09-11 23:57:10 +02:00
Alexandre Pujol
93c94836e2
feat(abs): add snapcraft dbus reference call. 2025-09-11 23:56:14 +02:00
Alexandre Pujol
fce5de8d19
feat(abs): update org.freedesktop.PackageKit 2025-09-11 23:55:29 +02:00
Alexandre Pujol
e09251d266
feat(abs): update org.freedesktop.PolicyKit1 2025-09-11 23:53:00 +02:00
Alexandre Pujol
445576fe1c
Merge branch 'main' of github.com:roddhjav/apparmor.d 
* 'main' of github.com:roddhjav/apparmor.d:
  slurp review fixes
  fix slurp
 2025-09-11 23:50:26 +02:00
Alexandre Pujol
69fcef01b7
feat(profile): add a large profile for mkosi. 2025-09-11 23:50:23 +02:00
Alexandre Pujol
e5012e381e
chore: pids means all pid. 2025-09-11 23:39:13 +02:00
Alexandre Pujol
4d7e03a9e2
feat(profile): add missing grep to locale-gen. 2025-09-11 23:34:44 +02:00
Alexandre Pujol
c7e999fe30
feat(profile): update freedesktop profiles. 2025-09-11 23:32:29 +02:00
Alexandre Pujol
d32fd03650
feat(profile): improve ibus-portal. 2025-09-11 23:30:30 +02:00
Alexandre Pujol
17eac0b62c
feat(abs): add missing dbus rule on org.freedesktop.DBus 2025-09-11 23:30:02 +02:00
Alexandre Pujol
1b97efa215
feat(abs): add org.gtk.Menus. 2025-09-11 23:27:15 +02:00
Alexandre Pujol
c7b99bb84e
feat(profile): update some core profiles. 2025-09-11 23:26:31 +02:00
Alexandre Pujol
4317538747
feat(profile): update ubuntu profiles. 2025-09-11 23:21:34 +02:00
Alexandre Pujol
e549863d4a
feat(profile): update systemd profiles. 2025-09-11 23:20:27 +02:00
Alexandre Pujol
98063fa771
feat(profile): rewrite the pacman profile. 2025-09-11 23:15:42 +02:00
Alexandre Pujol
ff8efaecd2
feat(profile): update arch profiles. 2025-09-11 23:11:25 +02:00
Alexandre Pujol
d0657d2c26
feat(profile): update network profiles. 2025-09-11 23:10:19 +02:00
Alexandre Pujol
fecb4dbca6
feat(profile): update flatpak profiles. 2025-09-11 23:06:35 +02:00
Alexandre Pujol
009fb9285d
feat(profile): update gvfsd profiles. 2025-09-11 23:05:34 +02:00
Alexandre Pujol
f69a7e7213
feat(profile): update gnome profiles. 2025-09-11 23:04:36 +02:00
Alexandre Pujol
394dc54ceb
feat(profile): update snap profiles. 2025-09-11 22:13:12 +02:00
Alexandre Pujol
b569d44703
feat(profile): update apt profiles. 2025-09-11 22:09:38 +02:00
Stoppedpuma
d9ecbdbe4b slurp review fixes 2025-09-08 17:14:49 +02:00
Stoppedpuma
aec8e413b3 fix slurp 2025-09-08 17:14:49 +02:00
Alexandre Pujol
ca1827ea12
fix: missing attach_disconnected in parrent profile while subprofile was using it. 2025-09-07 23:53:02 +02:00
Alexandre Pujol
f61f200427
build: ignore more abstraction for the server edition. 2025-09-07 23:52:11 +02:00
Alexandre Pujol
b45e1f36fe
build: add support for downstream project in some prepare tasks. 2025-09-07 22:59:00 +02:00
Alexandre Pujol
627700a152
build: set config for ubuntu 25.10 2025-09-07 22:07:31 +02:00
Alexandre Pujol
237daecedb
tests: remove prebuild main test. 
- the same is tested in the build process
- unit test is done in the prebuild pkg
 2025-09-07 22:07:03 +02:00
Alexandre Pujol
c4ebf8903e
tests(builder): cleanup build settings between tests. 2025-09-07 21:43:06 +02:00
Alexandre Pujol
6400bc725c
tests: update some unit tests to the last changes. 2025-09-07 21:20:32 +02:00
Alexandre Pujol
0ffc8f9fa6
fix: self raised linter issue. 2025-09-07 20:56:44 +02:00
doublez13
5c3c152257 Run kerberos utils in complain mode 2025-09-07 20:18:40 +02:00