felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2882 commits 5 branches 0 tags 16 MiB
Commit graph

2083 commits

Author SHA1 Message Date
Alexandre Pujol
ca9a8d47f8
feat(profile): add protonmail-bridge 2024-06-11 23:16:19 +01:00
Alexandre Pujol
6d549b7c70
feat(profile): rewrite steam profiles. 
- Separate profile for sandboxes.
- Separate profile for native and proton games.
- Updated path dirs
- tested on arch & debian.

Note: these profiles are still in alpha stage and disabled by default.
 2024-06-11 00:21:29 +01:00
Alexandre Pujol
08a1aba39d
feat(abs): bwrap: add special mount rule for debian. 2024-06-11 00:01:46 +01:00
Alexandre Pujol
8fe2bf4c20
feat(profile): add missing enchant abs. 2024-06-11 00:00:51 +01:00
Alexandre Pujol
d283ef5196
feat(profile): general update. 2024-06-10 23:58:44 +01:00
Alexandre Pujol
b4407fb7f8
feat(abs): wayland: add ibus shared file. 2024-06-10 23:53:31 +01:00
Alexandre Pujol
0d8afd21e3
feat(abs): vulkan: allow empty vulkan home dir. 2024-06-10 23:52:40 +01:00
Alexandre Pujol
222685c029
feat(profile): use the cups-client more often. 2024-06-10 23:51:38 +01:00
Alexandre Pujol
bb6df870bb
chore: cleanup opensc debian structure. 2024-06-10 23:43:55 +01:00
REmerald
e362aa9107 feat(profiles-m-r): vim syntax support 
Add vim modeline instructing the editor to use the syntax plugin provided by apparmor.
 2024-06-09 19:44:15 +03:00
Alexandre Pujol
5c8dda1ced
feat(profile): remove rule moved in the base or nameservice abstraction. 2024-06-08 22:49:28 +01:00
REmerald
8009c1b9b9
fix(authentication.d/complete): add missing copyright (#370) 
* fix(authentication.d/complete): add missing copyright

* fix(authentication.d/complete): remove first copyright author

Remove the original author from the copyright comment as his file is different and doesn't include his copyright as well. https://gitlab.com/morfikov/apparmemall/-/blob/master/apparmor.d/abstractions/authentication
 2024-06-07 23:04:25 +00:00
curiosityseeker
ec25a155db
Chromium based browsers: add stacking for chrashpad handler (#366) 
* Update chromium abs: remove crashpad-handler

* Update brave: add stacking for chrashpad-handler

* Update chrome: add stacking for crashpad-handler

* Update chromium: add stacking for crashpad-handler

* Update msedge: add stacking for crashpad-handler

* Rename msedge-crashpad-handlers to msedge-crashpad-handler
 2024-06-07 18:26:39 +00:00
Alexandre Pujol
921156c846
fix(profile): pavucontrol 
fix #371
 2024-06-07 19:25:22 +01:00
Alexandre Pujol
503e83a896
fix: steam support on flatpak. 
fix #368
 2024-06-07 17:10:54 +01:00
REmerald
b66274b2ca fix(systemd-oomd): remove double slash 
Double slash caused the path to not work
 2024-06-06 18:40:35 +01:00
REmerald
aa0e33804a fix(pacman): add attach_disconnected flag 
Fixes #350
 2024-06-06 11:50:01 +01:00
REmerald
46008e4edb fix(gvfsd-fuse): add abstractions/nameservice-strict 2024-06-06 11:48:28 +01:00
REmerald
ac86b5ac78 fix(gvfsd): add abstractions/nameservice-strict 2024-06-06 11:48:28 +01:00
REmerald
d1ec0b90fc fix(xdg-permission-store): add abstractions/nameservice-strict and @{HOME}/.local/ 2024-06-06 11:47:38 +01:00
REmerald
2ea558c146 fix(xdg-document-portal): use abstractions/nameservice-strict 2024-06-06 11:41:46 +01:00
REmerald
11e05037c3 fix(xdg-document-portal): add /etc/nsswitch.conf, /etc/passwd 2024-06-06 11:41:46 +01:00
valoq
0565558fe0 complete atool 2024-06-06 11:40:18 +01:00
REmerald
e937eabd4e fix(nm-dispatcher): add modem-manager-gui 2024-06-06 11:39:04 +01:00
REmerald
8f05f02356 fix(systemd-oomd): shorten paths 2024-06-06 11:38:21 +01:00
REmerald
281768667a fix(systemd-oomd): change to {,**/} 2024-06-06 11:38:21 +01:00
REmerald
6801ae1e0c fix(systemd-oomd): make org.a11y.atspi.Registry.slice as in apparmor.d/groups/gnome/epiphany-search-provider 2024-06-06 11:38:21 +01:00
REmerald
5a8510a1f7 fix(systemd-oomd): add cgroup/system.slice/ and app-dbus* paths 2024-06-06 11:38:21 +01:00
REmerald
37d0a36763 fix(polkit-gnome-authentication-agent): include dconf-write 2024-06-06 11:37:53 +01:00
Alexandre Pujol
8b60e56002
feat(profile): general update. 2024-06-04 20:13:40 +01:00
Alexandre Pujol
13d3b23a04
fix(opensuse): ensure integration on opensuse. 2024-06-04 19:52:56 +01:00
REmerald
c40c3e1c98 fix(lspci): add /run/modprobe.d 2024-06-03 21:19:10 +01:00
REmerald
789ba3836e fix(kmod): add /run/modprobe.d 2024-06-03 19:09:46 +01:00
Alexandre Pujol
951bf6a840
Merge branch 'main' of github.com:roddhjav/apparmor.d 
* 'main' of github.com:roddhjav/apparmor.d:
  fix(systemd-oomd): add `app.slice` and `session.slice` paths
  polkit-kde-authentication-agent update (#345)
  add multiple profiles (#341)
 2024-06-03 19:06:35 +01:00
Alexandre Pujol
ff16790421
feat(abs): general update. 2024-06-03 18:37:12 +01:00
Alexandre Pujol
a1fe682e7a
feat(profile): update btop. 2024-06-03 18:34:55 +01:00
REmerald
f9442e8258 fix(systemd-oomd): add app.slice and session.slice paths 2024-06-03 17:52:34 +01:00
curiosityseeker
8dff2ddd72
polkit-kde-authentication-agent update (#345) 
* Update polkit-kde-authentication-agent

