apparmor.d

mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-02-07 10:45:09 +01:00

Author	SHA1	Message	Date
Alexandre Pujol	eb1c03949f	feat(abs): improve some abstraction.	2023-08-27 14:40:56 +01:00
Alexandre Pujol	d80b758968	feat(abs): modernize disk-read/write abs.	2023-08-24 19:34:21 +01:00
Alexandre Pujol	25782cb925	feat(abs): devices-usb - remove unneeded udev rule.	2023-08-24 19:32:45 +01:00
Alexandre Pujol	07cfbcd952	feat(profiles): modernize udev access.	2023-08-24 19:31:54 +01:00
Alexandre Pujol	96b8f96137	feat(profiles): general update.	2023-08-22 23:23:47 +01:00
Alexandre Pujol	261778dbb3	revertL dbus session unix address.	2023-08-22 18:54:39 +01:00
Alexandre Pujol	6756ca8138	fix(abs): gstreamer cache structure.	2023-08-21 23:27:35 +01:00
Alexandre Pujol	5dbc42aaab	feat(abs): update some abstractions.	2023-08-21 23:21:14 +01:00
Alexandre Pujol	275d6b6e62	feat(profiles): replace old [0-9]* glob by @{int} Beware some [0-9]* glob are actually not proper @{int}.	2023-08-18 17:09:53 +01:00
Alexandre Pujol	8ea4491a56	fix(abs): some block device use more than int as identifier.	2023-08-18 15:24:22 +01:00
Alexandre Pujol	b2d093e125	feat(abs): restric abstraction by using new @{int} and @{rand} variables.	2023-08-17 21:24:02 +01:00
Alexandre Pujol	557d905543	Merge branch 'tunables' of https://github.com/nobody43/apparmor.d into nobody43-tunables * 'tunables' of https://github.com/nobody43/apparmor.d: dbus temp tails Update apparmor.d Update gdm-runtime-config more unrelated changes adjust date-time random tails rename to int, convert more profiles fixes tunables	2023-08-17 20:01:53 +01:00
curiosityseeker	c2c745888c	Update complete Move entries from child-open to this abstraction.	2023-08-17 19:43:29 +01:00
curiosityseeker	f2511210af	Update complete Adding `kde-open`	2023-08-17 19:43:29 +01:00
curiosityseeker	c409fe84d2	Create complete `child-open` includes the `xdg-open` abstraction which in turn includes the `kde-open5` abstraction which contains `/usr/bin/kde-open5 rix,` but NOT `/usr/bin/kde-open rix,`causing an error.	2023-08-17 19:43:29 +01:00
Alexandre Pujol	03cf850666	feat(profile): support for diverse wayland compositors. See #165	2023-08-06 16:31:49 +02:00
ShellCode	0f9b7cb474	Fix #184 (#185 ) * Replace @{HOME}/.config with @{user_config_dirs} * Replace @{HOME}/.cache with @{user_cache_dirs} * Replace @{HOME}/.local/state with @{user_state_dirs} * Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d * Update docs/variables.md * Replace @{HOME}/.local/share with @{user_share_dirs} * Replace @{HOME}/.local/lib with @{user_lib_dirs} * Revert "Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d" This reverts commit `9525003098`.	2023-07-27 11:20:19 +00:00
Alexandre Pujol	a3d121fe23	feat(kde): improve support for support.	2023-07-20 21:04:22 +01:00
Alexandre Pujol	d2a650f6c6	feat(profiles): improve dbus integration.	2023-07-20 21:00:41 +01:00
Alexandre Pujol	bb71f49598	refactor(profiles): use @{bin} and @{lib} in profiles (1)	2023-07-09 13:20:25 +01:00
