felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3474 commits 5 branches 0 tags 16 MiB
Commit graph

183 commits

Author SHA1 Message Date
Alexandre Pujol
8b60e56002
feat(profile): general update. 2024-06-04 20:13:40 +01:00
Alexandre Pujol
1739c07ca1
feat(profile): general update. 2024-05-11 17:38:43 +01:00
Alexandre Pujol
239d5efe63
feat(profile): general update. 2024-05-07 16:19:29 +01:00
Alexandre Pujol
40abc98201
feat(profile): general update. 2024-05-03 18:16:12 +01:00
Alexandre Pujol
3f69b9fec4
feat(profile): use the new @{tmp} variable. 
It is only used with the owner statement.
 2024-05-02 22:12:02 +01:00
Alexandre Pujol
db87c56f37
feat(profile): general update. 2024-05-01 14:22:42 +01:00
Alexandre Pujol
01dd9ebb0c
feat(profile): general update. 2024-05-01 12:25:01 +01:00
Alexandre Pujol
900ef19cff
feat(profile): general update. 2024-04-08 19:28:10 +01:00
Alexandre Pujol
197c1bd78a
feat(profile): general update. 2024-03-27 21:53:11 +00:00
Alexandre Pujol
b88b8b8c26
refractor(abs): move common and app abstraction to their own abstractions subfolder. 
As the number of abstraction is increasing, it is valuable to separate "base" abstractions to programs specific ones.
 2024-03-27 15:11:21 +00:00
Alexandre Pujol
d8d15c8a35
feat(profile): add ghc-pkg. 2024-03-24 20:45:15 +00:00
Alexandre Pujol
cf4e47f10f
feat(profile): general update. 2024-03-15 16:07:53 +00:00
Alexandre Pujol
0ecf923fb9
feat(profile): cleanup tool available for pacman hooks. 2024-03-13 16:07:43 +00:00
Alexandre Pujol
467c38724a
feat(profile): clean superfluous openssl abstraction includes 
apparmor.d equivalent of https://gitlab.com/apparmor/apparmor/-/merge_requests/1179
 2024-03-12 16:00:44 +00:00
Alexandre Pujol
ff849b9f09
feat(profile): general update. 2024-03-05 18:00:36 +00:00
Alexandre Pujol
70963a50b6
feat(profile): start implementing systemctl subprofile instead of using child-systemctl. 2024-03-05 17:45:02 +00:00
Alexandre Pujol
c66d3bf9f4
feat(profile): general update. 2024-03-05 16:58:16 +00:00
Alexandre Pujol
7e8f854b16
feat(abs): deny apparmor/.null in the base abstraction. 2024-03-03 11:51:39 +00:00
Alexandre Pujol
92a1d9f65f
feat(profile): general update. 2024-03-01 22:35:49 +00:00
Alexandre Pujol
555b5e3c3f
feat(profile): general update. 2024-02-28 17:17:20 +00:00
Alexandre Pujol
00051bd2f0
feat(profiles): continue replacing [0-9]* by @{int}. 2024-02-26 21:10:53 +00:00
Jeroen Rijken
40b171ee94 Replace shells with new sh_path variable 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
 2024-02-21 13:56:40 +00:00
Alexandre Pujol
04683eeccb
feat(profile): general update. 2024-02-11 12:44:40 +00:00
Alexandre Pujol
2cd14aa6bb
chore: add missing and update copyright year. 2024-02-07 00:16:21 +01:00
nobody43
b376e9fade
Tunables polishing (#281) 
* adjust xorg display number

* remove wildcard from python version

* python wildcard #2

* unconventional tails

* Delete apparmor.d/groups/apps/android-studio

---------

Co-authored-by: nobody43 <nobody43@users.noreply.github.com>
 2024-01-25 12:44:47 +00:00
Alexandre Pujol
42fc4622ed
feat(profile): general update. 2024-01-21 11:56:02 +00:00
curiosityseeker
a16cbede0b
Various updates (#271) 
* Update kwin_wayland

* Update plasmashell

* Update pacman-hook-fontconfig

* Update ksplashqml

`/usr/share/qt/translations/*.qm r,` is also in the qt5 abstraction. However, it seems that all other rules therein are not needed so I didn't use that abstraction.

