apparmor.d

Author	SHA1	Message	Date
Alexandre Pujol	e370a66c5b	fix(profile): issues with stacking fix #819	2025-09-07 20:10:51 +02:00
Alexandre Pujol	a87449268b	feat(profile): various improvement for Tumbleweed fix #828	2025-09-07 20:05:19 +02:00
Alexandre Pujol	5fe9e0ee9e	feat(profile): support for Tumbleweed gs path. see #828	2025-09-07 19:52:40 +02:00
Alexandre Pujol	4771e56d88	feat(profile): git: allow transition to github cli. fix #829	2025-09-07 19:49:59 +02:00
Alexandre Pujol	06d476ccaa	fix(profile): att on logind fix #833	2025-09-07 19:48:54 +02:00
Alexandre Pujol	1defbbc416	fix(abs): tmp path for wine tmp data. fix #836	2025-09-07 19:47:24 +02:00
Alexandre Pujol	2efdd6f527	feat(profile): improve ufw-init fix #843	2025-09-07 19:43:44 +02:00
Alexandre Pujol	c239203e72	feat(abs): add the tpm abstraction.	2025-09-06 23:55:42 +02:00
Alexandre Pujol	618b1116f8	tests(check): add support for global exclusion.	2025-09-06 23:51:12 +02:00
Alexandre Pujol	e2f11d46b0	tests(check): make the script configurable. Such that it can be used in downstream project with different folder structure.	2025-09-06 23:48:59 +02:00
Alexandre Pujol	8c33125b5e	build: add missing server build task.	2025-09-06 23:46:12 +02:00
Alexandre Pujol	64d71ffb6e	build: attach: ensure we don't recursivelly call ourself.	2025-09-06 23:45:08 +02:00
Alexandre Pujol	5484f84764	tests(build): add tests for the stacked-dbus build task.	2025-09-06 23:32:06 +02:00
Alexandre Pujol	c2ecc756b2	feat(abs): add the media-control abstraction	2025-09-06 23:30:52 +02:00
Alexandre Pujol	ec88fcbfcb	feat(abs): add the camera abstraction	2025-09-06 23:18:31 +02:00
Alexandre Pujol	ab7cba2da6	build: add early support for server version of the package.	2025-09-06 22:16:40 +02:00
Alexandre Pujol	2aead7e93b	build(arch): initial pkbuild for splited packages. Note: it is not enabled yet.	2025-09-06 22:01:20 +02:00
Alexandre Pujol	470025c090	build(debian): update list of profile to hide. Nb: we cannot use these profiles as they would break with apparmor.d profiles (they don't expect confined peer).	2025-09-06 19:39:18 +02:00
Alexandre Pujol	c7177eedde	doc: update documentation.	2025-09-06 15:16:25 +02:00
Alexandre Pujol	d86cf03dab	build(debian): post script must not fail.	2025-09-06 15:13:25 +02:00
Alexandre Pujol	a0f1c55ab4	doc: update roadmap.	2025-09-06 15:12:40 +02:00
Alexandre Pujol	5795114328	tests(packer): success on cloud-init failure.	2025-09-06 13:23:49 +02:00
Alexandre Pujol	d9df02f3f8	tests(packer): update opensuse images.	2025-09-06 13:22:39 +02:00
Alexandre Pujol	7963479dbc	build: various cleanup	2025-09-06 13:21:34 +02:00
Alexandre Pujol	e43d907808	chore: cosmetic.	2025-09-06 13:18:01 +02:00
JND94	4c84b572cd	glxgears can't access X cookie	2025-09-03 10:02:44 +02:00
Jose Maldonado aka Yukiteru	237622f3ef	rpcbind: update profile rpcbind: update profile	2025-09-03 10:02:22 +02:00
Jose Maldonado aka Yukiteru	2c0b5405db	firewall-applet: update profile	2025-09-03 10:01:39 +02:00
Stoppedpuma	2b07398cef	flatpak-app ntsync	2025-09-03 09:57:03 +02:00
Alexandre Pujol	09c1f61bb7	build(debian): use deb-systemd-invoke and minor lintian fixes.	2025-09-01 15:54:28 +02:00
Alexandre Pujol	7c6f776757	build: set default att to "" when not enabled. It fixes various issues with multiple / that are not collapsed in they canonical form in file rules See https://gitlab.com/apparmor/apparmor/-/issues/450#note_2158840105	2025-09-01 15:12:30 +02:00
Alexandre Pujol	4f9d2703d4	build: separate the base-strict abs from the re-attach builder. Enable the use of the base-strict abs on all setup.	2025-09-01 15:07:01 +02:00
Alexandre Pujol	a1ba00bec3	feat(profile): general profile update.	2025-08-31 23:00:13 +02:00
Alexandre Pujol	7cfff26ee2	fix(profile): abstraction not updated.	2025-08-31 22:46:52 +02:00
Alexandre Pujol	7eaae9e68c	fix(profile): wrong path in abstraction.	2025-08-31 22:25:57 +02:00
Alexandre Pujol	eee8241eb7	chore: cosmetic fixes.	2025-08-31 21:28:53 +02:00
Alexandre Pujol	bd7ae9bb56	chore: improve comment in type definition.	2025-08-31 21:23:40 +02:00
Alexandre Pujol	bd295d2a9d	refractor: move gtk dbus to they own abs.	2025-08-31 21:23:04 +02:00
Alexandre Pujol	458126e7d7	refractor(profile): add notification abs, move bus notifications.	2025-08-31 18:14:32 +02:00
Alexandre Pujol	5cc5a019d4	feat(profile): snap: add support for dev version.	2025-08-31 17:40:42 +02:00
Alexandre Pujol	9a4d878557	refractor(abs): add screensaver abs, move bus screensaver abs.	2025-08-31 17:38:00 +02:00
Alexandre Pujol	9ee2605026	tests(packer): simplify pkg install script.	2025-08-31 13:29:11 +02:00
Alexandre Pujol	a3426fef8c	feat: precise nvidia devices number.	2025-08-31 13:23:48 +02:00
Alexandre Pujol	45faf0eee0	fix(tunable): add missing lightdm_state_dirs tunable.	2025-08-30 19:57:09 +02:00
Alexandre Pujol	ac6eac1333	feat(profile): cleanup usage of mime abs.	2025-08-30 19:47:07 +02:00
Alexandre Pujol	f5e2572457	feat(profile): cleanup usage of icons abs.	2025-08-30 19:37:47 +02:00
Alexandre Pujol	4f1fddd2fb	feat(profile): use natural transition instead of systemd drop in config when possible. As we can transition to the good profile naturally, do not use systemd for it. This bypass the apparmor error: `change_profile unprivileged unconfined converted to stacking`. Note: we cannot do the same for dbus-system and dbus-session are they have the same binary.	2025-08-30 14:25:43 +02:00
Alexandre Pujol	d6ddbf104c	refractor(profile): always use the gschemas abstraction.	2025-08-30 12:56:05 +02:00
Alexandre Pujol	0ada92da32	refractor(abs): gsettings -> gschemas.	2025-08-30 12:35:04 +02:00
Alexandre Pujol	b5020eac89	tests(packer): remobe sudo alias	2025-08-30 12:22:01 +02:00

1 2 3 4 5 ...

4014 commits