mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-01-18 08:58:15 +01:00
feat(flags): cleanup and enforce some profiles.
This commit is contained in:
Alexandre Pujol
parent
6f06587b85
commit
d23348c689
1 changed files with 12 additions and 147 deletions
|
|
@ -29,9 +29,8 @@ cockpit-ssh complain
|
|||
cockpit-tls complain
|
||||
cockpit-ws complain
|
||||
cockpit-wsinstance-factory complain
|
||||
colord-sane complain
|
||||
colord-session complain
|
||||
containerd-shim-runc-v2 attach_disconnected,complain
|
||||
ctop complain
|
||||
cups-backend-beh complain
|
||||
cups-backend-brf complain
|
||||
cups-backend-dnssd complain
|
||||
|
|
@ -68,7 +67,6 @@ gdisk complain
|
|||
gdm-runtime-config complain
|
||||
gdm-x-session attach_disconnected,complain
|
||||
gdm-xsession complain
|
||||
git complain
|
||||
glib-compile-resources complain
|
||||
gnome-browser-connector-host complain
|
||||
gnome-characters complain
|
||||
|
|
@ -80,12 +78,11 @@ gnome-extension-manager complain
|
|||
gnome-music complain
|
||||
gnome-photos-thumbnailer complain
|
||||
gnome-remote-desktop-daemon complain
|
||||
gnome-shell attach_disconnected,complain
|
||||
gnome-shell attach_disconnected,mediate_deleted,complain
|
||||
gnome-software complain
|
||||
gnome-system-monitor attach_disconnected,complain
|
||||
gnome-terminal-server complain
|
||||
gnome-tweaks complain
|
||||
gpg complain
|
||||
grub-bios-setup complain
|
||||
grub-editenv complain
|
||||
grub-file complain
|
||||
|
|
@ -127,13 +124,15 @@ iwctl complain
|
|||
iwd complain
|
||||
kernel-install complain
|
||||
kmod attach_disconnected,complain
|
||||
landscape-sysinfo complain
|
||||
landscape-sysinfo.wrapper complain
|
||||
last complain
|
||||
lastlog complain
|
||||
libvirt-dbus complain
|
||||
libvirtd attach_disconnected,complain
|
||||
locale-gen complain
|
||||
localectl complain
|
||||
login complain
|
||||
login attach_disconnected,complain
|
||||
loginctl complain
|
||||
lvm complain
|
||||
lvmconfig complain
|
||||
|
|
@ -146,16 +145,16 @@ ModemManager attach_disconnected,complain
|
|||
molly-guard complain
|
||||
mount complain
|
||||
nautilus complain
|
||||
nvidia-detector complain
|
||||
nvidia-persistenced complain
|
||||
needrestart attach_disconnected,complain
|
||||
needrestart-iucode-scan-versions complain
|
||||
networkctl complain
|
||||
networkctl attach_disconnected,complain
|
||||
networkd-dispatcher complain
|
||||
nft complain
|
||||
nmap complain
|
||||
nmcli complain
|
||||
nullmailer-send complain
|
||||
nvidia-detector complain
|
||||
nvidia-persistenced complain
|
||||
os-prober attach_disconnected,complain
|
||||
packagekitd attach_disconnected,complain
|
||||
pass-import complain
|
||||
|
|
@ -171,8 +170,8 @@ plymouth-set-default-theme attach_disconnected,complain
|
|||
plymouthd complain
|
||||
power-profiles-daemon attach_disconnected,complain
|
||||
qemu-ga complain
|
||||
repo complain
|
||||
remmina complain
|
||||
repo complain
|
||||
resolvconf complain
|
||||
run-parts complain
|
||||
runuser complain
|
||||
|
|
@ -195,7 +194,7 @@ ss complain
|
|||
ssh complain
|
||||
sshd attach_disconnected,complain
|
||||
ssservice complain
|
||||
steam complain
|
||||
