apparmor.d

mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-01-30 06:45:10 +01:00

Author	SHA1	Message	Date
Alexandre Pujol	52278490ab	feat(profile): general update.	2023-11-27 19:00:18 +00:00
Alexandre Pujol	319bea17c3	fix(full): fix pivot_root rule.	2023-11-27 18:56:39 +00:00
Alexandre Pujol	aa1553388b	feat(flatpak): add flatpak integration. - Add flatpak profile - Add flatpak-bwrap subprofile: it manage the sandbox creation & has some larger access. - Add flatpak-app, default profile for sandboxed app. See Full system policy #252	2023-11-26 23:19:09 +00:00
Alexandre Pujol	e41779f576	feat(full): add default bwrap profiles. On full system policy, use the new bwrap profile (and bwrap-app) to confine sandboxed application. It is not enabled by default as the sandbox profile is quite large. Also integrate with the gnome app that use bwrap as sandbox manager. Update other related profiles See Full system policy #252	2023-11-26 23:12:35 +00:00
Alexandre Pujol	3da0ad2572	feat(full): add bwrap-app abstraction.	2023-11-26 23:08:02 +00:00
Alexandre Pujol	d8ff8c8cd6	feat(kde): add some kde profiles.	2023-11-26 23:07:02 +00:00
Alexandre Pujol	c2bc6f26ae	feat(profile): update kde profiles.	2023-11-26 23:05:01 +00:00
Alexandre Pujol	8250e202a0	feat(profile): general update.	2023-11-26 21:24:40 +00:00
Alexandre Pujol	cd1de59aad	feat(abs): improve audio abstraction.	2023-11-24 18:17:26 +00:00
Alexandre Pujol	ef1023156e	feat(profile): minor kde improvment on opensuse. see #208	2023-11-23 11:19:38 +00:00
Alexandre Pujol	31bc5a6053	feat(profiles): general update.	2023-11-22 21:37:09 +00:00
Alexandre Pujol	a49d83993a	feat(profile): add snapd-apparmor	2023-11-22 20:58:05 +00:00
Alexandre Pujol	c62b45964d	feat(profile): add e2scrub_all.	2023-11-22 20:56:42 +00:00
Alexandre Pujol	17d187e93b	feat(profiles): ensure apparmor_parser works with snap.	2023-11-22 20:55:47 +00:00
Alexandre Pujol	e247a3949e	feat(systemd): add initial version of all missing generator.	2023-11-22 20:55:01 +00:00
Alexandre Pujol	07acb8043b	feat(profiles): rename all systemd generator.	2023-11-22 20:51:10 +00:00
Alexandre Pujol	ba1cad7f73	feat(profile): improve child-open.	2023-11-22 20:12:59 +00:00
Alexandre Pujol	9ab0745e2d	feat(full): add default fallback profile. See #252	2023-11-22 20:12:20 +00:00
Alexandre Pujol	da51cdba64	feat(profiles): improve freedesktop profiles.	2023-11-22 20:07:31 +00:00
Alexandre Pujol	6c6646e1f6	feat(profiles): minor kde additions.	2023-11-22 20:06:39 +00:00
Alexandre Pujol	ae99433595	feat(full): simplify the service profiles.	2023-11-22 20:04:17 +00:00
Alexandre Pujol	04513af863	feat: cleanup child-systemctl	2023-11-22 18:43:43 +00:00
Alexandre Pujol	23be43ebd0	feat(full): improve how systemd handle services	2023-11-22 18:42:23 +00:00
Alexandre Pujol	908aba0385	feat(profiles): add some ubuntu specific profiles.	2023-11-19 21:42:31 +00:00
Alexandre Pujol	e29e839c62	feat(profiles): update apt related profiles.	2023-11-19 21:40:12 +00:00
Alexandre Pujol	07e7810d15	feat(full): add some services profile.	2023-11-19 21:39:36 +00:00
Alexandre Pujol	f43f950c90	feat(full): improve systemd-user profile.	2023-11-19 21:35:53 +00:00
Alexandre Pujol	59140f5411	feat(full): improve systemd profile. See https://apparmor.pujol.io/development/structure/#full-system-policy	2023-11-19 21:31:57 +00:00
monsieuremre	83a2a1cbf9	Full-Policy integration for Whonix/Kicksecure - And also everyone else (#249 ) * full-policy * change path * change * big fix * Delete apparmor.d/groups/_full/systemd * Update and rename full-policy to systemd	2023-11-19 20:54:09 +00:00
Alexandre Pujol	f0cdadbdaf	feat(abs): improve mesa abstraction.	2023-11-19 15:39:02 +00:00
Alexandre Pujol	d1c8471b1d	fix: rule compilation.	2023-11-19 11:39:24 +00:00
Alexandre Pujol	88555a12d0	feat(profiles): add initial userns rule. Require apparmor 4 to be enabled.	2023-11-19 11:19:24 +00:00
Alexandre Pujol	2143fb03af	feat(full): add new systemd variable.	2023-11-19 11:13:40 +00:00
Alexandre Pujol	b79a1fcd31	feat(profile): general update. Also include some preparation for the systemd profile.	2023-11-19 11:08:35 +00:00
Alexandre Pujol	e8fcc12c98	feat(profiles): cleanup dbus daemon related profile.	2023-11-13 23:10:00 +00:00
Alexandre Pujol	e99f7de703	fix(profiles): fix slow startup of gnome at-spi-bus-launcher starts the accessibility bus. We need to ensure all buses are initally started by the same profile, otherwise the accessibility fail to start. See #74, #80 & #235	2023-11-13 22:59:10 +00:00
Alexandre Pujol	d3084839d1	feat(profiles): improve support for debian over gnome.	2023-11-13 22:14:54 +00:00
Alexandre Pujol	31edd15e8a	feat(profiles): improve kde integration.	2023-11-13 22:11:12 +00:00
Alexandre Pujol	6f98bb9bfb	feat(abs): add more possible resolv.conf path in nameservice. Used a lot by debian.	2023-11-13 19:32:04 +00:00
Alexandre Pujol	f0a2cb3897	feat(profiles): general update.	2023-11-11 22:02:47 +00:00
Alexandre Pujol	02115a194b	chore: cleanup abstraction' headers.	2023-11-11 20:25:55 +00:00
Alexandre Pujol	758991f67b	feat(profiles): general update.	2023-11-09 17:31:45 +00:00
Alexandre Pujol	ee658c41a6	refractor(profiles): improve child profile structure.	2023-11-09 17:29:34 +00:00
Alexandre Pujol	499b9e785d	feat(full): update full system structure. - Aims to be compatible with full-policy profile - Required by systemd	2023-11-09 17:27:19 +00:00
Alexandre Pujol	84ecf85c0b	feat(profiles): add dell cctk.	2023-10-26 22:40:21 +01:00
Alexandre Pujol	471b544d99	feat(profiles): better integration with not existing profile.	2023-10-26 22:38:39 +01:00
Alexandre Pujol	0031c9e86f	feat(profiles): minor dbus improvment.	2023-10-26 22:37:56 +01:00
Alexandre Pujol	aa7fe16a20	feat(profile): improve opensuse integration. See #208	2023-10-20 23:50:26 +01:00
Alexandre Pujol	4276ede03c	feat(profile): rewrite update-ca-certificates.	2023-10-20 23:43:36 +01:00
Alexandre Pujol	ed7585c3d0	refractor(profile): clean some dbus rules.	2023-10-20 23:15:39 +01:00

1 2 3 4 5 ...

1210 commits