felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3264 commits 5 branches 0 tags 16 MiB
Commit graph

3264 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alexandre Pujol
8c9d61a28e
feat(abs): add /usr/share/ssl/ to the openssl abs. 
fix #673
 2025-03-23 16:57:19 +01:00
Alexandre Pujol
310f06bc03
feat(profile): minor improvment on wechat profiles 2025-03-23 16:53:38 +01:00
EricLin0509
11fc80663f A small fix 2025-03-23 16:48:32 +01:00
EricLin0509
7d06d07450 Apply suggestions 2025-03-23 16:48:32 +01:00
EricLin0509
5ac4a521ca Add support for different Wechat variants 2025-03-23 16:48:32 +01:00
curiosityseeker
9525c6c008 Update protonmail-bridge-core 
Adding bridge-gui
 2025-03-23 16:40:35 +01:00
Alexandre Pujol
97af63b483
chore(profile): minor cleanup 2025-03-23 16:39:41 +01:00
remph
8730fa55e5 Various fixes 
* nvidia-strict: nvidia libraries get argv from /proc/self
* iwd:
  * sends lots of UDP on packet sockets
  * writes to accept_ra and optimistic_dad
  * DNS daemons other than systemd-resolvd may require iwd to use resolvconf
* lynx: now handles brotli'd HTML as well as gzipped
 2025-03-23 16:36:37 +01:00
EliasTheGrandMasterOfMistakes
f1f84045fc wirepumbler: Allow access to /dev/udmabuf 2025-03-23 16:34:59 +01:00
Alexandre Pujol
d44001b71f
feat(profile): snap - ensure snap profile can all rm their own lib_dirs. 2025-03-23 16:33:18 +01:00
Alexandre Pujol
a5385c594a
fix(profile): cosmetic. 2025-03-23 16:28:55 +01:00
Alexandre Pujol
0fce2e526d
Merge branch 'xfce' of github.com:nobody43/apparmor.d into nobody43-xfce 
* 'xfce' of github.com:nobody43/apparmor.d:
  xfce, fixes
  Adapt to RO root
  xfce, flags
  xfce, proper abi
  xfce, new profiles
  xfce, updates
 2025-03-23 16:18:46 +01:00
Alexandre Pujol
7ef841716e
fix(profile): ensure kde-powerdevil can read card state 
see #675
 2025-03-23 15:52:12 +01:00
Alexandre Pujol
21dfc6ea26
feat(profile): improve kde profiles. 
fix #676
 2025-03-23 15:35:27 +01:00
Alexandre Pujol
7684de3459
fix(profile): integration fix. 2025-03-23 15:27:00 +01:00
Alexandre Pujol
291713d902
feat(profile): add nvidia-uvm to the gstreamer abs. 