Alexandre Pujol	11617131ce	feat(profiles): general update.	2023-07-03 14:09:25 +01:00
Jeroen Rijken	96c79417cc	Add vscodium & thunderbird Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-06-13 17:58:22 +01:00
Alexandre Pujol	3c41453591	feat: better wayland client integration.	2023-05-27 23:54:53 +01:00
Alexandre Pujol	fe2edb31d8	feat(abs): qt5 - additional resource.	2023-04-30 21:50:53 +01:00
Alexandre Pujol	f086f71ba9	feat(firefox): distributions have many paths for ff.	2023-04-30 20:29:22 +01:00
Alexandre Pujol	a95da2e5b8	feat(abs): window_decorations is also needed in gtk abs.	2023-04-30 20:27:45 +01:00
Alexandre Pujol	11506d5416	feat(abs): improve browser entry point handling.	2023-04-25 23:19:48 +01:00
Alexandre Pujol	4523a61425	feat(abs): add floppy disk to disk abs.	2023-04-24 18:57:04 +01:00
Alexandre Pujol	7ddba7230d	feat(profiles): update kde integration. See #134	2023-04-24 18:56:28 +01:00
Alexandre Pujol	538d708ec0	feat(profiles): improve integration with xfce and small fixes. See: #137	2023-04-24 15:15:40 +01:00
Alexandre Pujol	b9b3d0fab1	fix(build): debian specificities build.	2023-04-24 00:01:35 +01:00
Alexandre Pujol	12456486f1	feat(kde): general update.	2023-04-16 19:10:14 +01:00
Alexandre Pujol	c039fe6c99	feat(abs): improve vulkan resource definition.	2023-04-15 11:54:00 +01:00
Alexandre Pujol	e69f997be3	feat(abs): add intel oneapi support.	2023-04-15 11:53:24 +01:00
Alexandre Pujol	5ea6ede589	feat(profile): general update.	2023-04-15 11:52:00 +01:00
Alexandre Pujol	e927145edb	feat(profiles): general update.	2023-03-31 16:52:35 +01:00
Alexandre Pujol	ed4bd4628a	feat: remove conflicting files with upstream. See: #131	2023-03-27 22:59:59 +01:00
Alexandre Pujol	41766ebd2a	feat(profiles): better integration with openSUSE. See #134	2023-03-27 22:22:36 +01:00
Alexandre Pujol	c5098007a5	feat(abs): cleanup abstraction completion. Most of this is already upstreamed.	2023-03-23 17:33:35 +00:00
Alexandre Pujol	0dfce498c8	feat(profiles): general update.	2023-03-19 17:04:51 +00:00
Alexandre Pujol	558cb68f23	feat(profiles): general update.	2023-03-07 17:57:57 +00:00
curiosityseeker	3619065c5a	Update chromium	2023-03-02 18:55:24 +00:00
curiosityseeker	c1adeb8c32	Update chromium keepassxc-proxy rPUX -> rix See issue #128	2023-03-02 18:55:24 +00:00
nobody43	8c0e0a9de1	freedesktop	2023-03-02 17:50:45 +00:00
nobody43	8b4407ca02	fixes	2023-02-22 21:52:55 +00:00
nobody43	a873af1f26	general_initial	2023-02-22 21:52:55 +00:00
Alexandre Pujol	ef292b585c	feat(profiles): first set of rules for Ubuntu Core support.	2023-02-19 18:22:18 +00:00
Alexandre Pujol	d66a8fa082	feat(profiles): general update.	2023-02-19 17:42:05 +00:00
Alexandre Pujol	a8808d3da6	feat(profiles): general update.	2023-02-06 21:25:09 +00:00
Alexandre Pujol	35fcb6fc71	feat(opensuse): desktop integration.	2023-02-04 23:43:18 +00:00
Alexandre Pujol	6061d4981b	feat(profiles): chromium_install_dirs -> chromium_lib_dirs	2023-02-04 19:08:02 +00:00
Alexandre Pujol	f19379c55f	feat(abs): extend deny-sensitive with new user_password_store_dirs var.	2023-02-01 22:34:54 +00:00
