apparmor.d

Author	SHA1	Message	Date
Alexandre Pujol	55e4b27c2b	feat(tunable): add the archive_path variable.	2025-06-01 16:02:20 +02:00
Alexandre Pujol	eb84df319d	feat(profile): update gnome profiles.	2025-06-01 16:00:38 +02:00
Alexandre Pujol	86202b0fbf	feat(fsp): small fsp improvement.	2025-06-01 15:53:37 +02:00
Alexandre Pujol	8452eb44f1	feat(abs): minor improvement & cosmetic.	2025-06-01 15:48:38 +02:00
Alexandre Pujol	af82a9caa6	feat(profile): add profiles for whoopsie.	2025-05-31 13:52:42 +02:00
Alexandre Pujol	d76bc0b3be	feat(profile): add initial profile for systemd-initctl.	2025-05-31 13:50:20 +02:00
Alexandre Pujol	6c6e1c3456	feat(profile): minor fsp related improvment.	2025-05-31 13:49:16 +02:00
Alexandre Pujol	2282128cbd	feat(fsp): setup RBAC mapping in auth enabled profiles.	2025-05-31 13:43:57 +02:00
Alexandre Pujol	d9e6e686e0	build: ignore all rule in abi3.	2025-05-30 01:44:09 +02:00
Alexandre Pujol	e771ef77b8	tests(packer): update base images content.	2025-05-30 00:18:39 +02:00
Alexandre Pujol	89a1714610	fix(profile): a few linting fixes.	2025-05-30 00:14:54 +02:00
Alexandre Pujol	3d76c98c4b	feat(profile): add more systemd-generator profiles.	2025-05-30 00:05:34 +02:00
Alexandre Pujol	d9cfef3e5d	refractor(profile): move systemd generators to their own group	2025-05-30 00:03:11 +02:00
Alexandre Pujol	60b9127916	feat(profile): update pipewire profiles.	2025-05-29 23:53:47 +02:00
Alexandre Pujol	32a9806219	feat(fsp): update systemd user drop in files with AppArmorProfile set to the target profile.	2025-05-29 23:52:40 +02:00
Alexandre Pujol	9325dd5ca0	feat(profile): revisit systemd-udevd and ensure most program get transitionned confined.	2025-05-29 23:43:19 +02:00
Alexandre Pujol	581a55c726	feat(profile): update systemd-homework/homed as they get stacked.	2025-05-29 23:40:49 +02:00
Alexandre Pujol	28d9d48de4	feat(profile): small update to systemd profiles.	2025-05-29 23:39:35 +02:00
Alexandre Pujol	38c6e35a1b	feat(profile): add some ubuntu specific profiles.	2025-05-29 23:33:37 +02:00
Alexandre Pujol	7f684ee5dd	feat(profile): integrate fsp with apt and ubuntu.	2025-05-29 23:29:52 +02:00
Alexandre Pujol	3984cf8acc	feat(profile): initial profile for pollinate.	2025-05-29 23:27:55 +02:00
Alexandre Pujol	d5a65ba831	feat(profile): add a few small profile needed by fsp.	2025-05-29 23:26:18 +02:00
Alexandre Pujol	1aa0142a6a	feat(fsp): add/update systemd drop in files with AppArmorProfile set to the target profile.	2025-05-29 23:20:32 +02:00
Alexandre Pujol	8ff829542d	feat(profile): add profile for some named minimal systemd service.	2025-05-29 23:13:04 +02:00
Alexandre Pujol	a194f28c21	feat(fsp): add sd-mount.	2025-05-29 22:59:02 +02:00
Alexandre Pujol	9125686973	feat(fsp): add the new sdu profile as service and stacked profile manager for system.	2025-05-29 22:44:00 +02:00
Alexandre Pujol	5940f0117b	feat(fsp): add the new sdu profile as service and stacked profile manager for user.	2025-05-29 22:37:56 +02:00
Alexandre Pujol	dd2187552b	feat(fsp): remove the now deprecated generic system service profiles.	2025-05-29 22:35:28 +02:00
Alexandre Pujol	3dc8a74ec0	feat(fsp): rewrite the systemd-user profile.	2025-05-29 15:16:26 +02:00
Alexandre Pujol	47bafeb67b	feat(fsp): rewrite the systemd profile.	2025-05-29 15:06:52 +02:00
curiosityseeker	bf22a7786c	Broken login: Update systemd-logind Today I was not able to log into my Arch Linux system. After chrooting into the system, performing aa-log and adding the rule to systemd-logind the problem was fixed.	2025-05-27 16:35:47 +02:00
Alexandre Pujol	11f3529530	ci: ensure failing compiling the profile fail the job.	2025-05-27 00:29:35 +02:00
Alexandre Pujol	0886c7bc85	fix: rule compilation.	2025-05-27 00:29:21 +02:00
Alexandre Pujol	7243c18ce2	fix(build): conversion from abi4 to abi3.	2025-05-26 23:54:56 +02:00
Alexandre Pujol	d5002a6774	fix(profile): fwupd fix #752	2025-05-26 23:52:39 +02:00
Alexandre Pujol	a08c99dcb7	feat(abs): console: add non owner access to /dev/tty@{u8}. Follow recent addition in attached/consoles fix #751	2025-05-26 23:47:49 +02:00
Alexandre Pujol	77d2f923b0	feat(profile): pacman: allow landlock to restrict itself See https://docs.kernel.org/userspace-api/landlock.html#c.sys_landlock_restrict_self fix #750	2025-05-26 23:45:10 +02:00
Alexandre Pujol	8f3f3816ed	feat(fsp): systemd drop in files: configure stacked profile It comes as a replacement of old and unsecure config that was disabling the nnp flag. The new solution is: 1. Safe 2. Scalable as hundred of profile could be configured this way	2025-05-26 23:31:35 +02:00
Alexandre Pujol	4ffbf84a00	feat(fsp): remove the default profiles.	2025-05-26 23:20:37 +02:00
Alexandre Pujol	217448d09a	doc: improve documentation on the use of some special abstraction.	2025-05-26 01:18:11 +02:00
Alexandre Pujol	04b6cade64	feat(profile): use profile variable in rules such as in dbus, ptrace, unix...	2025-05-26 01:17:14 +02:00
Alexandre Pujol	f717ea7383	feat(aa): add a mount flag.	2025-05-26 01:01:08 +02:00
Alexandre Pujol	c07c5838e4	build: add RBAC filter to the only/exclude directive.	2025-05-26 01:00:08 +02:00
Alexandre Pujol	780ca65953	build(fsp): set stacked variables.	2025-05-26 00:57:37 +02:00
Alexandre Pujol	d9430c68c1	build: improve error message in the stack direcive.	2025-05-26 00:55:48 +02:00
Alexandre Pujol	e83a9a60dc	feat(profile): finalize upgrade process.	2025-05-26 00:47:47 +02:00
Alexandre Pujol	a8ab6da6f3	feat(profile): add runit-helper.	2025-05-26 00:47:47 +02:00
Alexandre Pujol	ead321e07e	feat(profile): improve the upgrade stack.	2025-05-26 00:47:47 +02:00
Alexandre Pujol	acc35c3bd7	ci: show files installed in sbin.	2025-05-26 00:47:47 +02:00
Alexandre Pujol	d575812e29	fix(profile): snapd journalctl subprofile.	2025-05-26 00:47:47 +02:00

... 4 5 6 7 8 ...

3800 commits