- Needed internally by multiqueue
- Lots of program using gstreamer was requiring it
 2025-03-23 15:24:05 +01:00
Alexandre Pujol
bc422ab5b8
feat(profile): revisit the gparted profiles 
fix #697
 2025-03-23 15:17:25 +01:00
Alexandre Pujol
acf423fd86
feat(profile): add support for qemu-img in gnome-boxes 
fix #698
 2025-03-23 14:19:02 +01:00
Alexandre Pujol
5e225ed0ec
feat(fsp): small improvments. 2025-03-23 14:16:31 +01:00
Alexandre Pujol
46b0b19d5b
fix(profile): various fixes. 2025-03-23 14:08:50 +01:00
Alexandre Pujol
018e31375b
fix(abs): add missing vim syntax. 2025-03-23 13:47:48 +01:00
Alexandre Pujol
054b723255
feat(profile): improve core snap profiles. 2025-03-23 13:44:50 +01:00
Alexandre Pujol
41757ec4e4
feat(profile): remove now automatically added internal dbus rules. 2025-03-23 13:40:45 +01:00
Alexandre Pujol
85be9316e1
feat(abs): remove dbus rules handled in the new abs. 2025-03-23 12:33:54 +01:00
Alexandre Pujol
1f55c07692
build: automatically include bus/own-* abstraction when required. 2025-03-23 12:31:43 +01:00
Alexandre Pujol
9ab321d146
feat(abs): dbus interfaces definition update. 2025-03-23 12:28:01 +01:00
Alexandre Pujol
a1559d23c7
feat(abs): update pkexec. 2025-03-20 20:13:54 +01:00
Alexandre Pujol
d2c231653b
feat(abs): add bus/own-* abstactions 2025-03-20 20:13:44 +01:00
Alexandre Pujol
ec04495c4a
feat(profile): update for ubuntu/debian based systems. 2025-03-20 00:34:24 +01:00
Alexandre Pujol
a69dc5bc8b
feat(abs): ensure ca.desrt.dconf.Writer dbus is part of dconf-write only. 2025-03-20 00:30:24 +01:00
Alexandre Pujol
50135cf75b
build: define more variable to resolve during build. 2025-03-18 23:16:11 +01:00
Alexandre Pujol
bd9ab55bf0
feta(profile): remove the now duplicated @{bin}/perl r. 2025-03-18 23:10:38 +01:00
Alexandre Pujol
f6a9a1859a
fix(profile): ensure aplay can list devices. 2025-03-18 22:57:55 +01:00
Alexandre Pujol
5b1702b34c
fix(profile): ensure ssh support security keys. 
fix #686
 2025-03-18 22:54:56 +01:00
Alexandre Pujol
debed741ca
fix(profile): ensure sbctl can access tpm. 
fix #687
 2025-03-18 22:52:47 +01:00
Alexandre Pujol
9728042f69
fix(profile): ensure epiphany can generate web apps desktop icons 
fix #689
 2025-03-18 22:51:01 +01:00
EliasTheGrandMasterOfMistakes
dc83373a0f bwrap(abstractions): Allow read to actions_avail 2025-03-18 22:35:44 +01:00
Alexandre Pujol
600f9f314e
feat(profile): remove empty snap profiles. 
see #693
 2025-03-18 21:39:09 +01:00
Alexandre Pujol
9ddd24754e
feat(abs): cleanup PUx in app open. 2025-03-18 21:34:11 +01:00
Alexandre Pujol
bf09164b4c
feat(abs): ensure all path of perl binary can rix. 2025-03-18 21:33:13 +01:00
Alexandre Pujol
1d0994979e
feat(abs): add memory mapping to python on its own abs. 2025-03-18 21:32:30 +01:00
Alexandre Pujol
2ce7663016
fix(profile): issues in finalrd. 2025-03-18 21:31:17 +01:00
EliasTheGrandMasterOfMistakes
e2c1a17425 gnome-shell: Allow acess to flatpak 2025-03-18 21:29:05 +01:00
Yifan Zhu
9fd1c5f3d4 fix(profile): allow speech-dispatcher to read user config 2025-03-18 21:20:21 +01:00
Alexandre Pujol
01fcfc5438
feat(profile): add finalrd. 2025-03-15 00:27:14 +01:00
Alexandre Pujol
96e79d9d88
build: add filter for apparmor version. 2025-03-15 00:26:47 +01:00
Alexandre Pujol
07dbb0c7d3
fix(profile): ssh-sk-helper does not get transioned. 
fix #681
see #677
 2025-03-14 23:57:37 +01:00
Alexandre Pujol
e4a7e16ec0
build: add support for apparmor 4.1 
Enabled when prebuild is run with the --version 4.1 argument
 2025-03-14 22:07:59 +01:00
Alexandre Pujol
ebc8b29b1d
feat(profile): add initial profile for resolvectl. 2025-03-14 22:00:52 +01:00
Alexandre Pujol
cfccb7894d
feat(profile): general update. 2025-03-14 21:59:55 +01:00