apparmor.d

Author	SHA1	Message	Date
Alexandre Pujol	3c77da8f7d	feat(fsp): improve the systemd profiles.	2024-03-05 00:20:05 +00:00
Alexandre Pujol	c80449719e	feat(fsp): rewrite mount rules for systemd.	2024-03-05 00:18:40 +00:00
Alexandre Pujol	1699260a87	fear(fsp): expand systemd-service for more services.	2024-03-05 00:16:24 +00:00
Alexandre Pujol	8ea0964724	feat(fsp): restrict @{run} for systemd.	2024-03-04 22:02:43 +00:00
Alexandre Pujol	92a1d9f65f	feat(profile): general update.	2024-03-01 22:35:49 +00:00
Alexandre Pujol	ffb189ef65	feat(profile): general update.	2024-02-29 00:32:40 +00:00
Alexandre Pujol	cda8f30c29	feat(profile): start using the new bwrap abs.	2024-02-28 23:52:15 +00:00
Alexandre Pujol	2ea53a9dc3	feat(profile): general update.	2024-02-23 20:21:22 +00:00
Alexandre Pujol	a334b461d0	feat(fsp): update systemd related profiles.	2024-02-15 00:16:53 +00:00
Alexandre Pujol	04683eeccb	feat(profile): general update.	2024-02-11 12:44:40 +00:00
Alexandre Pujol	738f7cc0c2	feat(fsp): add intial mount rules on systemd.	2024-02-10 01:22:50 +00:00
Alexandre Pujol	309ad9e506	feat(fsp): cleanup systemd profile.	2024-02-10 01:09:27 +00:00
monsieuremre	ce85d482e9	Update systemd	2024-02-08 16:04:20 +00:00
Alexandre Pujol	2cd14aa6bb	chore: add missing and update copyright year.	2024-02-07 00:16:21 +01:00
Alexandre Pujol	c006371e5b	feat(fsp): rewrite systemd-user profile. Works fine when fsp is not enabled, still has issue in fsp mode.	2024-02-06 22:41:12 +01:00
monsieuremre	968da5518b	profile name fix (#289 )	2024-02-05 17:41:56 +00:00
Alexandre Pujol	dbbb2150e2	feat(fsp): reorganise systemd.service.	2024-02-01 18:33:19 +00:00
Alexandre Pujol	0a74d5c6fe	feat(profile): general update.	2024-02-01 13:19:19 +00:00
Alexandre Pujol	46641e6cc6	chore: update links to the documentation website.	2024-01-30 15:45:03 +00:00
Alexandre Pujol	55ae6d2b75	feat(full): improve fps setup.	2024-01-25 22:42:29 +00:00
Alexandre Pujol	7d3d01ac01	fix(fsp): conflicting x modifiers	2024-01-25 21:18:09 +00:00
Alexandre Pujol	6a81d335f8	feat(profile): general update.	2023-12-19 23:52:43 +00:00
Alexandre Pujol	f362975ce7	feat(profile): add the open_path variable.	2023-12-17 23:43:14 +00:00
Alexandre Pujol	ca85373e3a	feat(dbus): start using the new dbus directive.	2023-12-17 14:14:42 +00:00
Alexandre Pujol	ab9e1932da	feat(profiles): general update.	2023-12-12 18:29:08 +00:00
Alexandre Pujol	1cf268b770	refractor(dbus): use the new bus-{systemd,session} abstractions.	2023-12-06 21:56:59 +00:00
Alexandre Pujol	cc133e5f57	feat(profile): general update.	2023-12-06 20:00:40 +00:00
Alexandre Pujol	da3b5103e4	feat(dbus): rewrite some dbus rules (5).	2023-12-04 21:54:45 +00:00
Alexandre Pujol	60e4a01a76	feat(abs): add some files into the base abstaction.	2023-11-29 17:50:26 +00:00
Alexandre Pujol	209688fe86	feat(profile): general update.	2023-11-27 19:35:42 +00:00
Alexandre Pujol	319bea17c3	fix(full): fix pivot_root rule.	2023-11-27 18:56:39 +00:00
Alexandre Pujol	e41779f576	feat(full): add default bwrap profiles. On full system policy, use the new bwrap profile (and bwrap-app) to confine sandboxed application. It is not enabled by default as the sandbox profile is quite large. Also integrate with the gnome app that use bwrap as sandbox manager. Update other related profiles See Full system policy #252	2023-11-26 23:12:35 +00:00
Alexandre Pujol	9ab0745e2d	feat(full): add default fallback profile. See #252	2023-11-22 20:12:20 +00:00
Alexandre Pujol	23be43ebd0	feat(full): improve how systemd handle services	2023-11-22 18:42:23 +00:00
Alexandre Pujol	f43f950c90	feat(full): improve systemd-user profile.	2023-11-19 21:35:53 +00:00
Alexandre Pujol	59140f5411	feat(full): improve systemd profile. See https://apparmor.pujol.io/development/structure/#full-system-policy	2023-11-19 21:31:57 +00:00
monsieuremre	83a2a1cbf9	Full-Policy integration for Whonix/Kicksecure - And also everyone else (#249 ) * full-policy * change path * change * big fix * Delete apparmor.d/groups/_full/systemd * Update and rename full-policy to systemd	2023-11-19 20:54:09 +00:00
Alexandre Pujol	499b9e785d	feat(full): update full system structure. - Aims to be compatible with full-policy profile - Required by systemd	2023-11-09 17:27:19 +00:00
Alexandre Pujol	bb71f49598	refactor(profiles): use @{bin} and @{lib} in profiles (1)	2023-07-09 13:20:25 +01:00
Alexandre Pujol	2b61f3e82e	chore: add missing structure for full system confinment.	2023-04-19 22:05:35 +01:00
Alexandre Pujol	3349dbda7f	feat(full): systemd also need pulseaudio.	2023-03-12 15:30:44 +00:00
Alexandre Pujol	98a1a00a14	feat(profiles): add gsettings.	2023-03-12 15:30:33 +00:00
Alexandre Pujol	491d2176a8	feat(profiles): add systemd as user.	2023-02-24 20:40:04 +00:00

1 2

93 commits