Alexandre Pujol	5a722c42a2	feat(profiles): rewrite the vlc profile.	2023-01-26 20:02:33 +00:00
Alexandre Pujol	9343807632	feat(profiles): audit udev on the browsers.	2023-01-24 19:55:50 +00:00
Alexandre Pujol	64ad329dd9	feat(profiles): Cleanup udev rules.	2023-01-19 18:51:16 +00:00
Alexandre Pujol	c59a40ec4e	feat(profiles): general update. See #101	2023-01-15 17:15:26 +00:00
Alexandre Pujol	19d005bf59	feat(profiles): add the @{XDG_WORK_DIR} variable.	2022-12-09 19:13:06 +00:00
Alexandre Pujol	dd232695d3	feat(profiles): refractor all chromium based browsers. All chromium based browser now use the new chromium abstraction.	2022-12-09 18:50:57 +00:00
Alexandre Pujol	bec892b179	fix: disk-write need access to /dev/mapper/ too.	2022-12-07 20:41:07 +00:00
Alexandre Pujol	f8b6dfae5c	fix: ensure sys/device/cpu/possible is in the base abs for all dist.	2022-11-29 20:24:38 +00:00
Alexandre Pujol	1e5d90afe8	feat(profiles): general update.	2022-11-29 12:02:38 +00:00
Alexandre Pujol	fd88162c55	feat(profiles): disks access - add NBD devices.	2022-11-11 21:41:04 +00:00
Alexandre Pujol	dd13de385e	feat(profiles): general update.	2022-11-05 17:25:27 +00:00
Alexandre Pujol	a90cdbe879	feat(profiles): general update.	2022-11-03 21:40:01 +00:00
Alexandre Pujol	eddf6bfc4f	feat(profiles): general update.	2022-10-08 13:13:44 +01:00
Alexandre Pujol	ac47e292ac	feat(profiles): general update.	2022-10-04 21:11:13 +01:00
Alexandre Pujol	d0a8030af8	fix(profile): add deny-sensitive-home abstraction.	2022-10-01 19:18:54 +01:00
Alexandre Pujol	8a55eb8330	fix(profile): fontconfig-cache-write needs /var/cache/fontconfig/ access.	2022-10-01 19:11:19 +01:00
Alexandre Pujol	768e50c6ab	fix: remove not modified lxc rules. Fix #79	2022-09-28 11:54:29 +01:00
Alexandre Pujol	8ff5ed7a69	feat(profiles): general update.	2022-09-11 20:45:14 +01:00
nobodysu	fe59b4d3f8	Delete lightdm_chromium-browser	2022-09-06 22:02:21 +01:00
nobodysu	f02ec5d273	Delete lightdm	2022-09-06 22:02:21 +01:00
nobodysu	1649b427f8	Ubuntu 22.04, third batch (#65 ) * initial * ready * cleanup * cleanup2 * Update dbus-gtk	2022-09-06 17:00:18 +00:00
Alexandre Pujol	70aea89ad4	Revert "fix: the trash abstraction has been upstreamed." This reverts commit `688a62e9bc`. Fix #71	2022-09-06 17:52:08 +01:00
Alexandre Pujol	769627fc25	feat(profiles): remove libvirt abstractions.	2022-09-03 16:06:31 +01:00
Alexandre Pujol	892d44cca2	feat(profiles): remove unused abstractions.	2022-09-03 16:05:37 +01:00
Alexandre Pujol	688a62e9bc	fix: the trash abstraction has been upstreamed.	2022-09-03 16:04:53 +01:00
Alexandre Pujol	3b56d3ff0f	feat(profiles): use the new hex variable.	2022-09-03 14:43:34 +01:00
Alexandre Pujol	e6c91fdfd7	feat(profiles): general update.	2022-08-19 21:10:10 +01:00
Jeroen Rijken	af0c622b35	Replace rm with mr.	2022-08-19 19:25:22 +01:00
nobodysu	db8e881c06	Merge branch 'master' into thunderbird2	2022-08-12 14:35:53 +00:00
nobodysu	00a1e70720	polishing	2022-08-12 17:23:13 +03:00
