felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3988 commits 5 branches 0 tags 16 MiB
Commit graph

3988 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alexandre Pujol
4982ff104d
feat(profile): remove rules not needed anymore 
Moved into the nvidia-strict abs.
 2025-09-13 12:03:00 +02:00
Alexandre Pujol
bd487d1b66
fear(profile): remove profile for spectre-meltdown-checker. 2025-09-13 11:58:25 +02:00
Alexandre Pujol
31cbe5e2e9
fix(profile): revert 06d476c 
fix #855
 2025-09-13 11:33:24 +02:00
Alexandre Pujol
84f3f947cb
feat(abs): improve chromium common. 2025-09-13 01:11:18 +02:00
Alexandre Pujol
cd6bb7bd52
feat(abs): add NEEDS-VARIABLE to abs using variable. 
Will be used by aa-logprof.
 2025-09-13 01:09:31 +02:00
Alexandre Pujol
f199cfe84d
feat(abs): app: minor improvement to common app action. 2025-09-13 01:06:51 +02:00
Alexandre Pujol
ddfe75f23f
refractor(abs): move org.kde.StatusNotifierItem inside the session abs dir. 2025-09-13 01:05:02 +02:00
Alexandre Pujol
4bbe0a1a32
feat(abs): use the new secrets-service abstraction. 2025-09-13 00:55:32 +02:00
Alexandre Pujol
608ff3db0c
fix(abs): ColorManager peer name. 2025-09-13 00:50:01 +02:00
Alexandre Pujol
ad406da5de
feat(abs): add org.freedesktop.portal.Settings. 2025-09-13 00:49:08 +02:00
Alexandre Pujol
8c6b0ce33f
feat(profile): cleanup profiles using the new abs. 2025-09-13 00:47:50 +02:00
Alexandre Pujol
51bcdd5e14
feat(abs): add the input abs. 2025-09-13 00:43:40 +02:00
Alexandre Pujol
34cc1ab131
feat(abs): graphics: limit access to cpu sys value. 2025-09-13 00:42:10 +02:00
Alexandre Pujol
170575fbff
feat(abs): ensure graphics devices are in nvidia-strict. 2025-09-13 00:40:54 +02:00
Alexandre Pujol
26f905bcc2
feat(abs): X-strict: use tunables. 2025-09-13 00:38:34 +02:00
Alexandre Pujol
db347d13de
feat(abs): revisit and restrict the devices-usb abs. 2025-09-13 00:37:35 +02:00
Alexandre Pujol
7cf4719728
feat(abs): add the secrets-service abs. 2025-09-13 00:35:07 +02:00
Alexandre Pujol
122b004c2e
feat(abs): aff the uinput abs. 2025-09-13 00:29:29 +02:00
Alexandre Pujol
56948a54eb
feat(abs): reorganise the audio abstractions. 2025-09-13 00:03:20 +02:00
Alexandre Pujol
fda74f574f
chore(abs): add some device description. 2025-09-13 00:02:35 +02:00
doublez13
53501d8bf4 ssh: allow ssh to write to the kerberos CC when it picks up a ticket 2025-09-12 20:40:35 +02:00
doublez13
c67773947e ssh: allow ssh to authenticate to remote hosts using kerberos tickets 2025-09-12 20:40:35 +02:00
doublez13
1d2b271dfc ssh-keygen: allow execution of ssh-sk-helper 
The ssh-sk-helper  profile was added last year but never hooked into the ssh-keygen profile.

This is needed for generating SSH keys that live on a yubikey.
 2025-09-12 20:03:40 +02:00
doublez13
1540315d5c mdadm: include all config file locations 
pulled from strings
 2025-09-12 20:03:18 +02:00
doublez13
c4bad04fed mdadm 
Make the linter happy :)
 2025-09-12 20:03:18 +02:00
doublez13
0c90adb24d Update mdadm 
There were lots of missing components of mdadm.

I have a few scripts that create and tear down MD RAID arrays.  I've ran them all and added the missing entries.

Note that mdadm has the ability to run in daemon mode and send mail when an array fails. That's why it requires all the network entries.
 2025-09-12 20:03:18 +02:00
Alexandre Pujol
865bac4cc6
feat(abs): update org.freedesktop.ColorManager. 2025-09-11 23:59:07 +02:00
Alexandre Pujol
76c5586688
feat(abs): add org.freedesktop.IBus.Portal 2025-09-11 23:58:11 +02:00
Alexandre Pujol
8f0ee24000
feat(abs): add org.gtk.vfs.MountOperation 2025-09-11 23:57:10 +02:00
Alexandre Pujol
93c94836e2
feat(abs): add snapcraft dbus reference call. 2025-09-11 23:56:14 +02:00
Alexandre Pujol
fce5de8d19
feat(abs): update org.freedesktop.PackageKit 2025-09-11 23:55:29 +02:00
Alexandre Pujol
e09251d266
feat(abs): update org.freedesktop.PolicyKit1 2025-09-11 23:53:00 +02:00
Alexandre Pujol
445576fe1c
Merge branch 'main' of github.com:roddhjav/apparmor.d 
* 'main' of github.com:roddhjav/apparmor.d:
  slurp review fixes
  fix slurp
 2025-09-11 23:50:26 +02:00
Alexandre Pujol
69fcef01b7
feat(profile): add a large profile for mkosi. 2025-09-11 23:50:23 +02:00
Alexandre Pujol
e5012e381e
chore: pids means all pid. 2025-09-11 23:39:13 +02:00
Alexandre Pujol
4d7e03a9e2
feat(profile): add missing grep to locale-gen. 2025-09-11 23:34:44 +02:00
Alexandre Pujol
c7e999fe30
feat(profile): update freedesktop profiles. 2025-09-11 23:32:29 +02:00
Alexandre Pujol
d32fd03650
feat(profile): improve ibus-portal. 2025-09-11 23:30:30 +02:00
Alexandre Pujol
17eac0b62c
feat(abs): add missing dbus rule on org.freedesktop.DBus 2025-09-11 23:30:02 +02:00
Alexandre Pujol
1b97efa215
feat(abs): add org.gtk.Menus. 2025-09-11 23:27:15 +02:00
Alexandre Pujol
c7b99bb84e
feat(profile): update some core profiles. 2025-09-11 23:26:31 +02:00
Alexandre Pujol
4317538747
feat(profile): update ubuntu profiles. 2025-09-11 23:21:34 +02:00
Alexandre Pujol
e549863d4a
feat(profile): update systemd profiles. 2025-09-11 23:20:27 +02:00
Alexandre Pujol
98063fa771
feat(profile): rewrite the pacman profile. 2025-09-11 23:15:42 +02:00
Alexandre Pujol
ff8efaecd2
feat(profile): update arch profiles. 2025-09-11 23:11:25 +02:00
Alexandre Pujol
d0657d2c26
feat(profile): update network profiles. 2025-09-11 23:10:19 +02:00
Alexandre Pujol
fecb4dbca6
feat(profile): update flatpak profiles. 2025-09-11 23:06:35 +02:00
Alexandre Pujol
009fb9285d
feat(profile): update gvfsd profiles. 2025-09-11 23:05:34 +02:00
Alexandre Pujol
f69a7e7213
feat(profile): update gnome profiles. 2025-09-11 23:04:36 +02:00
Alexandre Pujol
394dc54ceb
feat(profile): update snap profiles. 2025-09-11 22:13:12 +02:00