Commit Graph

2550 Commits

Author SHA1 Message Date
Alexandre Pujol
99e4c4622d
feat(abs): add initial version of the bwrap abs.
- To be used by profile that runs bwrap directly.
- Needs more rule when used alongside flatpak
2024-02-24 18:41:36 +00:00
Alexandre Pujol
975bbabf9c
fix(ci): kindly ask shellcheck to not be a pain. 2024-02-24 17:13:21 +00:00
Alexandre Pujol
fbf154b860
fix(build): ensure the build system has support for empty profile. 2024-02-24 17:02:43 +00:00
Alexandre Pujol
1bc63becaf
feat(aa-log): an empty profile now return empty string. 2024-02-24 17:01:03 +00:00
Alexandre Pujol
48b39fa816
test(aa-log): add more tests about the mount rules. 2024-02-24 17:00:07 +00:00
Alexandre Pujol
d6dc89b4f3
feat(aa-log): parse mount conditions from logs. 2024-02-24 16:58:38 +00:00
Alexandre Pujol
511bca60fb
build(debian): only reload apparmor, if it is active. 2024-02-24 14:14:00 +00:00
Alexandre Pujol
cefd372099
tests: support default value in vagrant boxes. 2024-02-24 14:11:59 +00:00
Alexandre Pujol
a1ce144e1c
tests: cleanup image cleanup script. 2024-02-24 14:10:30 +00:00
Alexandre Pujol
7bd500b979
Merge branch 'main' of github.com:roddhjav/apparmor.d
* 'main' of github.com:roddhjav/apparmor.d:
  Add Profiles for imv and zathura (#291)
2024-02-23 22:50:34 +00:00
Alexandre Pujol
9bd21e9361
fix(profile): add bluetooth network to dbus-broker. 2024-02-23 22:35:10 +00:00
valoq
df455f93eb
Add Profiles for imv and zathura (#291)
* add profiles

* fix minor issues

* fix read permissions

* remove leftover line
2024-02-23 20:48:24 +00:00
Alexandre Pujol
2ea53a9dc3
feat(profile): general update. 2024-02-23 20:21:22 +00:00
Alexandre Pujol
f5084ca150
doc: minor update. 2024-02-23 20:14:21 +00:00
Alexandre Pujol
4b23bccb47
fix: ensure fsck.ext4 is has only one profile.
fsck.ext4 was in the profile attachment for both fsck-ext4 and e2fsck, breaking transition to the profile.

Also reorganise some entrypoint to avoid this kind of confusion.
2024-02-23 20:12:32 +00:00
Alexandre Pujol
a9e767462d
fix: remove useless rule.
Rule already present in the base abs.
2024-02-23 19:54:54 +00:00
Alexandre Pujol
d2ab121d08
feat(profile): stack colord-sane on colord.
Both profile could be merged to avoid nnp issue.
2024-02-23 19:53:18 +00:00
doublez13
b2af7a631a whatis: initial profile
AppArmor profile for whatis
2024-02-21 14:10:51 +00:00
Jeroen Rijken
434fc6e954 Update after review
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
f60234d74a Restore libexec
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
0fb3706bbd Fixes after review
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
c8856f6383 Fix konsole links
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
640cf9e1d3 Dolphin updates
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
7fa4113131 Dolphin copy and delete from trash
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
062a766e06 Typo
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
943f52fbc4 Add ptrace to kded5
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
7addadfa7b Add multiarch to lib
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
8a342749ba rename dbus to bus.
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
2b65e58b19 Flatpak dbus addition
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
cd3cf50638 Cannot reproduce
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
7a61919f71 Flatpak dbus and kio
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
4c5a21145a General update
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
Jeroen Rijken
40b171ee94 Replace shells with new sh_path variable
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2024-02-21 13:56:40 +00:00
doublez13
3b1b187d13
Abook: Fix missing directory (#298)
Allow abook to create ~/.abook
2024-02-19 12:38:24 +00:00
Alexandre Pujol
14fe43714a
feat(profile): general update. 2024-02-15 00:19:13 +00:00
Alexandre Pujol
a334b461d0
feat(fsp): update systemd related profiles. 2024-02-15 00:16:53 +00:00
Alexandre Pujol
e02bf03cca
feat(tunable): add new system_user variable. 2024-02-14 23:58:18 +00:00
Alexandre Pujol
e28e452ba4
build(dbus): improve generated dbus rules. 2024-02-14 23:22:01 +00:00
doublez13
ea97ff6a5f
Mutt and Abook profiles (#288)
There are an innumerable number of mutt configurations. This AA profile is intended to work with a stock mutt config. Any customizations should be placed in local/mutt

This might be a little annoying because by default mutt saves attachments in the directory that it was started from (most likely ~/), and there is no config option that I'm aware of to set a default download location.
 
A user will either need to manually specify a location (like ~/Downloads) when saving, or allow saving to ~/ in the local override.
2024-02-14 23:03:03 +00:00
Alexandre Pujol
804bde0172
chore: remove unneeded abi definition in abstraction. 2024-02-11 13:34:12 +00:00
Alexandre Pujol
7269ac6ca9
fix: profile compilation. 2024-02-11 12:49:04 +00:00
Alexandre Pujol
9cbeb127a3
feat(profile): minor improvment for kde. 2024-02-11 12:45:35 +00:00
Alexandre Pujol
04683eeccb
feat(profile): general update. 2024-02-11 12:44:40 +00:00
Alexandre Pujol
4619e13f1b
fix: possible hardware blocking issue.
See #296
2024-02-11 12:41:37 +00:00
Alexandre Pujol
738f7cc0c2
feat(fsp): add intial mount rules on systemd. 2024-02-10 01:22:50 +00:00
Alexandre Pujol
9fb4f7b8fd
feat(fsp): add nnp execption. 2024-02-10 01:11:19 +00:00
Alexandre Pujol
309ad9e506
feat(fsp): cleanup systemd profile. 2024-02-10 01:09:27 +00:00
monsieuremre
f6a40d23df Delete systemd/full/system/user@.service 2024-02-08 16:04:20 +00:00
monsieuremre
ce85d482e9 Update systemd 2024-02-08 16:04:20 +00:00
Alexandre Pujol
b1d0ebe918
feat(tunable): add the browsers_path variable. 2024-02-07 15:10:54 +00:00