Commit graph

3071 commits

Author SHA1 Message Date
Alexandre Pujol
2560e9645f
feat(profile): various improvements and update.
Some checks are pending
Ubuntu / check (push) Waiting to run
Ubuntu / build (default, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (default, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / tests (push) Blocked by required conditions
2024-12-25 00:05:36 +01:00
Alexandre Pujol
57ddfd29ce
fix(profile): pacman-hook-systemd: add systemd-tty-ask-password-agent.
fix  #632
2024-12-24 23:56:12 +01:00
Roman Beslik
f8fc1aa387 systemd user ask-password
Some checks are pending
Ubuntu / check (push) Waiting to run
Ubuntu / build (default, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (default, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / tests (push) Blocked by required conditions
2024-12-23 22:49:27 +01:00
Alexandre Pujol
cf1d7504f4
fix(profile): sensors: simplify hwmon access.
fix #628
2024-12-23 22:48:24 +01:00
Roman Beslik
b35c2a0abf non-owner accesses authorized_keys 2024-12-23 22:41:42 +01:00
Alexandre Pujol
01c1562e7c
feat(profile): firefox: better naming of possible attachment. 2024-12-23 22:19:29 +01:00
Alexandre Pujol
7167de932c
feat(profile): firefox: restric access to /tmp 2024-12-23 22:17:35 +01:00
nobody43
edaa45067a fix exec_path bug, ignore skipable files
Some checks failed
Ubuntu / check (push) Has been cancelled
Ubuntu / build (default, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (default, ubuntu-24.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Has been cancelled
Ubuntu / tests (push) Has been cancelled
2024-12-13 18:07:57 +01:00
nobody43
8f4b330407 Update profile_check.py 2024-12-13 18:07:57 +01:00
nobody43
3030c28c05 Update profile_check.py 2024-12-13 18:07:57 +01:00
nobody43
679df325de polishing 2024-12-13 18:07:57 +01:00
nobody43
21b60b4fa3 Update profile_check.py 2024-12-13 18:07:57 +01:00
nobody43
313f2f7f2c Create profile_check.py 2024-12-13 18:07:57 +01:00
Besanon
3721d12a5d
more lxqt-files (#613)
* Create abstraction for lxqt desktop group

first file for the LXQT 2.0 desktop group

* Update lxqt

* xdg-desktop abstraction added

* removing tabs

* Create startlxqt

starter file for LXQT Desktop

* Create startlxqt

* fixing startlxqt

I use sddm as display manager

I cant remove the other file - only use graphical env., sorry

After startlxqt i would add  2 lines to sddm to enable the start of LXQT desktop

* Delete apparmor.d/profiles-s-z/startlxqt

* indented by 2 spaces (like other entries)

* Update sddm

Enable sddm to start an lxqt desktop session

* Create lxqt-session

lxqt-session to be started by startlxqt. Display manager: sddm

* Update lxqt-session

* Update lxqt-session

* removed trailing whitespace

* Update kscreen_backend_launcher to support lxqt desktop

is needed for several complaints:
DENIED  kscreen_backend_launcher open owner @{user_config_dirs}/lxqt/lxqt.conf comm=kscreen_backend requested_mask=r denied_mask=r
DENIED  kscreen_backend_launcher open /usr/share/lxqt/lxqt.conf comm=kscreen_backend requested_mask=r denied_mask=r
DENIED  kscreen_backend_launcher open owner @{user_config_dirs}/lxqt/session.conf comm=kscreen_backend requested_mask=r denied_mask=r
DENIED  kscreen_backend_launcher open /usr/share/lxqt/session.conf comm=kscreen_backend requested_mask=r denied_mask=r

* Update lxqt-session

* Create lxqt-panel

* Update lxqt-panel

* Update lxqt-panel

* Update lxqt-panel

* fix conflicting x

* Update lxqt-panel

add child-open

* remove  include <abstractions/app-launcher-user>

you think its too permissive to have app-launcher-user here, right?

* Update lxqt-panel

add needed programs

* Update lxqt-panel

turning back to layout of corresponding xfce file.

