felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
3901 commits 5 branches 0 tags 16 MiB
Commit graph

3901 commits

This branch
This branch
All branches
Author SHA1 Message Date
Alexandre Pujol
c2ecc756b2
feat(abs): add the media-control abstraction 2025-09-06 23:30:52 +02:00
Alexandre Pujol
ec88fcbfcb
feat(abs): add the camera abstraction 2025-09-06 23:18:31 +02:00
Alexandre Pujol
ab7cba2da6
build: add early support for server version of the package. 2025-09-06 22:16:40 +02:00
Alexandre Pujol
2aead7e93b
build(arch): initial pkbuild for splited packages. 
Note: it is not enabled yet.
 2025-09-06 22:01:20 +02:00
Alexandre Pujol
470025c090
build(debian): update list of profile to hide. 
Nb: we cannot use these profiles as they would break with apparmor.d profiles (they don't expect confined peer).
 2025-09-06 19:39:18 +02:00
Alexandre Pujol
c7177eedde
doc: update documentation. 2025-09-06 15:16:25 +02:00
Alexandre Pujol
d86cf03dab
build(debian): post script must not fail. 2025-09-06 15:13:25 +02:00
Alexandre Pujol
a0f1c55ab4
doc: update roadmap. 2025-09-06 15:12:40 +02:00
Alexandre Pujol
5795114328
tests(packer): success on cloud-init failure. 2025-09-06 13:23:49 +02:00
Alexandre Pujol
d9df02f3f8
tests(packer): update opensuse images. 2025-09-06 13:22:39 +02:00
Alexandre Pujol
7963479dbc
build: various cleanup 2025-09-06 13:21:34 +02:00
Alexandre Pujol
e43d907808
chore: cosmetic. 2025-09-06 13:18:01 +02:00
JND94
4c84b572cd glxgears can't access X cookie 2025-09-03 10:02:44 +02:00
Jose Maldonado aka Yukiteru
237622f3ef rpcbind: update profile 
rpcbind: update profile
 2025-09-03 10:02:22 +02:00
Jose Maldonado aka Yukiteru
2c0b5405db firewall-applet: update profile 2025-09-03 10:01:39 +02:00
Stoppedpuma
2b07398cef flatpak-app ntsync 2025-09-03 09:57:03 +02:00
Alexandre Pujol
09c1f61bb7
build(debian): use deb-systemd-invoke and minor lintian fixes. 2025-09-01 15:54:28 +02:00
Alexandre Pujol
7c6f776757
build: set default att to "" when not enabled. 
It fixes various issues with multiple / that are not collapsed in they canonical form in file rules

See https://gitlab.com/apparmor/apparmor/-/issues/450#note_2158840105
 2025-09-01 15:12:30 +02:00
Alexandre Pujol
4f9d2703d4
build: separate the base-strict abs from the re-attach builder. 
Enable the use of the base-strict abs on all setup.
 2025-09-01 15:07:01 +02:00
Alexandre Pujol
a1ba00bec3
feat(profile): general profile update. 2025-08-31 23:00:13 +02:00
Alexandre Pujol
7cfff26ee2
fix(profile): abstraction not updated. 2025-08-31 22:46:52 +02:00
Alexandre Pujol
7eaae9e68c
fix(profile): wrong path in abstraction. 2025-08-31 22:25:57 +02:00
Alexandre Pujol
eee8241eb7
chore: cosmetic fixes. 2025-08-31 21:28:53 +02:00
Alexandre Pujol
bd7ae9bb56
chore: improve comment in type definition. 2025-08-31 21:23:40 +02:00
Alexandre Pujol
bd295d2a9d
refractor: move gtk dbus to they own abs. 2025-08-31 21:23:04 +02:00
Alexandre Pujol
458126e7d7
refractor(profile): add notification abs, move bus notifications. 2025-08-31 18:14:32 +02:00
Alexandre Pujol
5cc5a019d4
feat(profile): snap: add support for dev version. 2025-08-31 17:40:42 +02:00
Alexandre Pujol
9a4d878557
refractor(abs): add screensaver abs, move bus screensaver abs. 2025-08-31 17:38:00 +02:00
Alexandre Pujol
9ee2605026
tests(packer): simplify pkg install script. 2025-08-31 13:29:11 +02:00
Alexandre Pujol
a3426fef8c
feat: precise nvidia devices number. 2025-08-31 13:23:48 +02:00
Alexandre Pujol
45faf0eee0
fix(tunable): add missing lightdm_state_dirs tunable. 2025-08-30 19:57:09 +02:00
Alexandre Pujol
ac6eac1333
feat(profile): cleanup usage of mime abs. 2025-08-30 19:47:07 +02:00
Alexandre Pujol
f5e2572457
feat(profile): cleanup usage of icons abs. 2025-08-30 19:37:47 +02:00
Alexandre Pujol
4f1fddd2fb
feat(profile): use natural transition instead of systemd drop in config when possible. 
As we can transition to the good profile naturally, do not use systemd for it.

This bypass the apparmor error:
`change_profile unprivileged unconfined converted to stacking`.

Note: we cannot do the same for dbus-system and dbus-session are they have the same binary.
 2025-08-30 14:25:43 +02:00
Alexandre Pujol
d6ddbf104c
refractor(profile): always use the gschemas abstraction. 2025-08-30 12:56:05 +02:00
Alexandre Pujol
0ada92da32
refractor(abs): gsettings -> gschemas. 2025-08-30 12:35:04 +02:00
Alexandre Pujol
b5020eac89
tests(packer): remobe sudo alias 2025-08-30 12:22:01 +02:00
Alexandre Pujol
94f01c68f6
feat(tunable): update home dir for gdm & add desktop_state_dirs. 2025-08-30 11:48:11 +02:00
Alexandre Pujol
1122f28cac
tests(packer): cleanup package install process. 
- apparmor restart is handled by the package
- it is a dev version, so it could fail.
 2025-08-30 11:46:40 +02:00
Alexandre Pujol
2bae05d309
feat(abs): add varianttable to apt common. 2025-08-30 11:05:19 +02:00
Alexandre Pujol
a3fde24b3d
feat: add aliases for all coreutils. 2025-08-29 23:58:39 +02:00
Alexandre Pujol
57251820e1
build: improve support for aa 5.0 2025-08-29 20:48:01 +02:00
Alexandre Pujol
2bb42bfca2
build: add support for apparmor 5.0 (current master branch) 2025-08-29 20:14:12 +02:00
Alexandre Pujol
be0d481068
feat(profile): remove common/systemd from systemd-detect-virt. 2025-08-29 19:56:41 +02:00
Alexandre Pujol
5d1ef40877
feat(profile): add some missing proc access. 
Due to recent changes in base-strict.
 2025-08-29 19:55:42 +02:00
Alexandre Pujol
61d8cee932
feat(profile): ssh: cleanup. 2025-08-28 21:27:58 +02:00
Alexandre Pujol
c9813dc34f
feat(abs): improve dbus rules in open & common gnome abs. 2025-08-28 21:26:17 +02:00
Alexandre Pujol
5faca8461d
feat(abs): remove user-dirs from recently-used abs. 2025-08-28 21:23:59 +02:00
Alexandre Pujol
e50e87bd61
feat(abs): update base additions. 2025-08-28 21:23:14 +02:00
Alexandre Pujol
544204e511
feat(abs): add the user-dirs abstraction. 2025-08-28 21:22:22 +02:00