felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2531 commits 5 branches 0 tags 16 MiB
Commit graph

1189 commits

Author SHA1 Message Date
Alexandre Pujol
dd1d9107e8
feat(profile): general update. 2023-12-03 16:57:50 +00:00
Alexandre Pujol
1edf507abf
feat(dbus): rewrite some dbus rules (4). 2023-12-03 16:53:25 +00:00
Alexandre Pujol
2af165403a
feat(dbus): rewrite some dbus rules (3). 2023-12-02 16:05:40 +00:00
Alexandre Pujol
505770cd5a
feat(dbus): rewrite some dbus rules (2). 2023-12-01 21:53:09 +00:00
Alexandre Pujol
6d1ff256af
feat(dbus): rewrite some dbus rules (1). 2023-12-01 20:58:21 +00:00
Alexandre Pujol
d6888a65c4
feat(dbus): add initial polkit abstraction. 2023-12-01 20:42:41 +00:00
Alexandre Pujol
7f38dd255e
feat(profile): general update. 2023-12-01 13:22:45 +00:00
Alexandre Pujol
952ef478c0
fix(profile): brave-sandbox lib_dirs path. 
See: #255
 2023-12-01 11:13:34 +00:00
Alexandre Pujol
4382a34b9e
feat(profile): add rfkill on networkd. 
See #256
 2023-12-01 11:09:46 +00:00
Alexandre Pujol
d75fa9bbd5
feat(dbus): dbus rules cleanup (3) 2023-11-30 23:20:29 +00:00
Alexandre Pujol
cd391bae01
feat(dbus): dbus rules cleanup (2) 2023-11-30 22:42:49 +00:00
Alexandre Pujol
8a49f2ebe1
feat(dbus): dbus rules cleanup (1) 
- move common rule to abs
- ensure peer name or label are always present
- try to make rule more standard/easier to read
 2023-11-30 22:39:44 +00:00
Alexandre Pujol
9517800a9d
feat(dbus): simple dbus rules cleaning. 2023-11-30 21:32:50 +00:00
Alexandre Pujol
dd06e3da65
feat(profile): modernise the calibre profile. 2023-11-30 21:25:41 +00:00
Alexandre Pujol
796cf32076
feat(profile): better kde integration. 
See #237
 2023-11-30 19:04:59 +00:00
Alexandre Pujol
c27ec457d0
feat(profile): cleanup some dbus path/interfaces 2023-11-30 00:29:37 +00:00
Alexandre Pujol
459fe7c905
feat(profile): use the new bus/atspi abstraction in the profiles. 2023-11-30 00:22:34 +00:00
Alexandre Pujol
5af4d3c921
fix(profiles): modernise plank & kstart 
- Still wip profile
- Should enable additional DE to boot
 2023-11-29 22:29:41 +00:00
Alexandre Pujol
f06f01a36a
Merge branch 'feat/update' of https://github.com/Jeroen0494/apparmor.d into Jeroen0494-feat/update 
* 'feat/update' of https://github.com/Jeroen0494/apparmor.d:
  signal to socket
  Add kstart, XDG KDE updates
  Plank profile
  containerd and KDE updates
 2023-11-29 22:20:29 +00:00
Alexandre Pujol
60e4a01a76
feat(abs): add some files into the base abstaction. 2023-11-29 17:50:26 +00:00
Alexandre Pujol
34630b2adf
fix(profile): private-files abs already included in private-files-strict. 
See c8fd896
 2023-11-28 11:04:26 +00:00
Alexandre Pujol
209688fe86
feat(profile): general update. 2023-11-27 19:35:42 +00:00
Alexandre Pujol
c8fd896a0b
feat(profile): add nautilus previewer. 2023-11-27 19:26:13 +00:00
Alexandre Pujol
4c689dbad9
feat(profile): add gdm init profiles. 2023-11-27 19:25:34 +00:00
Alexandre Pujol
b8c2380da4
feat(profile): add epiphany providers. 2023-11-27 19:23:35 +00:00
Alexandre Pujol
52278490ab
feat(profile): general update. 2023-11-27 19:00:18 +00:00
Alexandre Pujol
319bea17c3
fix(full): fix pivot_root rule. 2023-11-27 18:56:39 +00:00
Alexandre Pujol
e41779f576
feat(full): add default bwrap profiles. 
On  full system policy, use the new bwrap profile (and bwrap-app) to confine sandboxed application.
It is not enabled by default as the sandbox profile is quite large.

