felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2625 commits 5 branches 0 tags 16 MiB
Commit graph

429 commits

Author SHA1 Message Date
Alexandre Pujol
93313422bd
feat(profile): update kde profiles on openSUSE Tumbleweed. 
See #424
 2024-08-20 18:49:52 +01:00
Alexandre Pujol
52a2ae8c23
feat(profile): general update. 
see #422
 2024-07-20 13:13:27 +01:00
Alexandre Pujol
aaf435ece1
feat(profile): general update. 2024-07-19 19:22:32 +01:00
Alexandre Pujol
6cd01064ae
feat(profile): general update. 2024-07-15 23:12:39 +01:00
Alexandre Pujol
d480156e09
feat(profile): general update. 2024-07-06 23:46:06 +01:00
Alexandre Pujol
1675a26fbf
feat(profile): general update. 2024-07-02 22:08:15 +01:00
Alexandre Pujol
c0a081b827
feat(profile): add label for help program. 2024-07-02 22:05:36 +01:00
Alexandre Pujol
2e127ace4b
feat(abs): general update. 2024-06-23 11:17:56 +01:00
Alexandre Pujol
856a9a467e
feat(profile): improve chromium tmp file restriction. 2024-06-23 11:17:01 +01:00
Alexandre Pujol
2710fd3484
feat(profile): ensure steam can update itself. 2024-06-23 11:16:23 +01:00
Alexandre Pujol
747292e954
fix: remove useless audit mode on chromium. 2024-06-16 22:53:16 +01:00
Alexandre Pujol
13b35b156e
feat(abs): add the app/kmod abstraction. 2024-06-16 21:50:48 +01:00
REmerald
41b1489b76 fix: add vim syntax to remaining files 
Add vim syntax modeline to files which didn't have it for some reason.
Continuation of #396.
 2024-06-16 17:32:21 +01:00
REmerald
c1d531525a
fix(abstractions, tunables): move vim modeline 
Move vim syntax comment to the end of the file, separated by newline, as requested in #380.
 2024-06-15 22:01:25 +01:00
REmerald
1206692e51
feat(abstractions): vim syntax highlighting 
Add vim syntax support. See man apparmor.vim(5)
 2024-06-15 22:00:29 +01:00
Alexandre Pujol
275b77d2ac
fix: profile compilation. 2024-06-15 21:59:31 +01:00
Alexandre Pujol
035e1da7b2
feat(abs): add udevadm app abstraction. 2024-06-15 21:59:31 +01:00
Alexandre Pujol
39bfa9a40b
feat(profile): update steam profiles. 2024-06-15 21:59:31 +01:00
REmerald
eb480672f3
fix(abstractions, tunables): move vim modeline 
Move vim syntax comment to the end of the file, separated by newline, as requested in #380.
 2024-06-15 21:59:31 +01:00
REmerald
6b5475c7f2
feat(abstractions): vim syntax highlighting 
Add vim syntax support. See man apparmor.vim(5)
 2024-06-15 21:57:49 +01:00
Alexandre Pujol
6c1cdf4d58
fix: ensure btop can send signal 
fix  #385
 2024-06-14 21:10:02 +01:00
Alexandre Pujol
117e63d88f
fix: ensure filter directive get cleaned on build. 2024-06-14 20:50:17 +01:00
Alexandre Pujol
56464d24bf
fix: xdg-desktop-portal breaks screensharing 
fix: #376
 2024-06-12 22:18:02 +01:00
Alexandre Pujol
ff88400b22
feat(abs): minor cleanup. 2024-06-11 23:18:07 +01:00
Alexandre Pujol
6d549b7c70
feat(profile): rewrite steam profiles. 
- Separate profile for sandboxes.
- Separate profile for native and proton games.
- Updated path dirs
- tested on arch & debian.

