mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-12-23 21:46:44 +01:00
feat: support for debian 12, drop support for debian 11.
This commit is contained in:
parent
a78f6c7757
commit
a1946aa171
7 changed files with 2 additions and 97 deletions
|
@ -31,7 +31,7 @@ most Linux based applications and processes.
|
|||
- Support all distributions that support AppArmor:
|
||||
* Archlinux
|
||||
* Ubuntu 22.04
|
||||
* Debian 11
|
||||
* Debian 12
|
||||
* OpenSUSE Tumbleweed
|
||||
- Support all major desktop environments:
|
||||
* Currently only Gnome
|
||||
|
|
|
@ -11,7 +11,6 @@ import (
|
|||
|
||||
"github.com/roddhjav/apparmor.d/pkg/logging"
|
||||
"github.com/roddhjav/apparmor.d/pkg/prebuild"
|
||||
"golang.org/x/exp/slices"
|
||||
)
|
||||
|
||||
const usage = `prebuild [-h] [--full] [--complain]
|
||||
|
@ -48,9 +47,6 @@ func aaPrebuild() error {
|
|||
if complain {
|
||||
prebuild.Builds = append(prebuild.Builds, prebuild.BuildComplain)
|
||||
}
|
||||
if slices.Contains([]string{"debian", "whonix"}, prebuild.Distribution) {
|
||||
prebuild.Builds = append(prebuild.Builds, prebuild.BuildABI)
|
||||
}
|
||||
|
||||
if err := prebuild.Prepare(); err != nil {
|
||||
return err
|
||||
|
@ -65,9 +61,6 @@ func aaPrebuild() error {
|
|||
if complain {
|
||||
logging.Bullet("Set complain flag on all profiles")
|
||||
}
|
||||
if slices.Contains([]string{"debian", "whonix"}, prebuild.Distribution) {
|
||||
logging.Bullet("%s does not support abi 3.0 yet", prebuild.Distribution)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
|
|
|
@ -1,53 +0,0 @@
|
|||
# vim:syntax=apparmor
|
||||
# ------------------------------------------------------------------
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
# License published by the Free Software Foundation.
|
||||
#
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
/usr/share/themes/{,**} r,
|
||||
|
||||
/usr/share/gtksourceview-[0-9]*/{,**} r,
|
||||
|
||||
/usr/share/gtk-2.0/ r,
|
||||
/usr/share/gtk-2.0/gtkrc r,
|
||||
|
||||
/usr/share/gtk-3.0/ r,
|
||||
/usr/share/gtk-3.0/settings.ini r,
|
||||
|
||||
/etc/gtk-2.0/ r,
|
||||
/etc/gtk-2.0/gtkrc r,
|
||||
|
||||
/etc/gtk-3.0/ r,
|
||||
/etc/gtk-3.0/*.conf r,
|
||||
|
||||
/etc/gtk/gtkrc r,
|
||||
|
||||
owner @{HOME}/.themes/{,**} r,
|
||||
owner @{HOME}/.local/share/themes/{,**} r,
|
||||
|
||||
owner @{HOME}/.gtk r,
|
||||
owner @{HOME}/.gtkrc r,
|
||||
owner @{HOME}/.gtkrc-2.0 r,
|
||||
owner @{HOME}/.gtk-bookmarks r,
|
||||
owner @{HOME}/.config/gtkrc r,
|
||||
owner @{HOME}/.config/gtkrc-2.0 r,
|
||||
owner @{HOME}/.config/gtk-3.0/ rw,
|
||||
owner @{HOME}/.config/gtk-3.0/settings.ini r,
|
||||
owner @{HOME}/.config/gtk-3.0/bookmarks r,
|
||||
owner @{HOME}/.config/gtk-3.0/gtk.css r,
|
||||
|
||||
# for gtk file dialog
|
||||
owner @{HOME}/.config/gtk-2.0/ rw,
|
||||
owner @{HOME}/.config/gtk-2.0/gtkfilechooser.ini* rw,
|
||||
|
||||
# .Xauthority file required for X connections
|
||||
owner @{HOME}/.Xauthority r,
|
||||
|
||||
# Xsession errors file
|
||||
owner @{HOME}/.xsession-errors w,
|
||||
|
||||
# Include additions to the abstraction
|
||||
include if exists <abstractions/gtk.d>
|
|
@ -1,21 +0,0 @@
|
|||
# ------------------------------------------------------------------
|
||||
#
|
||||
# Copyright (C) 2020 Christian Boltz
|
||||
#
|
||||
# This program is free software; you can redistribute it and/or
|
||||
# modify it under the terms of version 2 of the GNU General Public
|
||||
# License published by the Free Software Foundation.
|
||||
#
|
||||
# ------------------------------------------------------------------
|
||||
|
||||
# @{etc_ro} contains a space-separated list of the system configuration directories.
|
||||
# Traditionally this means /etc/, but when using a read-only / filesystem and/or
|
||||
# with the goal of having only user-modified config files in /etc/, directories
|
||||
# like /usr/etc/ get introduced for storing the default config.
|
||||
|
||||
# @{etc_ro} contains read-only directories with configuration files.
|
||||
# Do not use @{etc_ro} in rules that allow write access.
|
||||
@{etc_ro}=/etc/ /usr/etc/
|
||||
|
||||
# @{etc_rw} contains directories where writing to configuration files is allowed.
|
||||
@{etc_rw}=/etc/
|
|
@ -31,7 +31,7 @@ See the [Concepts](concepts) page for more detail on the architecture.
|
|||
- Support all distributions that support AppArmor:
|
||||
* [:material-arch: Archlinux](/install/#archlinux)
|
||||
* [:material-ubuntu: Ubuntu 22.04](/install/#ubuntu-debian)
|
||||
* [:material-debian: Debian 11](/install/#ubuntu-debian)
|
||||
* [:material-debian: Debian 12](/install/#ubuntu-debian)
|
||||
* [:simple-suse: OpenSUSE Tumbleweed](/install/#opensuse)
|
||||
- Support all major desktop environments:
|
||||
* Currently only :material-gnome: Gnome
|
||||
|
|
|
@ -28,7 +28,6 @@ type BuildFunc func(string) string
|
|||
|
||||
// Set complain flag on all profiles
|
||||
func BuildComplain(profile string) string {
|
||||
|
||||
flags := []string{}
|
||||
matches := regFlag.FindStringSubmatch(profile)
|
||||
if len(matches) != 0 {
|
||||
|
@ -58,8 +57,3 @@ func BuildUserspace(profile string) string {
|
|||
}
|
||||
return profile
|
||||
}
|
||||
|
||||
// Remove abi header for distributions that do not support it
|
||||
func BuildABI(profile string) string {
|
||||
return regABI.ReplaceAllLiteralString(profile, "")
|
||||
}
|
||||
|
|
|
@ -132,14 +132,6 @@ func Configure() (err error) {
|
|||
if err := copyTo(DistDir.Join("ubuntu"), RootApparmord); err != nil {
|
||||
return err
|
||||
}
|
||||
if Distribution == "ubuntu" {
|
||||
break
|
||||
}
|
||||
|
||||
// Copy debian specific profiles
|
||||
if err := copyTo(DistDir.Join("debian"), RootApparmord); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
default:
|
||||
return fmt.Errorf("%s is not a supported distribution", Distribution)
|
||||
|
|
Loading…
Reference in a new issue