Also integrate with the gnome app that use bwrap as sandbox manager.

Update other related profiles

See Full system policy #252
 2023-11-26 23:12:35 +00:00
Alexandre Pujol
d8ff8c8cd6
feat(kde): add some kde profiles. 2023-11-26 23:07:02 +00:00
Alexandre Pujol
c2bc6f26ae
feat(profile): update kde profiles. 2023-11-26 23:05:01 +00:00
Alexandre Pujol
8250e202a0
feat(profile): general update. 2023-11-26 21:24:40 +00:00
Alexandre Pujol
cd1de59aad
feat(abs): improve audio abstraction. 2023-11-24 18:17:26 +00:00
Alexandre Pujol
ef1023156e
feat(profile): minor kde improvment on opensuse. 
see #208
 2023-11-23 11:19:38 +00:00
Alexandre Pujol
31bc5a6053
feat(profiles): general update. 2023-11-22 21:37:09 +00:00
Alexandre Pujol
e247a3949e
feat(systemd): add initial version of all missing generator. 2023-11-22 20:55:01 +00:00
Alexandre Pujol
07acb8043b
feat(profiles): rename all systemd generator. 2023-11-22 20:51:10 +00:00
Alexandre Pujol
ba1cad7f73
feat(profile): improve child-open. 2023-11-22 20:12:59 +00:00
Alexandre Pujol
9ab0745e2d
feat(full): add default fallback profile. 
See #252
 2023-11-22 20:12:20 +00:00
Alexandre Pujol
da51cdba64
feat(profiles): improve freedesktop profiles. 2023-11-22 20:07:31 +00:00
Alexandre Pujol
6c6646e1f6
feat(profiles): minor kde additions. 2023-11-22 20:06:39 +00:00
Alexandre Pujol
ae99433595
feat(full): simplify the service profiles. 2023-11-22 20:04:17 +00:00
Alexandre Pujol
04513af863
feat: cleanup child-systemctl 2023-11-22 18:43:43 +00:00
Alexandre Pujol
23be43ebd0
feat(full): improve how systemd handle services 2023-11-22 18:42:23 +00:00
Alexandre Pujol
908aba0385
feat(profiles): add some ubuntu specific profiles. 2023-11-19 21:42:31 +00:00
Alexandre Pujol
e29e839c62
feat(profiles): update apt related profiles. 2023-11-19 21:40:12 +00:00
Alexandre Pujol
07e7810d15
feat(full): add some services profile. 2023-11-19 21:39:36 +00:00
Alexandre Pujol
f43f950c90
feat(full): improve systemd-user profile. 2023-11-19 21:35:53 +00:00
Alexandre Pujol
59140f5411
feat(full): improve systemd profile. 
See https://apparmor.pujol.io/development/structure/#full-system-policy
 2023-11-19 21:31:57 +00:00
monsieuremre
83a2a1cbf9
Full-Policy integration for Whonix/Kicksecure - And also everyone else (#249) 
* full-policy

* change path

* change

* big fix

* Delete apparmor.d/groups/_full/systemd

* Update and rename full-policy to systemd
 2023-11-19 20:54:09 +00:00
Alexandre Pujol
88555a12d0
feat(profiles): add initial userns rule. 
Require apparmor 4 to be enabled.
 2023-11-19 11:19:24 +00:00