mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-12-24 22:16:41 +01:00
Update Readme.
This commit is contained in:
parent
8a2195dbe6
commit
df16cf23df
1 changed files with 62 additions and 2 deletions
64
README.md
64
README.md
|
@ -6,11 +6,43 @@
|
||||||
|
|
||||||
**Full set of apparmor profiles**
|
**Full set of apparmor profiles**
|
||||||
|
|
||||||
|
> Warning: This project is still in early development.
|
||||||
|
|
||||||
|
|
||||||
|
## Description
|
||||||
|
|
||||||
|
A set of over 800 apparmor profiles which aims is to confine most of Linux base
|
||||||
|
applications and processes.
|
||||||
|
|
||||||
|
**Goals & Purpose**
|
||||||
|
- All distribution that support Apparmor (currenlty Archlinux and Debian),
|
||||||
|
- Target both desktop and server,
|
||||||
|
- Confine all root services (bluetooth, dbus, polkit, networkmanager...),
|
||||||
|
- Confine all Desktop environments (currently only Gnome),
|
||||||
|
- Fully tested (Work in progress),
|
||||||
|
- Should not break a normal usage of the confined software.
|
||||||
|
|
||||||
|
These profiles strive to be fully functional with zero audit log warnings under
|
||||||
|
proper behavior. Functionality is not ignored. If functionality is not
|
||||||
|
explicitly blocked, then it's probably a bug in the profile and should be fixed.
|
||||||
|
|
||||||
|
**Note:** This work is part of a bigger linux security project.
|
||||||
|
|
||||||
|
> This project is based on the excellent work from [Morfikov][upstream] and aims
|
||||||
|
to extend it to more Linux distributions and desktop environements.
|
||||||
|
|
||||||
|
|
||||||
|
## Tests
|
||||||
|
|
||||||
|
A full test suite to ensure compatibility across distributions and softwares is
|
||||||
|
still a work in progress.
|
||||||
|
|
||||||
## Installation
|
## Installation
|
||||||
|
|
||||||
**Requirements**
|
**Requirements**
|
||||||
* An `apparmor` based linux distribution.
|
* An `apparmor` based linux distribution.
|
||||||
* A `systemd` based linux distribution.
|
* A `systemd` based linux distribution.
|
||||||
|
* Base profiles and abstraction shipped with apparmor are supposed to be installed.
|
||||||
|
|
||||||
**Archlinux**
|
**Archlinux**
|
||||||
|
|
||||||
|
@ -26,5 +58,33 @@ Build using standard Debian package build tools:
|
||||||
dpkg-buildpackage -b -d -us -ui --sign-key=<gpg-id>
|
dpkg-buildpackage -b -d -us -ui --sign-key=<gpg-id>
|
||||||
```
|
```
|
||||||
|
|
||||||
[project]: https://gitlab.com/archlex/hardening/apparmor.d
|
## Contribution
|
||||||
[build]: https://gitlab.com/archlex/hardening/apparmor.d/badges/master/pipeline.svg?style=flat-square
|
|
||||||
|
Feedbacks, contributors, pull requests, are all very welcome.
|
||||||
|
|
||||||
|
|
||||||
|
## License
|
||||||
|
|
||||||
|
This program is based on Mikhail Morfikov's [apparmor profiles project][upstream]
|
||||||
|
and thus has the same license (GPL2).
|
||||||
|
|
||||||
|
```
|
||||||
|
Copyright (C) Alexandre PUJOL & Mikhail Morfikov
|
||||||
|
|
||||||
|
This program is free software; you can redistribute it and/or modify
|
||||||
|
it under the terms of the GNU General Public License as published by
|
||||||
|
the Free Software Foundation; version 2 of the License.
|
||||||
|
|
||||||
|
This program is distributed in the hope that it will be useful,
|
||||||
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
GNU General Public License for more details.
|
||||||
|
|
||||||
|
You should have received a copy of the GNU General Public License along
|
||||||
|
with this program; if not, write to the Free Software Foundation, Inc.,
|
||||||
|
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
||||||
|
```
|
||||||
|
|
||||||
|
[upstream]: https://gitlab.com/morfikov/apparmemall
|
||||||
|
[project]: https://gitlab.com/roddhjav/apparmor.d
|
||||||
|
[build]: https://gitlab.com/roddhjav/apparmor.d/badges/master/pipeline.svg?style=flat-square
|
||||||
|
|
Loading…
Reference in a new issue