Commit graph

109 commits

Author SHA1 Message Date
Alexandre Pujol
62099d325d
build: define new unified build interfaces. 2024-03-25 22:37:30 +00:00
Alexandre Pujol
b6aed5cd8d
refractor(build): move os check as an internal build pkg. 2024-03-25 22:36:31 +00:00
Alexandre Pujol
88fcdd8c8e
build(directive): support both liust & map. 2024-03-23 17:41:10 +00:00
Alexandre Pujol
d5470b8404
build: exex directive: sort & cleanup generated rules. 2024-03-22 20:56:04 +00:00
Alexandre Pujol
73fe7a7475
build: exex directive: add support for transition. 2024-03-22 19:47:45 +00:00
Alexandre Pujol
0d16d4fdab
build: remove old directive code. 2024-03-21 23:23:44 +00:00
Alexandre Pujol
79a3bb1ea8
fix(build): for compatibility, use slices from exp. 2024-03-21 23:19:33 +00:00
Alexandre Pujol
e2ac675165
fix(build): ensure directive can be loaded. 2024-03-21 22:13:00 +00:00
Alexandre Pujol
99e386705f
feat(build): rewrite the dbus directive fot the new format. 2024-03-21 22:09:16 +00:00
Alexandre Pujol
b32ee4a5a9
feat(build): add the exec directive. 2024-03-21 22:07:41 +00:00
Alexandre Pujol
8e5f83df34
feat(build): rewrite the stack directive witht the new structure. 2024-03-21 21:09:46 +00:00
Alexandre Pujol
83691bbb1f
feat(build): add new filter directives. 2024-03-21 20:51:42 +00:00
Alexandre Pujol
2ca62215bc
build: prepare new structure for directives. 2024-03-21 20:36:41 +00:00
Alexandre Pujol
e1d1d0be3d
refractor(build): move os logic to its own module. 2024-03-21 18:58:32 +00:00
Alexandre Pujol
a66ff700a2
build: split systemd drop file in function of their purpose.
default: ensure a service use a given profile
early: ensure a service start after apparmor.
2024-03-15 16:17:19 +00:00
Alexandre Pujol
df21886965
fix(fsp): fix conflicting x modifiers in abstractions 2024-03-10 18:57:05 +00:00
Alexandre Pujol
e3545cc3bb
feat(aa-log): improve the regex helper type. 2024-03-10 15:53:25 +00:00
Alexandre Pujol
70b043cdae
build: improve build tests 2024-03-10 14:48:05 +00:00
Alexandre Pujol
be373dfb80
fix(build): rename boolean. 2024-03-10 14:47:13 +00:00
Alexandre Pujol
78a96eecd2
build: add a new "stack" directive. 2024-03-10 14:46:34 +00:00
Alexandre Pujol
f5aacbd029
build(debian): use hide instead of displace to overwrite upstream profiles. 2024-03-10 14:43:43 +00:00
Alexandre Pujol
b342df689a
build: improve error handling. 2024-03-10 14:24:59 +00:00
Alexandre Pujol
717496e7df
fix: cleanup go code. 2024-02-29 00:38:29 +00:00
Alexandre Pujol
45a6e0bf21
fix(build): ensure the displace file get cleaned when not needed. 2024-02-29 00:03:39 +00:00
Alexandre Pujol
58f130fbb2
tests(aa-log): add missing tests for osrelease. 2024-02-28 23:27:57 +00:00
Alexandre Pujol
ae9f7e7442
build: add initial build support for ubuntu 24.04 2024-02-28 17:35:14 +00:00
Alexandre Pujol
fbf154b860
fix(build): ensure the build system has support for empty profile. 2024-02-24 17:02:43 +00:00
Alexandre Pujol
e02bf03cca
feat(tunable): add new system_user variable. 2024-02-14 23:58:18 +00:00
Alexandre Pujol
e28e452ba4
build(dbus): improve generated dbus rules. 2024-02-14 23:22:01 +00:00