* Create lxqt-globalkeysd

* Create lxqt-about

* Create lxqt-leave

* Create lxqt-runner

* Update lxqt-leave

* Update lxqt-runner

* Update lxqt-globalkeysd

* remove video in lxqt-about

* Update lxqt-about

* Update lxqt-runner

* remove abstr. in lxqt-globalkeysd

* remove abstr. in lxqt-runner

* remove abstr. in lxqt-leave

* Create lxqt-config-notificationd

* Create lxqt-config-locale

* Create lxqt-config-printer

* Create lxqt-config-file-associations

* Create lxqt-config-powermanagement

* enable wayland-session for lxqt 2.1

startlxqtwayland for starting the session, support for labwc and kwin_wayland

* Update lxqt-config-printer

* Update lxqt-config-powermanagement

* Update sddm

* Update sddm

* adapt pci-rules

ok, havent seen this profile yet. I will change that in lxqt-powermanagement as well and check the other profiles

* Update lxqt-config-powermanagement

* Update lxqt-config-powermanagement

* Update lxqt-config-powermanagement

* Update lxqt-config-powermanagement
2024-12-13 18:06:59 +01:00
odomingao
6dcb6c0362 Add wttrbar 2024-12-13 18:05:53 +01:00
Alex
c8cbeac9b2 fix(profile): snapd
Some checks are pending
Ubuntu / check (push) Waiting to run
Ubuntu / build (default, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (default, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / tests (push) Blocked by required conditions
2024-12-12 22:52:55 +01:00
Alex
64ed654fdf fix(profile): cron communication with dbus. 2024-12-12 22:52:55 +01:00
Alexandre Pujol
c8b1751f37 fix(profile): snap integration with dbus. 2024-12-12 22:52:55 +01:00
Alexandre Pujol
c7030f16a6 feat(profile): minor update. 2024-12-12 22:52:55 +01:00
Alexandre Pujol
14e9fea29a feat: improve dbus integration for chsh, better handling of generic needrestart. 2024-12-12 22:52:55 +01:00
Alexandre Pujol
3690a4c327 fix: apparmor parser inside snap. 2024-12-12 22:52:55 +01:00
Alexandre Pujol
94bf2495e3 feat(profile): needrestart improve mqueue rule. 2024-12-12 22:52:55 +01:00
Alexandre Pujol
212b8dcf54
feat(profile): improve some core profiles.
Some checks failed
Ubuntu / check (push) Has been cancelled
Ubuntu / build (default, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (default, ubuntu-24.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Has been cancelled
Ubuntu / tests (push) Has been cancelled
2024-11-29 15:34:10 +00:00
odomingao
3cc7f82d30 Fix typo
Some checks failed
Ubuntu / check (push) Has been cancelled
Ubuntu / build (default, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (default, ubuntu-24.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Has been cancelled
Ubuntu / tests (push) Has been cancelled
2024-11-24 19:39:04 +00:00
valoq
e5ed979ce1
add profile for swayimg (#612)
Some checks are pending
Ubuntu / check (push) Waiting to run
Ubuntu / build (default, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (default, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / tests (push) Blocked by required conditions
* add profile for swayimg

* fix exec
2024-11-23 21:03:42 +00:00
Besanon
7acd9079a2
add more lxqt files (#600)
Some checks are pending
Ubuntu / check (push) Waiting to run
Ubuntu / build (default, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (default, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Blocked by required conditions
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Blocked by required conditions
Ubuntu / tests (push) Blocked by required conditions
* Create abstraction for lxqt desktop group

first file for the LXQT 2.0 desktop group

* Update lxqt

* xdg-desktop abstraction added

* removing tabs

* Create startlxqt

starter file for LXQT Desktop

* Create startlxqt

* fixing startlxqt

I use sddm as display manager

I cant remove the other file - only use graphical env., sorry

After startlxqt i would add  2 lines to sddm to enable the start of LXQT desktop

* Delete apparmor.d/profiles-s-z/startlxqt

* indented by 2 spaces (like other entries)

* Update sddm

Enable sddm to start an lxqt desktop session

* Create lxqt-session

lxqt-session to be started by startlxqt. Display manager: sddm

* Update lxqt-session

* Update lxqt-session

* removed trailing whitespace

* Update kscreen_backend_launcher to support lxqt desktop

is needed for several complaints:
DENIED  kscreen_backend_launcher open owner @{user_config_dirs}/lxqt/lxqt.conf comm=kscreen_backend requested_mask=r denied_mask=r
DENIED  kscreen_backend_launcher open /usr/share/lxqt/lxqt.conf comm=kscreen_backend requested_mask=r denied_mask=r
DENIED  kscreen_backend_launcher open owner @{user_config_dirs}/lxqt/session.conf comm=kscreen_backend requested_mask=r denied_mask=r
DENIED  kscreen_backend_launcher open /usr/share/lxqt/session.conf comm=kscreen_backend requested_mask=r denied_mask=r

* Update lxqt-session

* Create lxqt-panel

* Update lxqt-panel

* Update lxqt-panel

* Update lxqt-panel

* fix conflicting x

* Update lxqt-panel

add child-open

* remove  include <abstractions/app-launcher-user>

you think its too permissive to have app-launcher-user here, right?

* Update lxqt-panel

add needed programs

* Update lxqt-panel

turning back to layout of corresponding xfce file.

