apparmor.d

Author	SHA1	Message	Date
Alexandre Pujol	4dba131fb3	feat(profile): parser: move sysctl to its own subprofile.	2025-08-17 17:16:24 +02:00
Alexandre Pujol	7e79d5abef	feat(profile): improve support for ubuntu & kubuntu.	2025-08-17 17:15:24 +02:00
Alexandre Pujol	523522dd1d	feat(profile): improve kde profiles.	2025-08-17 17:05:38 +02:00
Alexandre Pujol	edc2755d61	feat(profile): kde: add initial dbus definition.	2025-08-17 17:03:17 +02:00
Alexandre Pujol	4e70cb4c91	fix(profile): workaround in apparmor issue for attached path. See https://gitlab.com/apparmor/apparmor/-/issues/450 Fix #815	2025-08-17 11:57:36 +02:00
Alexandre Pujol	52e9ae9fd6	fix(profile): define missing domain.	2025-08-17 00:29:21 +02:00
Alexandre Pujol	e55ace4e0a	fix(profile): issue with re-attached paths - Add missing att on some profiles - Fix alias / -> // - Fix aa-log att variable resolution fix #813 #814	2025-08-17 00:07:53 +02:00
Alexandre Pujol	5ee999536c	feat(abs): reorganize the electron & chromium abs.	2025-08-16 19:23:33 +02:00
Alexandre Pujol	f5a4acd37e	feat(abs): graphics: add cpu_capacity	2025-08-16 19:13:59 +02:00
Alexandre Pujol	be341a4ca8	feat(profile): syncthing 2.0 uses sqlite.	2025-08-15 18:43:21 +02:00
Alexandre Pujol	483c0c107d	build: enable re-attach disconnected path by default Ignored on Ubuntu 25.04 and abi3.0	2025-08-15 18:22:07 +02:00
Alexandre Pujol	c51943934e	feat(tunable): add x64 to @{arch}	2025-08-15 18:04:35 +02:00
Alexandre Pujol	c29b4ba536	feat(profile): various security/linter improvement - Ignore some rule from the linter - Move some bin to subprofile	2025-08-15 18:03:36 +02:00
Alexandre Pujol	aafcd1c861	feat(profile): simplify ssh home path.	2025-08-15 17:21:24 +02:00
Alexandre Pujol	3d329fdef8	feat(profile): minor profiles improvement.	2025-08-15 11:39:35 +02:00
Alexandre Pujol	6739b238ce	feat(abs): base-strict: allow communication to children and stacked profiles.	2025-08-15 11:33:29 +02:00
Alexandre Pujol	7d49a1628e	fix(abs): avahi socket path.	2025-08-15 11:32:27 +02:00
Alexandre Pujol	753d36cfa3	fix(profile): manually deny path in git Needed as `44a6bc86e6` raise merged rule with conflicting x modifiers errors.	2025-08-15 11:29:54 +02:00
Alexandre Pujol	5f368403b3	Revert "feat(tunable): add `bin` to XDG_BIN_DIR." This reverts commit `44a6bc86e6`.	2025-08-15 11:27:34 +02:00
Alexandre Pujol	9c9af1d821	feat(profile): improve integration with ubuntu.	2025-08-15 10:59:20 +02:00
Alexandre Pujol	112d54907e	feat(profile): thunderbird/firefox: move rules needed in both programs.	2025-08-15 10:53:52 +02:00
Alexandre Pujol	20546d37a0	feat(profile): fprintd needs sys_admin see #811	2025-08-15 10:51:48 +02:00
Alexandre Pujol	d09f5d055f	feat(profile): improve dbus definitions.	2025-08-15 10:51:16 +02:00
Alexandre Pujol	b90a2a89fe	feat(abs): app-open: kde opener need system id. see #811	2025-08-15 10:44:10 +02:00
Alexandre Pujol	44a6bc86e6	feat(tunable): add `bin` to XDG_BIN_DIR. So it can get allowed/denied by profile using user_bin_dirs. see #811	2025-08-15 10:43:15 +02:00