Alexandre Pujol
2cd14aa6bb
chore: add missing and update copyright year. 2024-02-07 00:16:21 +01:00
Alexandre Pujol
46641e6cc6
chore: update links to the documentation website. 2024-01-30 15:45:03 +00:00
Alexandre Pujol
4091fca3f0
fix(build): cleanup go import. 2023-12-15 22:37:37 +00:00
Alexandre Pujol
66a4a17924
build: add inital support for dbus directive. 2023-12-15 22:11:25 +00:00
Alexandre Pujol
6fa2c8ec3a
build: improve build output. 2023-12-15 19:14:32 +00:00
Alexandre Pujol
5cf5b74f4b
fix(build): ensure full system policy build works. 2023-12-10 14:30:47 +00:00
Alexandre Pujol
735e3529fb
feat(aa-log): add support for mqueue. 2023-12-05 20:47:32 +00:00
Alexandre Pujol
4b61abf7ce
build: simplify full system policy generation. 2023-11-26 21:19:16 +00:00
Alexandre Pujol
0d124065b9
build: enforce the use on the default profile on full mode. 2023-11-22 20:52:25 +00:00
Alexandre Pujol
9ab0745e2d
feat(full): add default fallback profile.
See #252
2023-11-22 20:12:20 +00:00
Alexandre Pujol
7909bb1948
fix(build): tunable path. 2023-11-19 23:21:50 +00:00
Alexandre Pujol
9e04743156
build: do not use rsync to synchronise file anymore. 2023-11-19 14:47:55 +00:00
Alexandre Pujol
96ea9d17ae
feat(full): disable nnp flag on some services. 2023-11-19 14:32:57 +00:00
Alexandre Pujol
f564347580
refractor: move default systemd drop in files. 2023-11-19 14:20:14 +00:00
Alexandre Pujol
88555a12d0
feat(profiles): add initial userns rule.
Require apparmor 4 to be enabled.
2023-11-19 11:19:24 +00:00
Alexandre Pujol
6dc990ac02
feat(full): set systemd profile name on build time. 2023-11-19 11:14:31 +00:00
Alexandre Pujol
3b42cc0ca7
build: update full system policy setup. 2023-11-11 20:25:27 +00:00
Alexandre Pujol
eb98d2b49f
build: initial preparation for apparmor 4. 2023-09-29 20:12:00 +01:00
Alexandre Pujol
cad27a3f78
build: add the ability to set enforce all profiles.
Do not do that!!! It forces ALL profiles in enforce mode.
2023-09-05 19:44:36 +01:00
Alexandre Pujol
aea0034fcc
chore: various cosmetic changes. 2023-09-01 19:26:52 +01:00
Alexandre Pujol
a8470dfa38
feat(aa-log): add a new apparmor profile struct
Also rewrite variables resolution to this new struct.
2023-08-17 23:00:52 +01:00
Alexandre Pujol
fe0238250a
fix: ubuntu build. 2023-07-25 23:06:14 +01:00
Alexandre Pujol
c36801700c
chore: fix go linter. 2023-07-25 22:07:38 +01:00
Alexandre Pujol
f2e755b77b
build: allow a larger set of distribution.
See #180
2023-07-25 22:02:18 +01:00
Alexandre Pujol
6ea2df19eb
build: simplify profile struct. 2023-07-25 22:01:07 +01:00
Alexandre Pujol
c6a048c9ca
build: add FlagDir variable in prebuild code. 2023-07-23 20:36:48 +01:00
Alexandre Pujol
1f75dc9956
build: update build for new bin & lib variables 2023-07-09 15:09:32 +01:00
Alexandre Pujol
dec5a29e19
fix: go linter 2023-06-18 12:07:45 +01:00
Alexandre Pujol
a1946aa171
feat: support for debian 12, drop support for debian 11. 2023-06-18 11:44:56 +01:00
Alexandre Pujol
913ac3131c
feat(prebuild): make prebuild available as an external package.
Usefull for downstream repo.
2023-05-06 13:01:07 +01:00