felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
2751 commits 5 branches 0 tags 16 MiB
Commit graph

460 commits

Author SHA1 Message Date
Alexandre Pujol
7a53fc3a99
feat(profile): general updtae. 2024-09-18 18:10:27 +01:00
Alexandre Pujol
cc139f1144
feat(abs): update kde abs with common access. 2024-09-18 18:01:16 +01:00
Alexandre Pujol
619aa709f1
feat(abs): add iceauth to X-strict. 2024-09-18 17:06:04 +01:00
Alexandre Pujol
02d8aaee7f
feat(profile): improve integration with kde 
see #496
 2024-09-18 16:59:44 +01:00
Alexandre Pujol
6fd05f26af
feat(login): allow disconnection from login 
fix #492
 2024-09-17 12:58:41 +01:00
Alexandre Pujol
7858cae330
feat(profile): torbrowser: do not give access to user dirs by default. 
- Remove read-only access to most user dirs.
- Remove read-write access to download directories.

fix #490
 2024-09-16 13:36:29 +01:00
Alexandre Pujol
09401567a4
feat(profile): base the the thunderbird profile from firefox. 2024-09-13 22:39:43 +01:00
Alexandre Pujol
b03b9b05eb
feat(profile): improve kde integration. 
see #484
 2024-09-13 20:41:22 +01:00
Alexandre Pujol
4ccf2156de
fix(abs): base: allow inherited mesa cache 
mesa 24.2 introduced a shader disk cache which is enabled by default, which opens quite a lot of fd. They are not closed and get inherited by child programs.

Denying it can cause crash, so we are allowing it globally while the issue is beeing fixed in mesa.

See: https://gitlab.freedesktop.org/mesa/mesa/-/issues/11810
 2024-09-13 20:07:41 +01:00
Alexandre Pujol
db064b651e
feat(profile): general update. 2024-09-13 19:47:07 +01:00
Alexandre Pujol
1807f1dfe5
feat(tunable): add busmae variable for dbus unique name. 2024-09-13 19:39:51 +01:00
Alexandre Pujol
9e7c4c7ec8
feat(abs): mesa: update cache for desktop users. 2024-09-12 22:18:30 +01:00
Alexandre Pujol
18010b266d
feat(profile): firefox: update dbus & move stacked profile outside of the abs. 2024-09-12 22:17:37 +01:00
Alexandre Pujol
64c2ee5fe9
feat(abs): add app/bus 
Useful to confine dbus access in scripts.
 2024-09-11 19:48:31 +01:00
odomingao
c622f5de93 Add support for controllers in game abstraction 2024-09-11 11:26:47 +00:00
Alexandre Pujol
9cd1939ddc
feat(abs): improve the app-launcher* abs. 2024-09-10 18:41:01 +01:00
Alexandre Pujol
c2bc55dc46
feat(profile): general update. 2024-09-09 20:53:12 +01:00
Alexandre Pujol
c7181ecadf
feat(profile): general update. 2024-09-09 19:57:49 +01:00
Alexandre Pujol
a99fbaa0be
feat(profile): restic some well known path. 2024-09-09 19:47:25 +01:00
Alexandre Pujol
f91fc28711
chore: minor guideline cosmetic. 2024-09-06 21:47:24 +01:00
odomingao
fe86133f49 Update wayland abstraction 2024-09-06 20:42:12 +00:00
odomingao
2e048156ac Update wayland abstraction 2024-09-06 20:42:12 +00:00
Alexandre Pujol
ac2f085d8c
feat(abs): add support for keyfile in dconf. 
fix #460
 2024-09-06 21:40:17 +01:00
Alexandre Pujol
fde8ee6ec6
fix(profile): generic app need access to /var/cache/tmp/ 
fix #465
 2024-09-06 21:32:39 +01:00
Alexandre Pujol
265e3928c1
feat(profile): mesa: mesa_shader_cache_db is often passed as fd. 2024-09-01 20:13:51 +01:00
Alexandre Pujol
aa4f4de6dd
feat(abs): update mesa shader cache paths. 
fix: #450 #451
 2024-09-01 15:17:43 +01:00
Alexandre Pujol
bb1c4e0537
feat(profile): modernise the crontab profile. 
fix #428
 2024-08-28 19:19:21 +01:00
Alexandre Pujol
c13aa711da
feat(abs): add user bin to the app launch abs. 2024-08-28 18:46:35 +01:00
Alexandre Pujol
1655a9f5ab
feat(profile): more kde integration. 
fix #442
 2024-08-28 18:30:39 +01:00
Alexandre Pujol
50831a2fc8
feat(abs): split steam-game abstraction to game and steam-game abstractions. 2024-08-20 21:06:34 +01:00
Alexandre Pujol
788d865939
feat(profile): general update. 2024-08-20 20:56:58 +01:00
Alexandre Pujol
93313422bd
feat(profile): update kde profiles on openSUSE Tumbleweed. 
See #424
 2024-08-20 18:49:52 +01:00
Alexandre Pujol
52a2ae8c23
feat(profile): general update. 
see #422
 2024-07-20 13:13:27 +01:00
Alexandre Pujol
aaf435ece1
feat(profile): general update. 2024-07-19 19:22:32 +01:00
Alexandre Pujol
6cd01064ae
feat(profile): general update. 2024-07-15 23:12:39 +01:00
Alexandre Pujol
d480156e09
feat(profile): general update. 2024-07-06 23:46:06 +01:00
Alexandre Pujol
1675a26fbf
feat(profile): general update. 2024-07-02 22:08:15 +01:00
Alexandre Pujol
c0a081b827
feat(profile): add label for help program. 2024-07-02 22:05:36 +01:00
Alexandre Pujol
2e127ace4b
feat(abs): general update. 2024-06-23 11:17:56 +01:00
Alexandre Pujol
856a9a467e
feat(profile): improve chromium tmp file restriction. 2024-06-23 11:17:01 +01:00
Alexandre Pujol
2710fd3484
feat(profile): ensure steam can update itself. 2024-06-23 11:16:23 +01:00
Alexandre Pujol
747292e954
fix: remove useless audit mode on chromium. 2024-06-16 22:53:16 +01:00
Alexandre Pujol
13b35b156e
feat(abs): add the app/kmod abstraction. 2024-06-16 21:50:48 +01:00
REmerald
41b1489b76 fix: add vim syntax to remaining files 
Add vim syntax modeline to files which didn't have it for some reason.
Continuation of #396.
 2024-06-16 17:32:21 +01:00
REmerald
c1d531525a
fix(abstractions, tunables): move vim modeline 
Move vim syntax comment to the end of the file, separated by newline, as requested in #380.
 2024-06-15 22:01:25 +01:00
REmerald
1206692e51
feat(abstractions): vim syntax highlighting 
Add vim syntax support. See man apparmor.vim(5)
 2024-06-15 22:00:29 +01:00
Alexandre Pujol
275b77d2ac
fix: profile compilation. 2024-06-15 21:59:31 +01:00
Alexandre Pujol
035e1da7b2
feat(abs): add udevadm app abstraction. 2024-06-15 21:59:31 +01:00
Alexandre Pujol
39bfa9a40b
feat(profile): update steam profiles. 2024-06-15 21:59:31 +01:00
REmerald
eb480672f3
fix(abstractions, tunables): move vim modeline 
Move vim syntax comment to the end of the file, separated by newline, as requested in #380.
 2024-06-15 21:59:31 +01:00