Alexandre Pujol	e2b1547bf1	feat(profile): ssh: add ssh.hmac Similar to newest version of sshd with sshd.hmac see #811	2025-08-15 10:41:26 +02:00
Alexandre Pujol	e15bd7bea0	feat(abs): improve vim integration with common editors. see #811	2025-08-15 10:40:17 +02:00
Alexandre Pujol	b1b3ee8321	feat(abs): add tty/drivers to pgrrep/pkill subprofiles. see #811	2025-08-15 10:38:15 +02:00
Alexandre Pujol	d51b386d13	feat(abs): pager: improve integration with opensuse. See #811	2025-08-15 10:36:05 +02:00
Alexandre Pujol	ace53f3002	feat(profile): openvpn need to load module. See #811	2025-08-15 10:35:19 +02:00
Alexandre Pujol	c02674593d	feat(profile): update kde profiles see #811	2025-08-15 10:34:48 +02:00
Alexandre Pujol	e09586e01d	feat(abs): freedesktop: add more path for recently-used files. see #811	2025-08-15 10:30:43 +02:00
Alexandre Pujol	10e57f01a6	feat(abs): add /etc/xdg/menus and session files to kde-strict. See #811	2025-08-15 10:27:44 +02:00
Alexandre Pujol	eda29668ae	fix(profile): ensure signal-desktop has the attach_disconnected flag. Fix 812	2025-08-14 18:23:30 +02:00
Alexandre Pujol	ba35a7933c	fix(profile): comment problematic rule Fix #769	2025-08-14 15:41:53 +02:00
Alexandre Pujol	38ac0f580d	feat(profile): revisit electron based profiles. - cleanup and enforce signal - fix discord fix #773 #777	2025-08-14 15:40:52 +02:00
Alexandre Pujol	2aa0d89f84	feat(profile): update firefox stack.	2025-08-12 12:45:55 +02:00
Alexandre Pujol	aab12e6948	fix(profile): dockerd can be installed in both bin or sbin depending of the package source.	2025-08-12 11:07:08 +02:00
Alexandre Pujol	8b64d7dd46	feat(abs): electron: add cgroup memory data.	2025-08-12 09:27:12 +02:00
Alexandre Pujol	f35b64bcae	fix(profile): missing documented udev/data	2025-08-11 22:27:08 +02:00
Alexandre Pujol	969c989aed	feat(profile): fwupd: allow access to dbx	2025-08-11 19:38:24 +02:00
Alexandre Pujol	175e2c3dc3	feat(profile): ensure all access to udev/data is documented. Cleanup some rule to wide in udev/data	2025-08-11 16:16:35 +02:00
Alexandre Pujol	73afa5835e	fix(abs): dbus: SearchProvider -> SearchProvider2	2025-08-11 11:23:05 +02:00
Alexandre Pujol	eb642993d8	feat(profile): revisit the monitorix profile.	2025-08-11 10:56:20 +02:00
Alexandre Pujol	ece81aa6cb	feat(abs): audio: add jack.conf.d	2025-08-10 19:05:15 +02:00
Alexandre Pujol	1da6e15cda	cosmetic: cleanup usage of bash abs.	2025-08-10 19:04:26 +02:00
Alexandre Pujol	82c6f554b3	feat(abs): update list of app allowed to be openned.	2025-08-10 19:03:16 +02:00
Alexandre Pujol	90e962dabb	feat(profile): chromium: cleanup shell exe. Needed to installing/remove extensions, applications, and stacked xdg menus	2025-08-10 19:02:15 +02:00
Alexandre Pujol	67c9e86d83	feat(profile): improve integration with ubuntu.	2025-08-10 19:00:42 +02:00
Alexandre Pujol	526a7e704c	feat(tunable): improve the definition of some tunables.	2025-08-10 18:55:08 +02:00

1 2 3 4 5 ...

2809 commits