nobodysu	2c2f6e5557	rearrangement	2022-08-02 19:31:00 +03:00
nobodysu	af49797425	cleanup	2022-08-02 01:59:54 +03:00
nobodysu	c96b6d8ee7	dbus-gtk	2022-08-02 01:47:47 +03:00
Alexandre Pujol	2878fa6a2e	feat(profiles): general update.	2022-07-29 16:47:09 +01:00
nobodysu	b8445e3b45	dbus style	2022-07-20 00:48:58 +03:00
Alexandre Pujol	9692926752	feat(profiles): general update.	2022-07-18 23:57:25 +01:00
Jeroen Rijken	70aa5fdbb2	Small fixes	2022-07-18 19:45:04 +01:00
Alexandre Pujol	eb6c7548f5	feat(profiles): general update.	2022-07-15 21:55:59 +01:00
Jeroen Rijken	3810c1668e	Basic ZFS support	2022-07-10 13:39:01 +01:00
Alexandre Pujol	e087349662	feat(profiles): define more xdg variables.	2022-06-26 17:32:12 +01:00
Alexandre Pujol	56afb90084	fix(profiles): fix some abstraction definitions.	2022-06-18 21:56:09 +01:00
Alexandre Pujol	454456a844	style(profiles): better header for the abstractions.	2022-06-14 19:17:41 +01:00
Alexandre Pujol	cc78beddda	feat(profiles): disks add support for zfs.	2022-06-14 19:03:46 +01:00
Alexandre Pujol	f71c0e41f8	feat(profiles): minor improvments.	2022-06-13 22:13:17 +01:00
Alexandre Pujol	779853dc7f	feat(profiles): new definition for MOUNTs, add MOUNTDIRS.	2022-06-12 22:51:37 +01:00
Alexandre Pujol	0896343bbc	feat(profiles): rethink the app launchers.	2022-06-12 22:17:38 +01:00
Alexandre Pujol	a5c9a58c3c	feat(profiles): complete the dbus-session abstactions and related rules.	2022-06-12 22:15:21 +01:00
Alexandre Pujol	8f53366cd8	feat(profiles): allow gnome-shell to send signal to all profiles.	2022-06-12 12:04:24 +01:00
Alexandre Pujol	80b337bdf4	revert(profiles): remove tor related profiles.	2022-06-12 12:02:16 +01:00
Alexandre Pujol	f53550525e	feat(profiles): add the X-strict abstraction.	2022-06-09 22:45:14 +01:00
Alexandre Pujol	5d45b8e7a7	feat(profiles): add the dconf-write abstraction.	2022-06-09 21:55:55 +01:00
Alexandre Pujol	879416b062	feat(profiles): better system nss rules in nameservice-strict.	2022-06-03 19:38:34 +01:00
nobodysu	936431411c	ubuntu2204	2022-06-02 02:00:16 +03:00
nobodysu	e2b7f6594c	disks-read: Armbian / DietPi (#40 )	2022-06-01 17:49:07 +00:00
nobodysu	d5f3d7f686	more egl paths	2022-06-01 20:04:20 +03:00
nobodysu	481b6d621b	pids and header	2022-05-23 20:30:46 +03:00
nobodysu	b263321c73	Ubuntu compatibility	2022-05-23 01:44:25 +03:00
Alexandre Pujol	5c382d7eb3	feat(profiles): general update.	2022-05-15 22:56:42 +01:00
Alexandre Pujol	7377aed016	fix: remove absraction from upstream.	2022-05-06 21:29:06 +01:00
Alexandre Pujol	c91363a0b6	fix: abstraction gtk -> gtk complete.	2022-05-06 21:28:41 +01:00
Alexandre Pujol	f022ca3299	feat: move sys revision into the mesa abstraction.	2022-05-02 17:25:40 +01:00
Mikhail Morfikov	35a281d045	update apparmor profiles Signed-off-by: Alexandre Pujol <alexandre@pujol.io>	2022-04-26 22:30:01 +01:00
Alexandre Pujol	10cdde9fb7	feat: update profiles.	2022-04-07 20:53:35 +01:00
Alexandre Pujol	9d40327b00	refactor: simplify the trash abstraction.	2022-03-30 22:15:13 +01:00
Alexandre Pujol	a59387ac9e	Profile update.	2022-03-27 14:25:29 +01:00
