Commit graph

3004 commits

Author SHA1 Message Date
Alexandre Pujol
e4f963f30f
feat(aa-log): add some util functions. 2024-09-10 18:38:59 +01:00
Alexandre Pujol
49b8967bb2
feat(profile): improve the use of org.chromium.Chromium.@{rand6}. 2024-09-10 18:20:41 +01:00
Alexandre Pujol
50b0e09a9a
feat(profile): add fstrim. 2024-09-10 18:15:27 +01:00
Alexandre Pujol
f3094cc741
build: add the X option to the stack directive. 2024-09-10 18:13:48 +01:00
Alexandre Pujol
67c5181ba9
fix(profile): set flags in sub profile of fwupd. 2024-09-10 17:38:05 +01:00
odomingao
d9ce0d287d Create earlyoom 2024-09-10 11:55:04 +00:00
Alexandre Pujol
f0faf4ba52
build: add signal-desktop to the overwritten list. 2024-09-09 21:03:41 +01:00
Alexandre Pujol
c2bc55dc46
feat(profile): general update. 2024-09-09 20:53:12 +01:00
Alexandre Pujol
f3f92297bc
fix(profile): remove deprecated & never enabled profiles. 2024-09-09 20:49:42 +01:00
Alexandre Pujol
f1dcefabb3
feat(profile): add profile for yay.
fix #420, #466
2024-09-09 20:38:42 +01:00
Alexandre Pujol
51d8c052f5
feat(profile): add makepkg
This profile is large enough to support any userbased compilation.
While giving protection as it only allows root access to use pacman.

see  #404, #420 #444, #466
2024-09-09 20:18:30 +01:00
Alexandre Pujol
f31a68ca21
feat(profile): add gitg. 2024-09-09 19:58:17 +01:00
Alexandre Pujol
c7181ecadf
feat(profile): general update. 2024-09-09 19:57:49 +01:00
Alexandre Pujol
a99fbaa0be
feat(profile): restic some well known path. 2024-09-09 19:47:25 +01:00
Alexandre Pujol
d4e380ad46
feat(profile): update & enable profiles in the apps group.
see #471
2024-09-09 19:40:42 +01:00
Alexandre Pujol
2af1d06f18
feat(tunable): add @{editor_path} & @{pager_path}. 2024-09-08 13:25:49 +01:00
Alexandre Pujol
4f310b8802
feat(profile): update dolphin.
fix #470
2024-09-08 12:41:49 +01:00
Alexandre Pujol
54e013824e
feat(profile): update libreoffice.
see #470
2024-09-08 12:38:54 +01:00
Alexandre Pujol
7b04e28835
feat(profile): remove transparent_hugepage rule already included in base. 2024-09-08 12:36:35 +01:00
odomingao
98042620f6 Update hyprlock 2024-09-08 11:23:21 +00:00
Alexandre Pujol
a8b1e46095
feat(profile): add dmsetup
fix #469
2024-09-08 12:21:56 +01:00
Alexandre Pujol
f91fc28711
chore: minor guideline cosmetic. 2024-09-06 21:47:24 +01:00
odomingao
edfa690e2b Update hyprland 2024-09-06 20:42:12 +00:00
odomingao
fe86133f49 Update wayland abstraction 2024-09-06 20:42:12 +00:00
odomingao
2e048156ac Update wayland abstraction 2024-09-06 20:42:12 +00:00
odomingao
c4482675ef Update hyprland 2024-09-06 20:42:12 +00:00
odomingao
fe3d32df1f Add access to gamescope 2024-09-06 20:42:12 +00:00
odomingao
512b42702b add hyprland profile 2024-09-06 20:42:12 +00:00
Alexandre Pujol
984ca11571
Merge branch 'main' of github.com:roddhjav/apparmor.d
* 'main' of github.com:roddhjav/apparmor.d:
  Update profile for ufw (#467)
2024-09-06 21:41:04 +01:00
Alexandre Pujol
ac2f085d8c
feat(abs): add support for keyfile in dconf.
fix #460
2024-09-06 21:40:17 +01:00
EricLin0509
a1407243dd
Update profile for ufw (#467)
* Update profile for ufw

* A small fix
2024-09-06 20:35:16 +00:00
Alexandre Pujol
fde8ee6ec6
fix(profile): generic app need access to /var/cache/tmp/
fix #465
2024-09-06 21:32:39 +01:00
Alexandre Pujol
6b191d9ada
feat(profile): use @{int} on systemd/inhibit. 2024-09-05 14:23:16 +01:00
Alexandre Pujol
4e17001ce2
feat(tunable): add the new python_path & python_name variables. 2024-09-05 14:08:08 +01:00
Alexandre Pujol
35dcde9d90
feat(tunable): add the new version variable. 2024-09-05 14:05:35 +01:00
EricLin0509
a93400280e
Add support for wemeet (#462)
* initial support for wemeet

* Some small fixes
2024-09-03 17:29:03 +00:00
Alexandre Pujol
26641f585c
feat(profile): add gnome-boxes
see  #457
2024-09-02 14:14:16 +01:00
odomingao
3c066ea087 Update waybar 2024-09-02 09:43:11 +00:00
Alexandre Pujol
bf2025db09
feat(profile): gpg: ensure compatibility with torbrowser profile from upstream.
see #407
2024-09-01 22:09:00 +01:00
odomingao
52d2cd63b9
Create cemu (#459) 2024-09-01 21:03:13 +00:00
odomingao
7c560e1e8f
Update chronyd (#458)
apparmor="DENIED" operation="create" class="net" profile="chronyd"  comm="chronyd" family="inet" sock_type="stream" protocol=0 requested_mask="create" denied_mask="create"
2024-09-01 21:01:19 +00:00
Alexandre Pujol
b223e2eb8e
feat(profile): general update. 2024-09-01 20:36:23 +01:00
Alexandre Pujol
265e3928c1
feat(profile): mesa: mesa_shader_cache_db is often passed as fd. 2024-09-01 20:13:51 +01:00
Alexandre Pujol
7e3c546e3d
fix(profile): xdg-mime mimetype path.
fix #455
2024-09-01 15:25:43 +01:00
Alexandre Pujol
60e00f8c53
fix(profile): zramctl doesn't show algorithm, data, compression, total, streams, mountpoint
fix #456
2024-09-01 15:22:05 +01:00
Alexandre Pujol
aa4f4de6dd
feat(abs): update mesa shader cache paths.
fix: #450 #451
2024-09-01 15:17:43 +01:00
Alexandre Pujol
fb29e8ba74
doc: general update. 2024-08-30 20:38:30 +01:00
Nishit Majithia
fe32720765
socat: add apparmor profile (#454)
* socat: add apparmor profile

Signed-off-by: Nishit Majithia <nishit.nm@gmail.com>

* socat: update profile

 - Follow profile guideline
 - Change copyright texts
 - Update to use abi 3.0
 - Use `ssl_certs` and `console` abstractions instead of explicit rules

Signed-off-by: Nishit Majithia <nishit.nm@gmail.com>

* socat: minor fix in the profile

 - Use @{bin}
 - Allow executable mapping and read for the binary

Signed-off-by: Nishit Majithia <nishit.nm@gmail.com>

---------

Signed-off-by: Nishit Majithia <nishit.nm@gmail.com>
2024-08-30 16:56:04 +00:00
odomingao
a224adc42e Update xdg-desktop-portal-hyprland 2024-08-30 11:42:38 +00:00
odomingao
75fba4c6c7 Update xdg-desktop-portal 2024-08-30 11:42:38 +00:00