mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2025-01-12 07:17:13 +01:00
chore: small fixes and cosmetic.
This commit is contained in:
parent
41c0e57eca
commit
d98621625a
8 changed files with 14 additions and 17 deletions
1
debian/control
vendored
1
debian/control
vendored
|
@ -18,6 +18,7 @@ Depends:
|
||||||
apparmor-profiles,
|
apparmor-profiles,
|
||||||
${shlibs:Depends}
|
${shlibs:Depends}
|
||||||
Conflicts: apparmor-profiles-extra
|
Conflicts: apparmor-profiles-extra
|
||||||
|
Provides: apparmor-profiles-extra
|
||||||
Description: Full set of AppArmor profiles (~ 1500 profiles)
|
Description: Full set of AppArmor profiles (~ 1500 profiles)
|
||||||
apparmor.d is a set of over 1500 AppArmor profiles whose aim is to confine
|
apparmor.d is a set of over 1500 AppArmor profiles whose aim is to confine
|
||||||
most Linux based applications and processes.
|
most Linux based applications and processes.
|
||||||
|
|
|
@ -16,6 +16,7 @@ Source0: %{name}-%{version}.tar.gz
|
||||||
Requires: apparmor-profiles
|
Requires: apparmor-profiles
|
||||||
BuildRequires: distribution-release
|
BuildRequires: distribution-release
|
||||||
BuildRequires: golang-packaging
|
BuildRequires: golang-packaging
|
||||||
|
BuildRequires: apparmor-profiles
|
||||||
|
|
||||||
%description
|
%description
|
||||||
AppArmor.d is a set of over 1500 AppArmor profiles whose aim is to confine most Linux based applications and processes.
|
AppArmor.d is a set of over 1500 AppArmor profiles whose aim is to confine most Linux based applications and processes.
|
||||||
|
|
|
@ -80,7 +80,7 @@ build_in_docker_dpkg() {
|
||||||
--env DISTRIBUTION="$target" "$BASEIMAGE/$dist"
|
--env DISTRIBUTION="$target" "$BASEIMAGE/$dist"
|
||||||
docker exec "$img" sudo apt-get update -q
|
docker exec "$img" sudo apt-get update -q
|
||||||
docker exec "$img" sudo apt-get install -y config-package-dev rsync
|
docker exec "$img" sudo apt-get install -y config-package-dev rsync
|
||||||
[[ "$COMMAND" == debian ]] && aptopt=(-t bookworm-backports)
|
[[ "$dist" == debian ]] && aptopt=(-t bookworm-backports)
|
||||||
docker exec "$img" sudo apt-get install -y "${aptopt[@]}" golang-go
|
docker exec "$img" sudo apt-get install -y "${aptopt[@]}" golang-go
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
|
@ -11,3 +11,7 @@ apparmor.d/groups/ubuntu
|
||||||
# Whonix specific definition
|
# Whonix specific definition
|
||||||
apparmor.d/groups/whonix
|
apparmor.d/groups/whonix
|
||||||
apparmor.d/tunables/home.d/whonix
|
apparmor.d/tunables/home.d/whonix
|
||||||
|
|
||||||
|
# Profiles provided by they own package
|
||||||
|
libvirt
|
||||||
|
virt-aa-helper
|
||||||
|
|
|
@ -1,12 +1,8 @@
|
||||||
# Apparmor ships some unconfined profiles that allow everything and set the
|
# Apparmor 4.0 ships several profiles that allow userns and are otherwise
|
||||||
# userns rules. This file keeps track of them and allow apparmor.d to replace
|
# unconfined. This file keeps track of them and allow apparmor.d to replace
|
||||||
# them by our own.
|
# them by our own.
|
||||||
# File format: one profile name by line.
|
# File format: one profile name by line.
|
||||||
|
|
||||||
# This is managed globally in this file and not in debian/apparmor.d.hide as
|
|
||||||
# it applies to all distributions using apparmor 4.0+. When needed, it is
|
|
||||||
# automatically enabled during prebuild.
|
|
||||||
|
|
||||||
brave
|
brave
|
||||||
chrome
|
chrome
|
||||||
element-desktop
|
element-desktop
|
||||||
|
|
|
@ -93,8 +93,3 @@ type DebianHider struct {
|
||||||
func (d DebianHider) Init() error {
|
func (d DebianHider) Init() error {
|
||||||
return d.path.WriteFile([]byte(Hide))
|
return d.path.WriteFile([]byte(Hide))
|
||||||
}
|
}
|
||||||
|
|
||||||
// Initialize the file with content from Hide
|
|
||||||
func (d DebianHider) Clean() error {
|
|
||||||
return d.path.WriteFile([]byte("# This file is generated by \"make\", all edit will be lost.\n"))
|
|
||||||
}
|
|
||||||
|
|
|
@ -35,7 +35,7 @@ func (p Configure) Apply() ([]string, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
case "ubuntu":
|
case "ubuntu":
|
||||||
if err := cfg.DebianHide.Clean(); err != nil {
|
if err := cfg.DebianHide.Init(); err != nil {
|
||||||
return res, err
|
return res, err
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -71,11 +71,11 @@ func DecodeHexInString(str string) string {
|
||||||
func RemoveDuplicate[T comparable](inlist []T) []T {
|
func RemoveDuplicate[T comparable](inlist []T) []T {
|
||||||
var empty T
|
var empty T
|
||||||
list := []T{}
|
list := []T{}
|
||||||
keys := map[T]bool{}
|
seen := map[T]bool{}
|
||||||
keys[empty] = true
|
seen[empty] = true
|
||||||
for _, item := range inlist {
|
for _, item := range inlist {
|
||||||
if _, ok := keys[item]; !ok {
|
if _, ok := seen[item]; !ok {
|
||||||
keys[item] = true
|
seen[item] = true
|
||||||
list = append(list, item)
|
list = append(list, item)
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue