felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2839 commits 5 branches 0 tags 16 MiB
Commit graph

2066 commits

Author SHA1 Message Date
REmerald
46008e4edb fix(gvfsd-fuse): add abstractions/nameservice-strict 2024-06-06 11:48:28 +01:00
REmerald
ac86b5ac78 fix(gvfsd): add abstractions/nameservice-strict 2024-06-06 11:48:28 +01:00
REmerald
d1ec0b90fc fix(xdg-permission-store): add abstractions/nameservice-strict and @{HOME}/.local/ 2024-06-06 11:47:38 +01:00
REmerald
2ea558c146 fix(xdg-document-portal): use abstractions/nameservice-strict 2024-06-06 11:41:46 +01:00
REmerald
11e05037c3 fix(xdg-document-portal): add /etc/nsswitch.conf, /etc/passwd 2024-06-06 11:41:46 +01:00
valoq
0565558fe0 complete atool 2024-06-06 11:40:18 +01:00
REmerald
e937eabd4e fix(nm-dispatcher): add modem-manager-gui 2024-06-06 11:39:04 +01:00
REmerald
8f05f02356 fix(systemd-oomd): shorten paths 2024-06-06 11:38:21 +01:00
REmerald
281768667a fix(systemd-oomd): change to {,**/} 2024-06-06 11:38:21 +01:00
REmerald
6801ae1e0c fix(systemd-oomd): make org.a11y.atspi.Registry.slice as in apparmor.d/groups/gnome/epiphany-search-provider 2024-06-06 11:38:21 +01:00
REmerald
5a8510a1f7 fix(systemd-oomd): add cgroup/system.slice/ and app-dbus* paths 2024-06-06 11:38:21 +01:00
REmerald
37d0a36763 fix(polkit-gnome-authentication-agent): include dconf-write 2024-06-06 11:37:53 +01:00
Alexandre Pujol
8b60e56002
feat(profile): general update. 2024-06-04 20:13:40 +01:00
Alexandre Pujol
13d3b23a04
fix(opensuse): ensure integration on opensuse. 2024-06-04 19:52:56 +01:00
REmerald
c40c3e1c98 fix(lspci): add /run/modprobe.d 2024-06-03 21:19:10 +01:00
REmerald
789ba3836e fix(kmod): add /run/modprobe.d 2024-06-03 19:09:46 +01:00
Alexandre Pujol
951bf6a840
Merge branch 'main' of github.com:roddhjav/apparmor.d 
* 'main' of github.com:roddhjav/apparmor.d:
  fix(systemd-oomd): add `app.slice` and `session.slice` paths
  polkit-kde-authentication-agent update (#345)
  add multiple profiles (#341)
 2024-06-03 19:06:35 +01:00
Alexandre Pujol
ff16790421
feat(abs): general update. 2024-06-03 18:37:12 +01:00
Alexandre Pujol
a1fe682e7a
feat(profile): update btop. 2024-06-03 18:34:55 +01:00
REmerald
f9442e8258 fix(systemd-oomd): add app.slice and session.slice paths 2024-06-03 17:52:34 +01:00
curiosityseeker
8dff2ddd72
polkit-kde-authentication-agent update (#345) 
* Update polkit-kde-authentication-agent

needs mediate_deleted

* Update main.flags

* Update polkit-kde-authentication-agent

* Update polkit-kde-authentication-agent
 2024-06-02 20:19:43 +00:00
valoq
bb772167f0
add multiple profiles (#341) 
* add multiple profiles
 2024-05-31 10:47:01 +00:00
Alexandre Pujol
45ae8f5d27
feat(abs): add pgrep. 2024-05-30 21:08:03 +01:00
Alexandre Pujol
3f688be7a0
feat(profile): general update. 2024-05-30 21:03:39 +01:00
Alexandre Pujol
89abbae6bd
Merge branch 'feat/aa' 
Improve go apparmor lib.

* aa: (62 commits)
  feat(aa): handle appending value to defined variables.
  chore(aa): cosmetic.
  fix: userspace prebuild test.
  chore: cleanup unit test.
  feat(aa): improve log conversion.
  feat(aa): move conversion function to its own file & add unit tests.
  fix: go linter issue & not defined variables.
  tests(aa): improve aa unit tests.
  tests(aa): improve rules unit tests.
  feat(aa): ensure the prebuild jobs are working.
  feat(aa): add more unit tests.
  chore(aa): cleanup.
  feat(aa): Move sort, merge and format methods to the rules interface.
  feat(aa): add the hat template.
  feat(aa): add the Kind struct to manage aa rules.
  feat(aa): cleanup rules methods.
  feat(aa): add function to resolve include preamble.
  feat(aa): updaqte mount flags order.
  feat(aa): update default tunable selection.
  feat(aa): parse apparmor preamble files.
  ...
 2024-05-30 19:29:34 +01:00
fira959
d12db8a8dc
Minor improvements (#336) 
* Update audio-client

