Alexandre Pujol
88387956de
feat(tunable): add gvfs dir to MOUNTS.
2024-05-06 19:25:31 +01:00
Alexandre Pujol
9924da261f
feat(tunable): reorganise program & path defintions.
2024-05-06 19:25:07 +01:00
Alexandre Pujol
3b41ee93dc
feat(tunable): add the user defined private directories
...
- Add @{XDG_PRIVATE_DIR} & @{user_private_dirs}
- This directories are denied in file browser and search engine.
2024-05-06 19:21:04 +01:00
Jose Maldonado
8224ac2b3f
Fix access to OpenSC configuration ( #326 )
2024-05-06 18:16:39 +00:00
Alexandre Pujol
89f896a0fd
feat(profile): cleanup flatpak share access.
2024-05-05 18:17:52 +01:00
Alexandre Pujol
0ffd70319b
feat(tunable): add @{hex16}
2024-05-05 17:49:45 +01:00
Alexandre Pujol
d544c386f7
fix(profile): ensure PAM & systemd-homed compatibility.
...
see #321
2024-05-05 17:42:32 +01:00
Alexandre Pujol
81f0163086
feat(aa): cleanup, fix import and add some unit tests.
2024-05-05 14:19:25 +01:00
Alexandre Pujol
3ad55927bf
feat(aa): add basic rules getter
2024-05-05 14:11:00 +01:00
Alexandre Pujol
ad81c39e31
feat(aa): remove now unsused rule.Sort method.
2024-05-05 14:10:14 +01:00
Alexandre Pujol
305d06dbe0
feat(aa): rewrite variable handling.
2024-05-05 14:09:00 +01:00
Alexandre Pujol
28f4294774
feat(aa): move the all rule to its own file.
2024-05-05 13:57:15 +01:00
Fusion future
bfd9e9e3d6
plasmashell: add local wallpaper rules ( #324 )
...
Allow plasmashell to access wallpapers in the cache folder and the user
share folder.
2024-05-05 11:47:59 +00:00
Fusion future
06619cef0a
plasmashell: add flatpak mime folder ( #325 )
...
It's read by the krunner plugin.
2024-05-05 11:47:40 +00:00
Alexandre Pujol
1e79d27232
feat(aa): rename identation variables.
2024-05-04 23:54:39 +01:00
Alexandre Pujol
5943e9a24d
test(aa): cleanup unit tests.
2024-05-04 23:45:36 +01:00
Alexandre Pujol
f763d31a07
feat(aa): a Constraint and Kind method to the Rule interface.
2024-05-04 23:41:47 +01:00
Alexandre Pujol
a5c4eab0cf
feat(aa): make preamble rule classic aa rules.
2024-05-04 23:25:55 +01:00
Alexandre Pujol
d69dcad46d
feat(profile): add epiphany.
...
Fix #322
2024-05-04 13:19:03 +01:00
Alexandre Pujol
9dba91296a
fix: typo in abs name.
2024-05-04 00:24:41 +01:00
Alexandre Pujol
f38f1ad651
feat(profile): improve kde profiles.
2024-05-04 00:21:03 +01:00
Alexandre Pujol
683bfed4ad
feat(profile): modernise some profiles.
2024-05-04 00:14:07 +01:00
Alexandre Pujol
40abc98201
feat(profile): general update.
2024-05-03 18:16:12 +01:00
Alexandre Pujol
b636b4b3e9
feat(aa-log): improve the journalctl filter.
2024-05-03 13:01:10 +01:00
Alexandre Pujol
9c0f4dd6a7
fix(aa-log): grep journal logs over apparmor instead of AVC for wider compatibility.
2024-05-03 12:34:08 +01:00
Alexandre Pujol
dfdf50a3d3
fix(build): add msedge to the overwritten list.
2024-05-03 12:32:22 +01:00
Alexandre Pujol
3a90d82a1e
feat: remove the deprecated ucf profile.
2024-05-02 22:27:00 +01:00
Alexandre Pujol
3f69b9fec4
feat(profile): use the new @{tmp} variable.