Note: these profiles are still in alpha stage and disabled by default.
 2024-06-11 00:21:29 +01:00
Alexandre Pujol
08a1aba39d
feat(abs): bwrap: add special mount rule for debian. 2024-06-11 00:01:46 +01:00
Alexandre Pujol
b4407fb7f8
feat(abs): wayland: add ibus shared file. 2024-06-10 23:53:31 +01:00
Alexandre Pujol
0d8afd21e3
feat(abs): vulkan: allow empty vulkan home dir. 2024-06-10 23:52:40 +01:00
Alexandre Pujol
222685c029
feat(profile): use the cups-client more often. 2024-06-10 23:51:38 +01:00
Alexandre Pujol
bb6df870bb
chore: cleanup opensc debian structure. 2024-06-10 23:43:55 +01:00
Alexandre Pujol
5c8dda1ced
feat(profile): remove rule moved in the base or nameservice abstraction. 2024-06-08 22:49:28 +01:00
REmerald
8009c1b9b9
fix(authentication.d/complete): add missing copyright (#370) 
* fix(authentication.d/complete): add missing copyright

* fix(authentication.d/complete): remove first copyright author

Remove the original author from the copyright comment as his file is different and doesn't include his copyright as well. https://gitlab.com/morfikov/apparmemall/-/blob/master/apparmor.d/abstractions/authentication
 2024-06-07 23:04:25 +00:00
curiosityseeker
ec25a155db
Chromium based browsers: add stacking for chrashpad handler (#366) 
* Update chromium abs: remove crashpad-handler

* Update brave: add stacking for chrashpad-handler

* Update chrome: add stacking for crashpad-handler

* Update chromium: add stacking for crashpad-handler

* Update msedge: add stacking for crashpad-handler

* Rename msedge-crashpad-handlers to msedge-crashpad-handler
 2024-06-07 18:26:39 +00:00
Alexandre Pujol
921156c846
fix(profile): pavucontrol 
fix #371
 2024-06-07 19:25:22 +01:00
Alexandre Pujol
503e83a896
fix: steam support on flatpak. 
fix #368
 2024-06-07 17:10:54 +01:00
Alexandre Pujol
13d3b23a04
fix(opensuse): ensure integration on opensuse. 2024-06-04 19:52:56 +01:00
Alexandre Pujol
ff16790421
feat(abs): general update. 2024-06-03 18:37:12 +01:00
Alexandre Pujol
45ae8f5d27
feat(abs): add pgrep. 2024-05-30 21:08:03 +01:00
fira959
d12db8a8dc
Minor improvements (#336) 
* Update audio-client

* Update mpv

* Update mutt

add common mail dir

* Update apparmor.d

* Update mutt

* Update mutt

* Update mutt

* Update mutt

* Update mutt
 2024-05-30 17:51:57 +00:00
curiosityseeker
adccd0066a
Fix typo in @{text_edirors} (#338) 
* Fix typo in multiarch.d/programs

* Fix typo in multirach.d/paths

* Fix typo in abstractions/app-open
 2024-05-29 20:41:23 +00:00
curiosityseeker
94d9570230
Firefox: using stacking for glxtest and vaapitest (#337) 
The current implementation results in the following errors for the Firefox profile:

 @{lib}/firefox/glxtest rix -> firefox-glxtest,  # no new privs

@{lib}/firefox/vaapitest rix -> firefox-vaapitest,   # no new privs

Using stacking as suggested on https://apparmor.pujol.io/development/structure/#no-new-privileges gets rid of these errors.
 2024-05-29 20:41:01 +00:00
Alexandre Pujol
c785b41451
feat(profile): general update. 2024-05-18 22:35:05 +01:00
doublez13
4256e11492 editor abstraction: minor additions 
Add any one-off rules covered in the other editor profiles before converting those to the abstraction.
 2024-05-16 15:44:29 +01:00
Alexandre Pujol
58e458f4ab
feat(profile): add the app/firefox abstraction. 2024-05-15 23:13:23 +01:00
Alexandre Pujol
f5ac8cd4a1
feat(profile): improve dbus rule in chromium based profiles. 2024-05-15 23:07:05 +01:00
Alexandre Pujol
ad960d477b
feat(profile): replace former regex by the new @{user} variable. 2024-05-15 17:22:20 +01:00
Alexandre Pujol
855f25da9b
feat(tunable): add hex38. 2024-05-14 12:55:57 +01:00
Alexandre Pujol
7b25ed1913
Merge branch 'main' of github.com:roddhjav/apparmor.d 
* 'main' of github.com:roddhjav/apparmor.d:
  Task: Update abstraction path
  Mutt: Update abstraction path
  Update and move abstractions/editor to abstractions/app/editor
  Task: Use editor abstraction
  Mutt: Use editor abstraction
  Create editor abstraction
 2024-05-13 20:37:12 +01:00
Alexandre Pujol
8f102dea0a
feat(profile): general update. 2024-05-13 20:35:11 +01:00
doublez13
479d04abac Update and move abstractions/editor to abstractions/app/editor 2024-05-12 17:34:33 +01:00