Alexandre Pujol
|
a66ff700a2
|
build: split systemd drop file in function of their purpose.
default: ensure a service use a given profile
early: ensure a service start after apparmor.
|
2024-03-15 16:17:19 +00:00 |
|
Alexandre Pujol
|
b0d52d68f4
|
build: refractor internal tools.
|
2024-03-10 19:07:55 +00:00 |
|
Alexandre Pujol
|
df21886965
|
fix(fsp): fix conflicting x modifiers in abstractions
|
2024-03-10 18:57:05 +00:00 |
|
Alexandre Pujol
|
e3545cc3bb
|
feat(aa-log): improve the regex helper type.
|
2024-03-10 15:53:25 +00:00 |
|
Alexandre Pujol
|
70b043cdae
|
build: improve build tests
|
2024-03-10 14:48:05 +00:00 |
|
Alexandre Pujol
|
be373dfb80
|
fix(build): rename boolean.
|
2024-03-10 14:47:13 +00:00 |
|
Alexandre Pujol
|
78a96eecd2
|
build: add a new "stack" directive.
|
2024-03-10 14:46:34 +00:00 |
|
Alexandre Pujol
|
f5aacbd029
|
build(debian): use hide instead of displace to overwrite upstream profiles.
|
2024-03-10 14:43:43 +00:00 |
|
Alexandre Pujol
|
b342df689a
|
build: improve error handling.
|
2024-03-10 14:24:59 +00:00 |
|
Alexandre Pujol
|
d40985099c
|
refractor: remove dependency on pkg/errors.
|
2024-03-07 17:25:13 +00:00 |
|
Alexandre Pujol
|
86898ec673
|
feat(aa-log): update order of impression.
|
2024-02-29 23:37:50 +00:00 |
|
Alexandre Pujol
|
65386321c2
|
feat(aa-log): update shell paths.
|
2024-02-29 23:14:01 +00:00 |
|
Alexandre Pujol
|
19b27a26c0
|
feat(aa-log): do not filter out addresses from the log.
|
2024-02-29 23:13:15 +00:00 |
|
Alexandre Pujol
|
3d4dd5c91a
|
feat(aa-log): correctly handle remount rule from mount log.
|
2024-02-29 23:12:19 +00:00 |
|
Alexandre Pujol
|
717496e7df
|
fix: cleanup go code.
|
2024-02-29 00:38:29 +00:00 |
|
Alexandre Pujol
|
e616b9b3fc
|
feat(aa-log): ensure unix rule are not confused with network unix rule.
Both are technically the same, we simply prioritize `unix` to `network unix`.
|
2024-02-29 00:20:37 +00:00 |
|
Alexandre Pujol
|
e3daaf3d4c
|
feat(aa-log): ensure rule access is always present.
|
2024-02-29 00:19:26 +00:00 |
|
Alexandre Pujol
|
45a6e0bf21
|
fix(build): ensure the displace file get cleaned when not needed.
|
2024-02-29 00:03:39 +00:00 |
|
Alexandre Pujol
|
58f130fbb2
|
tests(aa-log): add missing tests for osrelease.
|
2024-02-28 23:27:57 +00:00 |
|
Alexandre Pujol
|
ae9f7e7442
|
build: add initial build support for ubuntu 24.04
|
2024-02-28 17:35:14 +00:00 |
|
Alexandre Pujol
|
fbf154b860
|
fix(build): ensure the build system has support for empty profile.
|
2024-02-24 17:02:43 +00:00 |
|
Alexandre Pujol
|
1bc63becaf
|
feat(aa-log): an empty profile now return empty string.
|
2024-02-24 17:01:03 +00:00 |
|
Alexandre Pujol
|
48b39fa816
|
test(aa-log): add more tests about the mount rules.
|
2024-02-24 17:00:07 +00:00 |
|
Alexandre Pujol
|
d6dc89b4f3
|
feat(aa-log): parse mount conditions from logs.
|
2024-02-24 16:58:38 +00:00 |
|
Alexandre Pujol
|
e02bf03cca
|
feat(tunable): add new system_user variable.