needs mediate_deleted

* Update main.flags

* Update polkit-kde-authentication-agent

* Update polkit-kde-authentication-agent
 2024-06-02 20:19:43 +00:00
valoq
bb772167f0
add multiple profiles (#341) 
* add multiple profiles
 2024-05-31 10:47:01 +00:00
Alexandre Pujol
45ae8f5d27
feat(abs): add pgrep. 2024-05-30 21:08:03 +01:00
Alexandre Pujol
3f688be7a0
feat(profile): general update. 2024-05-30 21:03:39 +01:00
Alexandre Pujol
89abbae6bd
Merge branch 'feat/aa' 
Improve go apparmor lib.

* aa: (62 commits)
  feat(aa): handle appending value to defined variables.
  chore(aa): cosmetic.
  fix: userspace prebuild test.
  chore: cleanup unit test.
  feat(aa): improve log conversion.
  feat(aa): move conversion function to its own file & add unit tests.
  fix: go linter issue & not defined variables.
  tests(aa): improve aa unit tests.
  tests(aa): improve rules unit tests.
  feat(aa): ensure the prebuild jobs are working.
  feat(aa): add more unit tests.
  chore(aa): cleanup.
  feat(aa): Move sort, merge and format methods to the rules interface.
  feat(aa): add the hat template.
  feat(aa): add the Kind struct to manage aa rules.
  feat(aa): cleanup rules methods.
  feat(aa): add function to resolve include preamble.
  feat(aa): updaqte mount flags order.
  feat(aa): update default tunable selection.
  feat(aa): parse apparmor preamble files.
  ...
 2024-05-30 19:29:34 +01:00
fira959
d12db8a8dc
Minor improvements (#336) 
* Update audio-client

* Update mpv

* Update mutt

add common mail dir

* Update apparmor.d

* Update mutt

* Update mutt

* Update mutt

* Update mutt

* Update mutt
 2024-05-30 17:51:57 +00:00
Alexandre Pujol
bc216176a3
fix: go linter issue & not defined variables. 2024-05-30 12:28:12 +01:00
curiosityseeker
adccd0066a
Fix typo in @{text_edirors} (#338) 
* Fix typo in multiarch.d/programs

* Fix typo in multirach.d/paths

* Fix typo in abstractions/app-open
 2024-05-29 20:41:23 +00:00
curiosityseeker
94d9570230
Firefox: using stacking for glxtest and vaapitest (#337) 
The current implementation results in the following errors for the Firefox profile:

 @{lib}/firefox/glxtest rix -> firefox-glxtest,  # no new privs

@{lib}/firefox/vaapitest rix -> firefox-vaapitest,   # no new privs

Using stacking as suggested on https://apparmor.pujol.io/development/structure/#no-new-privileges gets rid of these errors.
 2024-05-29 20:41:01 +00:00
Alexandre Pujol
c785b41451
feat(profile): general update. 2024-05-18 22:35:05 +01:00
Alexandre Pujol
7d1380530a
feat(profile): update steam profiles. 
- Still a wip stage
- Not shipped by default
 2024-05-18 15:02:20 +01:00
Alexandre Pujol
5e6af16580
feat(profile): small improvment on systemd profiles. 2024-05-18 13:09:25 +01:00
fira959
d40812ec2f
Profile fixes (#334) 
* Update discord

fix path

* Update signal-desktop-chrome-sandbox

* Update signal-desktop
 2024-05-17 11:44:15 +00:00