Alexandre Pujol	ea366754d7	Profiles update.	2022-03-18 16:05:36 +00:00
Alexandre Pujol	d993caae98	Add user-write completion file.	2022-03-04 21:31:07 +00:00
Alexandre Pujol	7b09b8c99a	browser: add security key support & re-format the profiles.	2022-03-03 21:22:17 +00:00
Alexandre Pujol	d701e39939	update apparmor profiles Co-authored-by: Mikhail Morfikov <mmorfikov@gmail.com> Signed-off-by: Alexandre Pujol <alexandre@pujol.io>	2022-02-27 01:22:35 +00:00
Alexandre Pujol	0ee2e4f7ad	New @{uuid} variable.	2022-02-22 13:14:46 +00:00
Alexandre Pujol	6294159d7a	Update profile from #25 .	2022-02-08 19:49:31 +00:00
Alex	d7ad51d41e	Merge pull request #16 from nobodysu/patch-8 nameservice-strict: Ubuntu compatibility	2022-01-15 19:36:27 +01:00
Alexandre Pujol	2e7b6f8ba8	Update profiles.	2022-01-09 20:23:18 +01:00
nobodysu	777f46779f	Typo?	2021-12-21 10:39:12 +00:00
nobodysu	b9b844c182	Ubuntu compatibility	2021-12-21 10:20:45 +00:00
Mikhail Morfikov	3430e3df90	update apparmor profiles Signed-off-by: Alexandre Pujol <alexandre@pujol.io>	2021-12-12 13:18:41 +00:00
Alexandre Pujol	44aca3ba51	Profiles update.	2021-12-12 12:41:50 +00:00
Alexandre Pujol	1644b70d6d	Rethink the configure process.	2021-12-05 00:13:11 +00:00
Alexandre Pujol	0fc9c8b5b0	Add Github Action & add support for the last Ubuntu LTS.	2021-12-05 00:13:00 +00:00
Alexandre Pujol	b52cbe564c	Disks: support large number of disks. Fix: #4 See: https://github.com/torvalds/linux/blob/master/Documentation/admin-guide/devices.txt	2021-12-01 13:38:14 +00:00
nobodysu	0f50672486	QEMU guest virtual disks compatibility	2021-12-01 02:18:38 +03:00
Alexandre Pujol	aac0a93080	Profiles update.	2021-10-22 15:01:43 +01:00
Alexandre Pujol	2fc138a4d7	/run -> @{run}, [0-9]* -> @{uid}.	2021-10-07 14:52:41 +01:00
Alexandre Pujol	c6ab1770d0	Libvirtd: update abstractions.	2021-09-28 21:57:52 +01:00
Mikhail Morfikov	2a6b2bd189	update apparmor profiles	2021-09-15 16:16:01 +01:00
Alexandre Pujol	ca4be147f8	Fix video abstraction.	2021-08-22 15:43:53 +01:00
Mikhail Morfikov	9eecac80a2	update apparmor profiles	2021-08-20 18:52:56 +01:00
Alexandre Pujol	2372188d8e	Update profiles.	2021-07-11 17:20:09 +01:00
Alexandre Pujol	58978c12b7	Profile update.	2021-05-26 20:44:42 +01:00
Mikhail Morfikov	e085014238	update apparmor profiles	2021-05-26 20:23:28 +01:00
Alexandre Pujol	0c494ed2ba	General profiles update.	2021-04-29 21:02:28 +01:00
Alexandre Pujol	49bddc0382	Profile update.	2021-04-23 12:40:19 +01:00
Alexandre Pujol	1f11e6398b	Add @{MOUNTS} for all common mountpoints.	2021-04-19 15:20:32 +01:00
Alexandre Pujol	4a35b7d804	Use @{uid} instead of [0-9]* when it denotes the user id.	2021-04-18 19:00:15 +01:00
Mikhail Morfikov	5faf590bf5	update apparmor profiles	2021-04-18 17:48:20 +01:00
Alexandre Pujol	3734e5aedf	Add include if exists abstractions *.d	2021-04-12 19:59:04 +01:00
Alexandre Pujol	2175a86979	Profiles update.	2021-04-12 13:33:24 +01:00
Mikhail Morfikov	0573b2d996	update apparmor profiles Adpated to the apparmor.d structure. Signed-off-by: Mikhail Morfikov <mmorfikov@gmail.com>	2021-04-10 15:12:56 +01:00