* Update mpv

* Update mutt

add common mail dir

* Update apparmor.d

* Update mutt

* Update mutt

* Update mutt

* Update mutt

* Update mutt
 2024-05-30 17:51:57 +00:00
Alexandre Pujol
bc216176a3
fix: go linter issue & not defined variables. 2024-05-30 12:28:12 +01:00
curiosityseeker
adccd0066a
Fix typo in @{text_edirors} (#338) 
* Fix typo in multiarch.d/programs

* Fix typo in multirach.d/paths

* Fix typo in abstractions/app-open
 2024-05-29 20:41:23 +00:00
curiosityseeker
94d9570230
Firefox: using stacking for glxtest and vaapitest (#337) 
The current implementation results in the following errors for the Firefox profile:

 @{lib}/firefox/glxtest rix -> firefox-glxtest,  # no new privs

@{lib}/firefox/vaapitest rix -> firefox-vaapitest,   # no new privs

Using stacking as suggested on https://apparmor.pujol.io/development/structure/#no-new-privileges gets rid of these errors.
 2024-05-29 20:41:01 +00:00
Alexandre Pujol
c785b41451
feat(profile): general update. 2024-05-18 22:35:05 +01:00
Alexandre Pujol
7d1380530a
feat(profile): update steam profiles. 
- Still a wip stage
- Not shipped by default
 2024-05-18 15:02:20 +01:00
Alexandre Pujol
5e6af16580
feat(profile): small improvment on systemd profiles. 2024-05-18 13:09:25 +01:00
fira959
d40812ec2f
Profile fixes (#334) 
* Update discord

fix path

* Update signal-desktop-chrome-sandbox

* Update signal-desktop
 2024-05-17 11:44:15 +00:00
doublez13
9349baaff4 vipw-vigr: Use editor abstraction 2024-05-16 15:44:29 +01:00
doublez13
ce329175da pass: Use editor abstraction 2024-05-16 15:44:29 +01:00
doublez13
a291ce373a git: Use editor abstraction 2024-05-16 15:44:29 +01:00
doublez13
192d227c50 crontab: Use editor abstraction 2024-05-16 15:44:29 +01:00
doublez13
98ea2fa47b apt: Use editor abstraction 2024-05-16 15:44:29 +01:00
doublez13
4256e11492 editor abstraction: minor additions 
Add any one-off rules covered in the other editor profiles before converting those to the abstraction.
 2024-05-16 15:44:29 +01:00
fira959
f86b305a66
Update discord profile (#332) 
---------

Co-authored-by: Alex <roddhjav@users.noreply.github.com>
 2024-05-16 10:33:24 +00:00
Alexandre Pujol
41b814675b
fix: syntax error. 2024-05-15 23:53:17 +01:00
Alexandre Pujol
58e458f4ab
feat(profile): add the app/firefox abstraction. 2024-05-15 23:13:23 +01:00
Alexandre Pujol
f5ac8cd4a1
feat(profile): improve dbus rule in chromium based profiles. 2024-05-15 23:07:05 +01:00
Alexandre Pujol
ad960d477b
feat(profile): replace former regex by the new @{user} variable. 2024-05-15 17:22:20 +01:00
Alexandre Pujol
407c71b133
feat(profile): modernize a few app profiles. 2024-05-15 14:50:50 +01:00
fira959
acd6a9794d
Update signal-desktop (#331) 
* Update signal-desktop

* Update signal-desktop-chrome-sandbox

* Update signal-desktop

* Update apparmor.d/groups/apps/signal-desktop

Co-authored-by: Alex <roddhjav@users.noreply.github.com>

* Update signal-desktop

---------

Co-authored-by: Alex <roddhjav@users.noreply.github.com>
 2024-05-14 21:54:31 +00:00
Alexandre Pujol
855f25da9b
feat(tunable): add hex38. 2024-05-14 12:55:57 +01:00
Alexandre Pujol
7b25ed1913
Merge branch 'main' of github.com:roddhjav/apparmor.d 
* 'main' of github.com:roddhjav/apparmor.d:
  Task: Update abstraction path
  Mutt: Update abstraction path
  Update and move abstractions/editor to abstractions/app/editor
  Task: Use editor abstraction
  Mutt: Use editor abstraction
  Create editor abstraction
 2024-05-13 20:37:12 +01:00
Alexandre Pujol
00fd9ddec1
feat(profile): add iceauth 2024-05-13 20:36:46 +01:00
Alexandre Pujol
8f102dea0a
feat(profile): general update. 2024-05-13 20:35:11 +01:00