|
2024-02-14 23:58:18 +00:00 |
|
Alexandre Pujol
|
e28e452ba4
|
build(dbus): improve generated dbus rules.
|
2024-02-14 23:22:01 +00:00 |
|
Alexandre Pujol
|
2cd14aa6bb
|
chore: add missing and update copyright year.
|
2024-02-07 00:16:21 +01:00 |
|
Alexandre Pujol
|
46641e6cc6
|
chore: update links to the documentation website.
|
2024-01-30 15:45:03 +00:00 |
|
Alexandre Pujol
|
c8f37afe9a
|
feat(aa-log): improve profile rendering.
|
2024-01-21 11:58:44 +00:00 |
|
Alexandre Pujol
|
7cf7adc197
|
fix(aa-log): ensure aa-log -s return valid result.
Fix #268
|
2023-12-29 18:28:14 +01:00 |
|
Alexandre Pujol
|
4091fca3f0
|
fix(build): cleanup go import.
|
2023-12-15 22:37:37 +00:00 |
|
Alexandre Pujol
|
66a4a17924
|
build: add inital support for dbus directive.
|
2023-12-15 22:11:25 +00:00 |
|
Alexandre Pujol
|
6fa2c8ec3a
|
build: improve build output.
|
2023-12-15 19:14:32 +00:00 |
|
Alexandre Pujol
|
1ead127675
|
feat(aa-log): add indentation option to the logging function.
|
2023-12-13 17:39:21 +00:00 |
|
Alexandre Pujol
|
5cf5b74f4b
|
fix(build): ensure full system policy build works.
|
2023-12-10 14:30:47 +00:00 |
|
Alexandre Pujol
|
735e3529fb
|
feat(aa-log): add support for mqueue.
|
2023-12-05 20:47:32 +00:00 |
|
Alexandre Pujol
|
07a6f35b4e
|
chore(aa-log): minor template improvement.
|
2023-11-29 22:08:37 +00:00 |
|
Alexandre Pujol
|
66efedfb01
|
fix(aa-log): fix go linter.
|
2023-11-28 15:31:43 +00:00 |
|
Alexandre Pujol
|
d4bc07895a
|
feat(aa-log): add support change_profile & pivot_rule
|
2023-11-27 19:21:43 +00:00 |
|
Alexandre Pujol
|
4b61abf7ce
|
build: simplify full system policy generation.
|
2023-11-26 21:19:16 +00:00 |
|
Alexandre Pujol
|
0d124065b9
|
build: enforce the use on the default profile on full mode.
|
2023-11-22 20:52:25 +00:00 |
|
Alexandre Pujol
|
9ab0745e2d
|
feat(full): add default fallback profile.
See #252
|
2023-11-22 20:12:20 +00:00 |
|
Alexandre Pujol
|
7909bb1948
|
fix(build): tunable path.
|
2023-11-19 23:21:50 +00:00 |
|
Alexandre Pujol
|
9e04743156
|
build: do not use rsync to synchronise file anymore.
|
2023-11-19 14:47:55 +00:00 |
|
Alexandre Pujol
|
96ea9d17ae
|
feat(full): disable nnp flag on some services.
|
2023-11-19 14:32:57 +00:00 |
|
Alexandre Pujol
|
f564347580
|
refractor: move default systemd drop in files.
|
2023-11-19 14:20:14 +00:00 |
|
Alexandre Pujol
|
88555a12d0
|
feat(profiles): add initial userns rule.
Require apparmor 4 to be enabled.
|
2023-11-19 11:19:24 +00:00 |
|
Alexandre Pujol
|
6dc990ac02
|
feat(full): set systemd profile name on build time.
|
2023-11-19 11:14:31 +00:00 |
|
Alexandre Pujol
|
3197f52a97
|
feat(aa-log): improve log to rule conversion.
|
2023-11-19 10:59:46 +00:00 |
|
Alexandre Pujol
|
3b42cc0ca7
|
build: update full system policy setup.
|
2023-11-11 20:25:27 +00:00 |
|