Alexandre Pujol	89f35e502f	Add gtk 4 support.	2021-04-10 14:18:42 +01:00
Alexandre Pujol	17806e9ee7	Profiles update and general fixes.	2021-04-09 14:47:06 +01:00
Alexandre Pujol	91c7069ee1	Abstractions: more definitions.	2021-04-08 22:24:00 +01:00
Mikhail Morfikov	046443a702	Update apparmor profiles Adpated to the apparmor.d structure. Signed-off-by: Mikhail Morfikov <mmorfikov@gmail.com>	2021-04-04 14:43:10 +01:00
Alexandre Pujol	19521569ce	Complete ss_cert abstraction.	2021-04-04 01:13:25 +01:00
Alexandre Pujol	d38c781bbd	Apparmor Parser issue fix.	2021-04-04 00:46:12 +01:00
Alexandre Pujol	604b184c9d	Profile update after tests on Arch.	2021-04-02 10:18:29 +01:00
Alexandre Pujol	6044e403e7	Replace last remaining home files by the xdg variables.	2021-04-01 23:45:21 +01:00
Alexandre Pujol	4db3745a35	Add user-read abstract.	2021-04-01 23:37:27 +01:00
Alexandre Pujol	08c220deee	Add 'if exists' to some include.	2021-04-01 23:26:06 +01:00
Alexandre Pujol	79904cb616	Archlinux has no sbin. sbin -> {s,}bin for Archlinux support. Purposelly not replaced on Debian only programs	2021-04-01 23:15:47 +01:00
Alexandre Pujol	1d1492c750	Trash: needs more control over expunged directory.	2021-04-01 21:59:14 +01:00
Alexandre Pujol	0ad600f90f	Add /mnt as possible mount point.	2021-04-01 21:56:33 +01:00
Alexandre Pujol	84f24133e9	More XDG replacement.	2021-04-01 21:44:23 +01:00
Alexandre Pujol	54ac285b7d	@{HOME}/.local/share -> @{user_share_dirs}	2021-04-01 17:23:34 +01:00
Alexandre Pujol	7f6ea8d44d	@{HOME}/.config -> @{user_config_dirs}	2021-04-01 17:21:33 +01:00
Alexandre Pujol	1c9fc00c13	@{HOME}/.cache -> @{user_cache_dirs}	2021-04-01 17:20:05 +01:00
Alexandre Pujol	091d20d086	Reorganise the directories.	2021-04-01 17:02:49 +01:00
Alexandre Pujol	e9b8e62fcd	apparmor.d -> profiles	2021-04-01 16:02:59 +01:00
Alexandre Pujol	2129e23596	Remove and merge sources that are already present deps.	2021-04-01 15:33:57 +01:00
Mikhail Morfikov	c5ca6e1d90	update apparmor profiles	2021-03-21 17:04:10 +01:00
Mikhail Morfikov	e1f16545e0	update apparmor profiles	2021-03-13 16:52:36 +01:00
Mikhail Morfikov	5b12c89dba	update apparmor profiles	2021-03-13 09:47:36 +01:00
Mikhail Morfikov	0f64093e46	update apparmor profiles	2021-02-13 15:00:16 +01:00
Mikhail Morfikov	8e075d25fa	update apparmor profiles	2021-01-10 16:35:07 +01:00
Mikhail Morfikov	756e2071e1	update apparmor profiles	2020-12-24 13:55:12 +01:00
Mikhail Morfikov	156f5d4e3b	update apparmor profiles	2020-12-18 11:12:55 +01:00
Mikhail Morfikov	7067edcf70	update profiles for apparmor3	2020-12-10 22:33:39 +01:00
Mikhail Morfikov	503cf496bf	update apparmor profiles	2020-12-09 10:30:52 +01:00
Mikhail Morfikov	f73da4a046	update apparmor profiles	2020-10-25 10:23:34 +01:00
Mikhail Morfikov	2cd06e74d6	update apparmor profiles	2020-10-13 16:47:49 +02:00
Mikhail Morfikov	244b2c88a2	move apparmor profiles to a seperate repo	2020-09-12 17:19:23 +02:00

... 2 3 4 5 6 ...

332 commits