steam attach_disconnected,mediate_deleted,complain
|
||||
steam-fossilize attach_disconnected,complain
|
||||
steam-game attach_disconnected,complain
|
||||
steam-gameoverlayui complain
|
||||
|
|
@ -208,15 +207,13 @@ swtpm complain
|
|||
swtpm_ioctl complain
|
||||
swtpm_localca complain
|
||||
swtpm_setup complain
|
||||
sysctl complain
|
||||
systemd-analyze complain
|
||||
systemd-ask-password complain
|
||||
systemd-backlight complain
|
||||
systemd-binfmt attach_disconnected,complain
|
||||
systemd-cat complain
|
||||
systemd-cgls complain
|
||||
systemd-cgtop complain
|
||||
systemd-coredump attach_disconnected,complain
|
||||
systemd-coredump attach_disconnected,mediate_deleted,complain
|
||||
systemd-cryptsetup complain
|
||||
systemd-dissect complain
|
||||
systemd-environment-d-generator complain
|
||||
|
|
@ -225,17 +222,13 @@ systemd-homed attach_disconnected,complain
|
|||
systemd-homework complain
|
||||
systemd-hostnamed attach_disconnected,complain
|
||||
systemd-hwdb attach_disconnected,complain
|
||||
systemd-id128 complain
|
||||
systemd-inhibit attach_disconnected,complain
|
||||
systemd-localed attach_disconnected,complain
|
||||
systemd-logind attach_disconnected,complain
|
||||
systemd-machine-id-setup complain
|
||||
systemd-machined complain
|
||||
systemd-makefs complain
|
||||
systemd-modules-load complain
|
||||
systemd-mount complain
|
||||
systemd-oomd attach_disconnected,complain
|
||||
systemd-path complain
|
||||
systemd-portabled complain
|
||||
systemd-random-seed complain
|
||||
systemd-remount-fs complain
|
||||
|
|
@ -255,17 +248,15 @@ systemd-userdbd attach_disconnected,complain
|
|||
systemd-userwork complain
|
||||
systemd-vconsole-setup complain
|
||||
systemd-xdg-autostart-generator complain
|
||||
tracker-extract complain
|
||||
udisksctl complain
|
||||
udisksd attach_disconnected,complain
|
||||
umount complain
|
||||
umount.udisks2 complain
|
||||
update-grub complain
|
||||
update-secureboot-policy complain
|
||||
uptimed complain
|
||||
userdbctl complain
|
||||
virt-manager attach_disconnected,complain
|
||||
virtiofsd complain
|
||||
virtiofsd complain,attach_disconnected
|
||||
wg complain
|
||||
wg-quick complain
|
||||
xdg-dbus-proxy attach_disconnected,complain
|
||||
|
|
@ -278,129 +269,3 @@ xdg-permission-store attach_disconnected,complain
|
|||
xdg-user-dirs-gtk-update complain
|
||||
xdm-xsession complain
|
||||
xorg attach_disconnected,complain
|
||||
|
||||
# Profiles not commited yet
|
||||
glib-genmarshal complain
|
||||
glib-gettextize complain
|
||||
glib-mkenums complain
|
||||
gnome-session-custom-session complain
|
||||
gnome-session-inhibit complain
|
||||
gnome-session-quit complain
|
||||
gnome-shell-extension-prefs complain
|
||||
gnome-shell-extension-tool complain
|
||||
gnome-shell-hotplug-sniffer complain
|
||||
gnome-shell-perf-helper complain
|
||||
gnome-shell-perf-tool complain
|
||||
gnome-shell-portal-helper complain
|
||||
gnome-tweak-tool-lid-inhibitor complain
|
||||
homectl complain
|
||||
loginctl complain
|
||||
machinectl complain
|
||||
nfsdcld complain
|
||||
oomctl complain
|
||||
podman attach_disconnected,complain
|
||||
prime-switch complain
|
||||
qrencode complain
|
