diff --git a/README.md b/README.md index e80b620b..cb6fd0fa 100644 --- a/README.md +++ b/README.md @@ -31,7 +31,7 @@ most Linux based applications and processes. - Support all distributions that support AppArmor: * Archlinux * Ubuntu 22.04 - * Debian 11 + * Debian 12 * OpenSUSE Tumbleweed - Support all major desktop environments: * Currently only Gnome diff --git a/cmd/prebuild/main.go b/cmd/prebuild/main.go index 0808e2a8..64a0d6d7 100644 --- a/cmd/prebuild/main.go +++ b/cmd/prebuild/main.go @@ -11,7 +11,6 @@ import ( "github.com/roddhjav/apparmor.d/pkg/logging" "github.com/roddhjav/apparmor.d/pkg/prebuild" - "golang.org/x/exp/slices" ) const usage = `prebuild [-h] [--full] [--complain] @@ -48,9 +47,6 @@ func aaPrebuild() error { if complain { prebuild.Builds = append(prebuild.Builds, prebuild.BuildComplain) } - if slices.Contains([]string{"debian", "whonix"}, prebuild.Distribution) { - prebuild.Builds = append(prebuild.Builds, prebuild.BuildABI) - } if err := prebuild.Prepare(); err != nil { return err @@ -65,9 +61,6 @@ func aaPrebuild() error { if complain { logging.Bullet("Set complain flag on all profiles") } - if slices.Contains([]string{"debian", "whonix"}, prebuild.Distribution) { - logging.Bullet("%s does not support abi 3.0 yet", prebuild.Distribution) - } return nil } diff --git a/dists/debian/abstractions/gtk b/dists/debian/abstractions/gtk deleted file mode 100644 index b16571d2..00000000 --- a/dists/debian/abstractions/gtk +++ /dev/null @@ -1,53 +0,0 @@ -# vim:syntax=apparmor -# ------------------------------------------------------------------ -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of version 2 of the GNU General Public -# License published by the Free Software Foundation. -# -# ------------------------------------------------------------------ - - /usr/share/themes/{,**} r, - - /usr/share/gtksourceview-[0-9]*/{,**} r, - - /usr/share/gtk-2.0/ r, - /usr/share/gtk-2.0/gtkrc r, - - /usr/share/gtk-3.0/ r, - /usr/share/gtk-3.0/settings.ini r, - - /etc/gtk-2.0/ r, - /etc/gtk-2.0/gtkrc r, - - /etc/gtk-3.0/ r, - /etc/gtk-3.0/*.conf r, - - /etc/gtk/gtkrc r, - - owner @{HOME}/.themes/{,**} r, - owner @{HOME}/.local/share/themes/{,**} r, - - owner @{HOME}/.gtk r, - owner @{HOME}/.gtkrc r, - owner @{HOME}/.gtkrc-2.0 r, - owner @{HOME}/.gtk-bookmarks r, - owner @{HOME}/.config/gtkrc r, - owner @{HOME}/.config/gtkrc-2.0 r, - owner @{HOME}/.config/gtk-3.0/ rw, - owner @{HOME}/.config/gtk-3.0/settings.ini r, - owner @{HOME}/.config/gtk-3.0/bookmarks r, - owner @{HOME}/.config/gtk-3.0/gtk.css r, - - # for gtk file dialog - owner @{HOME}/.config/gtk-2.0/ rw, - owner @{HOME}/.config/gtk-2.0/gtkfilechooser.ini* rw, - - # .Xauthority file required for X connections - owner @{HOME}/.Xauthority r, - - # Xsession errors file - owner @{HOME}/.xsession-errors w, - - # Include additions to the abstraction - include if exists \ No newline at end of file diff --git a/dists/debian/tunables/multiarch.d/etc b/dists/debian/tunables/multiarch.d/etc deleted file mode 100644 index 54cb94bf..00000000 --- a/dists/debian/tunables/multiarch.d/etc +++ /dev/null @@ -1,21 +0,0 @@ -# ------------------------------------------------------------------ -# -# Copyright (C) 2020 Christian Boltz -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of version 2 of the GNU General Public -# License published by the Free Software Foundation. -# -# ------------------------------------------------------------------ - -# @{etc_ro} contains a space-separated list of the system configuration directories. -# Traditionally this means /etc/, but when using a read-only / filesystem and/or -# with the goal of having only user-modified config files in /etc/, directories -# like /usr/etc/ get introduced for storing the default config. - -# @{etc_ro} contains read-only directories with configuration files. -# Do not use @{etc_ro} in rules that allow write access. -@{etc_ro}=/etc/ /usr/etc/ - -# @{etc_rw} contains directories where writing to configuration files is allowed. -@{etc_rw}=/etc/ diff --git a/docs/index.md b/docs/index.md index 9ec8c73e..7d50ff99 100644 --- a/docs/index.md +++ b/docs/index.md @@ -31,7 +31,7 @@ See the [Concepts](concepts) page for more detail on the architecture. - Support all distributions that support AppArmor: * [:material-arch: Archlinux](/install/#archlinux) * [:material-ubuntu: Ubuntu 22.04](/install/#ubuntu-debian) - * [:material-debian: Debian 11](/install/#ubuntu-debian) + * [:material-debian: Debian 12](/install/#ubuntu-debian) * [:simple-suse: OpenSUSE Tumbleweed](/install/#opensuse) - Support all major desktop environments: * Currently only :material-gnome: Gnome diff --git a/pkg/prebuild/build.go b/pkg/prebuild/build.go index 62b14a32..2c0690b4 100644 --- a/pkg/prebuild/build.go +++ b/pkg/prebuild/build.go @@ -28,7 +28,6 @@ type BuildFunc func(string) string // Set complain flag on all profiles func BuildComplain(profile string) string { - flags := []string{} matches := regFlag.FindStringSubmatch(profile) if len(matches) != 0 { @@ -58,8 +57,3 @@ func BuildUserspace(profile string) string { } return profile } - -// Remove abi header for distributions that do not support it -func BuildABI(profile string) string { - return regABI.ReplaceAllLiteralString(profile, "") -} diff --git a/pkg/prebuild/prepare.go b/pkg/prebuild/prepare.go index 8cae7f6b..50cb75da 100644 --- a/pkg/prebuild/prepare.go +++ b/pkg/prebuild/prepare.go @@ -132,14 +132,6 @@ func Configure() (err error) { if err := copyTo(DistDir.Join("ubuntu"), RootApparmord); err != nil { return err } - if Distribution == "ubuntu" { - break - } - - // Copy debian specific profiles - if err := copyTo(DistDir.Join("debian"), RootApparmord); err != nil { - return err - } default: return fmt.Errorf("%s is not a supported distribution", Distribution)