felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3512 commits 5 branches 0 tags 16 MiB
Commit graph

3512 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alexandre Pujol
1ca12d173f ci: only run integration tests on dev branch. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
8c591c90ab feat(profile): journalctl minor improvments. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
e75d1729c1 fix(tunable): remove vimtutor to the list of editors. 
#678
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
80f5c50f13 feat(profile): ensure flatpak can handle chromium based software. 
fix  #715
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
c008cbda67 feat(profile): add profile for most of udev internat scripts 
Required by FSP.
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
379a093b10 feat(fsp): small improvment to systemd profiles. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
63e2b9372b fix: snap access to cgroup. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
69aa16625b feat(profile): add support for gimp 3.0 
fix #656
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
5e38394986 fix(profile): snap: simplify cgroup access. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
cd890bb81b feat(profile): minor improvement & update. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
e61529bd04 feat(profile): add integration with role profiles. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
5760ba4e48 feat(abs): fusermount: add mount, umount to fusermount. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
0860667d28 fix(profile): spotify needs to read usb. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
35d42038fd feat(abs): add abstraction for ansible. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
c32884ddeb feat(profile): add base mappings definition. 
Used by profiles before to confine pre login script bfore transitionning to user hat.

It should only be enabled when mapping is enabled as otherwise the shell is not confined.
 2025-04-13 22:46:53 +02:00
Alexandre Pujol
6d2147582e build: add mappings to the list of directories without profile files. 2025-04-13 22:46:53 +02:00
Alexandre Pujol
5775721e55
build: default target to apparmor 4.1 2025-04-13 12:12:45 +02:00
Alexandre Pujol
305c2e344f
fix: trailing whitespace. 2025-04-07 22:55:47 +02:00
Alexandre Pujol
ca381c4f07
feat(profile): update aa-notify for apparmor 4.1 2025-04-07 22:50:09 +02:00
beroal
2bc55822d0
Briar: lyrebird, sound (#714) 
* initial

* abi 4 to 3

* abi 3 to 4
 2025-04-07 20:13:46 +00:00
Alexandre Pujol
4c67b21bf3
feat(profile): finish using variable instead of [0-9]. 2025-04-06 20:56:39 +02:00
Alexandre Pujol
26d0797a07
fix(ci): add back the integration command in make. 2025-04-06 20:39:41 +02:00
Alexandre Pujol
ead2f4e40b
Revert "fix: remove wip workarroind in gstreamer abs." 
This reverts commit 75a8ef2906.
 2025-04-06 16:07:51 +02:00
Alexandre Pujol
8b99a0bdff
fix(ci): disable vcs information on Ubuntu. 2025-04-06 16:04:04 +02:00
Alexandre Pujol
c391bdefc1
feat(tunable): add editor_ui variables. 2025-04-06 15:49:15 +02:00
Alexandre Pujol
99df9cec51
fix(build): fsp configuration. 2025-04-06 15:39:48 +02:00
Alexandre Pujol
89fca6d9cf
feat(profile): update pam-tmpdir-helper path. 2025-04-06 15:31:10 +02:00
Alexandre Pujol
1009de7e6c
feat(abs): add the fusermount abstraction. 2025-04-06 15:30:10 +02:00
Alexandre Pujol
9aaf109383
feat(aa-log): improve log to rule conversion. 2025-04-06 14:51:00 +02:00
Alexandre Pujol
75a8ef2906
fix: remove wip workarroind in gstreamer abs. 2025-04-06 14:47:55 +02:00
Alexandre Pujol
9e9036b86d
fix: revert to CopyTo to handle overwrite. 2025-04-06 14:47:01 +02:00
Alexandre Pujol
99f5ed5901
fix: remove now unused variable. 2025-04-06 00:18:01 +02:00
Alexandre Pujol
f12f684eb1
build: remove some old makefile command now handled in the Justfile. 2025-04-05 23:50:47 +02:00
Alexandre Pujol
f86eb8c27c
build: ensure arch pkg can be build inside an OCI container. 2025-04-05 23:42:39 +02:00
Alexandre Pujol
feaf61fb0b
feat(profile): various small improvment. 2025-04-05 22:46:19 +02:00
Alexandre Pujol
6b5e586d83
feat(abs): limit number of tty 
Up to 64 tty and 2048 pts.
 2025-04-05 22:39:45 +02:00
Alexandre Pujol
60a050ff17
doc: update minimum go version. 2025-04-05 22:04:48 +02:00
Alexandre Pujol
984679c7cd
fix(tests): do not run vim inside CI job 2025-04-05 22:01:26 +02:00
Alexandre Pujol
8d1571a93b
build(arch): start using just in the PKGBUILD. 2025-04-05 21:59:43 +02:00
Alexandre Pujol
4bd415d260
chore(build): cleanup the justfile. 2025-04-05 21:50:18 +02:00
Alexandre Pujol
d5e70ca994
fix(test): various integration improvments. 2025-04-05 21:43:55 +02:00
Alexandre Pujol
8d71574e4d
build: improve the use of attached/base. 2025-04-05 21:31:51 +02:00
Alexandre Pujol
ea022725be
fix(ci): ensure systemd unit are reloaded. 2025-04-05 20:56:22 +02:00
Alexandre Pujol
7d6f68a95e
feat(abs): automatically use the attached consoles. 2025-04-05 20:55:29 +02:00
Alexandre Pujol
b532929f5d
fix(ci): ensure dbus session is confined during tests 2025-04-05 19:19:56 +02:00
Alexandre Pujol
9b8348181c
fix(tests): disable apt tests 2025-04-05 18:55:03 +02:00
Alexandre Pujol
5fb5d03512
feat(abs): ensure attached/consoles is not used manually. 2025-04-05 15:00:08 +02:00
Alexandre Pujol
c2b9f21d85
feat(profile): improve attached paths definition. 2025-04-05 00:38:47 +02:00
Alexandre Pujol
22a214ca1b
feat(abs): add attached dbus path. 2025-04-05 00:32:16 +02:00
Alexandre Pujol
8f7b9e50dd
fix(ci): pkg name. 2025-04-05 00:28:25 +02:00