* Create lxqt-globalkeysd

* Create lxqt-about

* Create lxqt-leave

* Create lxqt-runner

* Update lxqt-leave

* Update lxqt-runner

* Update lxqt-globalkeysd

* remove video in lxqt-about

* Update lxqt-about

* Update lxqt-runner

* remove abstr. in lxqt-globalkeysd

* remove abstr. in lxqt-runner

* remove abstr. in lxqt-leave
2024-11-23 17:44:18 +00:00
doublez13
8efdc5d8e3
Add profile for iftop (#604)
Some checks failed
Ubuntu / check (push) Has been cancelled
Ubuntu / build (default, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (default, ubuntu-24.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Has been cancelled
Ubuntu / tests (push) Has been cancelled
* Add profile for iftop

* iftop: clean up formatting
2024-11-21 21:12:02 +00:00
Alexandre Pujol
044f80b1db
feat(tunable): unify some XDG and user dirs varibale name. 2024-11-21 20:59:06 +00:00
Alexandre Pujol
cb86f1c076
feat(profile): general update. 2024-11-21 20:37:39 +00:00
Alexandre Pujol
65f2d21558
feat(profile): add profile for tecla. 2024-11-21 20:37:39 +00:00
Alexandre Pujol
36d787fa44
feat(abs): add abstraction/webkit. 2024-11-21 20:37:39 +00:00
Alexandre Pujol
33a66ef6a2
fix(integration): disable needrestart test due to upstream issue.
Some checks failed
Ubuntu / check (push) Has been cancelled
Ubuntu / build (default, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (default, ubuntu-24.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Has been cancelled
Ubuntu / tests (push) Has been cancelled
2024-11-21 20:22:52 +00:00
Alexandre Pujol
23eb08344c
fix(tunable): udbus can be any hex up to 16. 2024-11-21 20:02:16 +00:00
Alexandre Pujol
3960f20f00
feat(profile): add needrestart-vmlinuz-get-version & tests for needrestart. 2024-11-21 19:39:55 +00:00
Alexandre Pujol
5237ab3989
test(integration): add sysctl. 2024-11-21 19:33:07 +00:00
Alexandre Pujol
8d4d17fa34
feat(profile): add fc-match & fc-pattern. 2024-11-21 19:26:57 +00:00
Alexandre Pujol
ffd6ecba5b
fix(tests): ensure fwupdmgr don't fail even if the target does not support firmware update. 2024-11-21 19:15:56 +00:00
Alexandre Pujol
2332f71b17
tests: add groupmod.
Some checks failed
Ubuntu / check (push) Has been cancelled
Ubuntu / build (default, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (default, ubuntu-24.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Has been cancelled
Ubuntu / tests (push) Has been cancelled
2024-11-20 00:14:22 +00:00
Alexandre Pujol
685105a662
tests: add fwupdmgr.bats 2024-11-20 00:12:31 +00:00
Alexandre Pujol
edad2e1984
tests: ensure systemd-homed is started before the homectl test. 2024-11-20 00:11:57 +00:00
Alexandre Pujol
5ef78b1e6c
tests: add dmesg.bats 2024-11-20 00:08:26 +00:00
Alexandre Pujol
4a5fa74e63
tests: enable the homectl tests. 2024-11-19 23:43:17 +00:00
Alexandre Pujol
815e9bfda2
feat(profile): general update.
Some checks failed
Ubuntu / check (push) Has been cancelled
Ubuntu / build (default, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (default, ubuntu-24.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-22.04) (push) Has been cancelled
Ubuntu / build (full-system-policy, ubuntu-24.04) (push) Has been cancelled
Ubuntu / tests (push) Has been cancelled
2024-11-19 23:07:41 +00:00
Alexandre Pujol
df02f7a0fd
tests: remove hanged test 2024-11-19 22:58:42 +00:00
Alexandre Pujol
a61460b60c
feat(abs): add the wine abstraction. 2024-11-19 22:16:18 +00:00
Alexandre Pujol
688317fbe3
feat(abs): vulkan allow write access to builtin_shaders.
See #577
2024-11-19 21:57:54 +00:00
Alexandre Pujol
e149e77538
fix(profile): dhcpcd executes resolvconf
fix #608
2024-11-19 21:52:12 +00:00
Alexandre Pujol
3eba6bef6d
fix(tests): missing sudo in ip integration test. 2024-11-19 21:49:03 +00:00
Alexandre Pujol
4656a49335
fix(ci): remove forced color from github action. 2024-11-19 21:35:39 +00:00
Alexandre Pujol
8df192c1f9
* 'main' of github.com:roddhjav/apparmor.d:
tests: cleanup the basic structure of integration tests.
  Update sysctl
2024-11-19 21:28:14 +00:00