||||
splunkforwarder complain
|
||||
systemd-bless-boot complain
|
||||
systemd-boot-check-no-failures complain
|
||||
systemd-cgroups-agent
|
||||
systemd-export complain
|
||||
systemd-growfs complain
|
||||
systemd-hibernate-resume complain
|
||||
systemd-import complain
|
||||
systemd-import-fs complain
|
||||
systemd-importd complain
|
||||
systemd-journal-gatewayd complain
|
||||
systemd-journal-remote complain
|
||||
systemd-journal-upload complain
|
||||
systemd-network-generator complain
|
||||
systemd-notify complain
|
||||
systemd-pstore complain
|
||||
systemd-pull complain
|
||||
systemd-quotacheck complain
|
||||
systemd-repart complain
|
||||
systemd-reply-password complain
|
||||
systemd-run complain
|
||||
systemd-socket-activate complain
|
||||
systemd-socket-proxyd complain
|
||||
systemd-stdio-bridge complain
|
||||
systemd-sulogin-shell complain
|
||||
systemd-sysext complain
|
||||
systemd-time-wait-sync complain
|
||||
systemd-xdg-autostart-condition complain
|
||||
timedatectl complain
|
||||
virtiofsd complain
|
||||
virtlockd complain
|
||||
hwsim complain
|
||||
iwdmon complain
|
||||
nvidia-settings complain
|
||||
gkbd-keyboard-display complain
|
||||
mullvad-setup complain
|
||||
|
||||
# Work in Progress
|
||||
bwrap attach_disconnected,complain
|
||||
bwrap-default attach_disconnected,mediate_deleted,complain
|
||||
cni-bridge complain
|
||||
cni-firewall complain
|
||||
cni-portmap complain
|
||||
cni-tuning complain
|
||||
ctop complain
|
||||
dbus-broker complain
|
||||
dbus-broker-launch complain
|
||||
fprintd-delete complain
|
||||
fprintd-enroll complain
|
||||
fprintd-list complain
|
||||
fprintd-verify complain
|
||||
install-catalog complain
|
||||
lazydocker complain
|
||||
losetup complain
|
||||
modprobed-db complain
|
||||
mount-ntfs-3g complain
|
||||
multipathd complain
|
||||
rpc.idmapd complain
|
||||
rpc.mountd complain
|
||||
rpc.statd complain
|
||||
rpcbind complain
|
||||
smbspool complain
|
||||
tomb complain
|
||||
tomb-kdb-pbkdf2 complain
|
||||
virt-aa-helper complain
|
||||
virtlogd complain
|
||||
virtnetworkd complain
|
||||
virtnodedevd complain
|
||||
virtqemud attach_disconnected,complain
|
||||
virtstoraged attach_disconnected,complain
|
||||
virtxend attach_disconnected,complain
|
||||
|
||||
# Debian server dev
|
||||
cracklib-packer complain
|
||||
cron-cracklib complain
|
||||
cron-etckeeper complain
|
||||
cron-sysstat complain
|
||||
sysstat complain
|
||||
update-cracklib complain
|
||||
|
||||
# Ubuntu
|
||||
|
||||
# Whonix
|
||||
mate-notification-daemon complain
|
||||
|
||||
# Flatpak slow dev
|
||||
flatpak-oci-authenticator complain
|
||||
flatpak-portal attach_disconnected,complain
|
||||
flatpak-system-helper complain
|
||||
flatpak-validate-icon complain
|
||||
|
||||
# GDM
|
||||
gdm-host-chooser complain
|
||||
gdm-simple-chooser complain
|
||||
|
||||
# Simple when used for extension, more complex for javascript based gnome app.
|
||||
gjs-console attach_disconnected,complain
|
||||
|
||||
# Not easy
|
||||
portmaster-start complain
|
||||
|
||||
# Require firewall rules for firewalld first
|
||||
firewall-applet complain
|
||||
|
|
|
|||
Loading…
Reference in a new issue