* Update startplasma
 2024-01-10 20:03:11 +00:00
Alexandre Pujol
e8651dc367
fix(profile): ensure pacman keyring update works. 2024-01-10 15:41:18 +00:00
Alexandre Pujol
319b976beb
feat(profile): general update. 2023-12-05 20:45:13 +00:00
Alexandre Pujol
b79a1fcd31
feat(profile): general update. 
Also include some preparation for the systemd profile.
 2023-11-19 11:08:35 +00:00
Alexandre Pujol
758991f67b
feat(profiles): general update. 2023-11-09 17:31:45 +00:00
Alexandre Pujol
e26302b155
feat(profile): general update. 2023-10-20 23:13:11 +01:00
curiosityseeker
04cae35e6e
Update pacman-key (#230) 2023-10-20 21:50:56 +00:00
Alexandre Pujol
b5fbef8eef
feat(profiles): general update. 2023-10-08 14:00:21 +01:00
Alexandre Pujol
352c444ae6
feat(profiles): general update. 2023-10-01 16:06:28 +01:00
Alexandre Pujol
6a78b17d23
feat(profiles): general update. 2023-09-15 22:01:08 +01:00
Alexandre Pujol
6db83003c7
feat(profiles): general update. 2023-09-12 22:59:07 +01:00
curiosityseeker
41525621aa
Various updates (#204) 2023-09-04 13:58:07 +00:00
curiosityseeker
c2bb733624
Various updates (#201) 2023-09-01 18:09:45 +00:00
Alexandre Pujol
75ef5ef6ad
feat(profiles): general update. 2023-08-27 14:54:04 +01:00
Alexandre Pujol
360230b2a5
feat(profiles): general update. 2023-08-21 23:32:10 +01:00
Alexandre Pujol
275d6b6e62
feat(profiles): replace old [0-9]* glob by @{int} 
Beware some [0-9]* glob are actually not proper @{int}.
 2023-08-18 17:09:53 +01:00
curiosityseeker
7b018a60bd
Update pacman (#193) 
* Update pacman

`@{exec_path} mr,` is causing the following errors:

```
ALLOWED pacman exec owner /usr/bin/pacman -> pacman//null-/usr/bin/pacman comm=bash requested_mask=x denied_mask=x
ALLOWED pacman//null-/usr/bin/pacman file_inherit owner /dev/pts/4 comm=pacman requested_mask=wr denied_mask=wr
ALLOWED pacman//null-/usr/bin/pacman file_mmap owner /usr/bin/pacman comm=pacman requested_mask=r denied_mask=r
ALLOWED pacman//null-/usr/bin/pacman file_mmap owner /usr/lib/ld-linux-x86-64.so.2 comm=pacman requested_mask=r denied_mask=r
ALLOWED pacman//null-/usr/bin/pacman open owner /etc/ld.so.preload comm=pacman requested_mask=r denied_mask=r
ALLOWED pacman//null-/usr/bin/pacman getattr owner /etc/ld.so.preload comm=pacman requested_mask=r denied_mask=r
ALLOWED pacman//null-/usr/bin/pacman open owner /etc/ld.so.cache comm=pacman requested_mask=r denied_mask=r
ALLOWED pacman//null-/usr/bin/pacman getattr owner /etc/ld.so.cache comm=pacman requested_mask=r denied_mask=r
ALLOWED pacman//null-/usr/bin/pacman open owner /usr/lib/libalpm.so.13.0.2 comm=pacman requested_mask=r denied_mask=r
ALLOWED pacman//null-/usr/bin/pacman getattr owner /usr/lib/libalpm.so.13.0.2 comm=pacman requested_mask=r denied_mask=r

etc.
```
`@{exec_path} mrix,`  fixes it. 

Commits for new profiles for `checkrebuild` and `pkgfile`  will follow.

* Fix pacman update

* Update apparmor.d/groups/pacman/pacman

Co-authored-by: Alex <roddhjav@users.noreply.github.com>

---------

Co-authored-by: Alex <roddhjav@users.noreply.github.com>
 2023-08-17 18:49:56 +00:00
Alexandre Pujol
5d47dfba95
feat(profiles): general update. 2023-08-17 18:43:56 +01:00
curiosityseeker
4894d6a3c4
Adding /dev/tty[0-9]* and /dev/pts/[0-9]* to various profiles; update kded5 and reflector (#183) 
* Update update-mime-database

* Update btrfs

* Update update-grub

* Update pacman-hook-depmod

* Update pacman

* Update systemd-sysusers

* Update lscpu

* Update pacman-hook-systemd

* Update pacman-hook-perl

* Update pacman-hook-gtk

* Update needrestart-iucode-scan-versions

* Update reflector

* Update kded5
 2023-07-27 11:23:04 +00:00
Alexandre Pujol
9c08b36182
feat(profiles): general update. 2023-07-18 22:28:30 +01:00
Alexandre Pujol
27daa7c9bb
refactor(profiles): use @{bin} and @{lib} in profiles (3) 2023-07-09 14:09:55 +01:00
Alexandre Pujol
6715564053
feat(profiles): general update. 2023-07-08 12:37:40 +01:00
curiosityseeker
10bd4973c5
General update (#172) 
* Update akonadi_mailfilter_agent

* Update plasmashell

https://github.com/roddhjav/apparmor.d/discussions/168

Adding k, to the "targets" suggested by audit.log

* Update pacman
 2023-07-04 09:55:51 +00:00
Alexandre Pujol
a98a86600a
feat(profiles): general update. 2023-06-13 17:15:37 +01:00