...
It is only used with the owner statement.
2024-05-02 22:12:02 +01:00
Alexandre Pujol
0bbbe71422
feat(tunable): add the new @{tmp} variable
...
Mostly used to handle libpam-tmpdir. See #318 #320
2024-05-02 21:42:33 +01:00
Alexandre Pujol
511ba6c6a9
feat(aa-log): filter journactl log
2024-05-01 18:25:11 +01:00
Alexandre Pujol
db87c56f37
feat(profile): general update.
2024-05-01 14:22:42 +01:00
Alexandre Pujol
4d9ea026c7
feat(abs): add the fish shell abstraction.
2024-05-01 13:49:51 +01:00
Alexandre Pujol
12c4ab122b
feat(profile): add gnome-firmware.
2024-05-01 12:32:31 +01:00
Alexandre Pujol
e1e96d90dc
feat(profile): add gnome-maps.
2024-05-01 12:30:14 +01:00
Alexandre Pujol
8c84d74fe6
feat(profile): add gnome-weather.
2024-05-01 12:29:48 +01:00
Alexandre Pujol
0787ef9906
feat(profile): add sync.
2024-05-01 12:26:09 +01:00
Alexandre Pujol
19c192685d
feat(profile): add uuidgen.
2024-05-01 12:25:42 +01:00
Alexandre Pujol
01dd9ebb0c
feat(profile): general update.
2024-05-01 12:25:01 +01:00
Alexandre Pujol
a1d6d318cc
feat(profile): tweak the new msedge profiles a bit.
2024-05-01 12:11:43 +01:00
Jose Maldonado aka Yukiteru
fd590e9199
Fix exec_path in profiles for Edge and copyright headers
2024-05-01 11:40:32 +01:00
Jose Maldonado aka Yukiteru
0a941e7d87
Fix for access video devices and opensc in Chromium profile
...
This commit fix two issues for abstractions/app/chromium
1.- Access to /dev/video (not merged in last commit)
2.- Access to /etc/opensc/opensc.conf in Debian (and derivates)
2024-05-01 11:40:32 +01:00
Jose Maldonado aka Yukiteru
d0ea5f50a3
New profile for Microsoft Edge and better support in abstractions/app/chromium
...
This commit add new profile for Microsoft Edge browser and variants (beta,dev).
The new profile is based in actual chrome profile. Tested with actual Edge, in
Debian Stable and enforced rules. All ok using GPU Rasterization and Vulkan, not
HWAccel for encoding video because this is very unstable yet in all Chromium based
browsers.
Add support for libpam-tmpdir for abstractions/app/chromium and all browser using
this absctractions (Chrome, Chromium, Edge, and others). This fix access and use
of browser with libpam-tmpdir installed (Debian and Whonix)
Fix a denied access to RADV user cache (Vulkan-amdgpu) in abstractions/app/chromium
(Vulkan is optional in Chromium-based browser, but the backend is
perfectly usable now).
2024-05-01 11:40:32 +01:00
Alexandre Pujol
065f2233ac
feat(abs): ensure pam-tmpdir-helper is allowed in the auth abs for all distribution.
2024-04-29 11:58:55 +01:00
Alexandre Pujol
af4ee0df00
fix(ci): build tests.
2024-04-28 17:50:07 +01:00
Alexandre Pujol
d2523a434a
doc: update supported DE.
2024-04-28 17:47:07 +01:00
Alexandre Pujol
608b599caf
doc: add a note on debian based install.
2024-04-28 17:34:38 +01:00
Alexandre Pujol
aa94ce1740
build: ensure KDE Neon is in the supported dist list.
...
See #312
2024-04-28 17:17:29 +01:00
Jeroen Rijken
e8eadcc7ec
Cleanup
...
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-04-28 16:25:45 +02:00
Jeroen Rijken
c40bdcece7
Remove temp
...
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-04-28 16:19:01 +02:00
Jeroen Rijken
8b3613fa48
Various updates all over
...
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-04-28 16:08:03 +02:00