Commit Graph

1760 Commits

Author SHA1 Message Date
Alexandre Pujol
3aa07e4d64
tests(packer): add arch-server and ubuntu 24.04 images. 2023-11-19 16:09:25 +00:00
Alexandre Pujol
f0cdadbdaf
feat(abs): improve mesa abstraction. 2023-11-19 15:39:02 +00:00
Alexandre Pujol
1b48e419f4
build(suse): add systemd-userdbd drop in file. 2023-11-19 15:38:36 +00:00
Alexandre Pujol
185187b608
doc: rewrite full system policy section. 2023-11-19 14:49:08 +00:00
Alexandre Pujol
edab2be894
doc: add nnp section. 2023-11-19 14:48:25 +00:00
Alexandre Pujol
9e04743156
build: do not use rsync to synchronise file anymore. 2023-11-19 14:47:55 +00:00
Alexandre Pujol
5eb120cdbb
build: new system origin path. 2023-11-19 14:34:42 +00:00
Alexandre Pujol
96ea9d17ae
feat(full): disable nnp flag on some services. 2023-11-19 14:32:57 +00:00
Alexandre Pujol
f564347580
refractor: move default systemd drop in files. 2023-11-19 14:20:14 +00:00
Alexandre Pujol
d1c8471b1d
fix: rule compilation. 2023-11-19 11:39:24 +00:00
Alexandre Pujol
88555a12d0
feat(profiles): add initial userns rule.
Require apparmor 4 to be enabled.
2023-11-19 11:19:24 +00:00
Alexandre Pujol
6dc990ac02
feat(full): set systemd profile name on build time. 2023-11-19 11:14:31 +00:00
Alexandre Pujol
2143fb03af
feat(full): add new systemd variable. 2023-11-19 11:13:40 +00:00
Alexandre Pujol
b79a1fcd31
feat(profile): general update.
Also include some preparation for the systemd profile.
2023-11-19 11:08:35 +00:00
Alexandre Pujol
3197f52a97
feat(aa-log): improve log to rule conversion. 2023-11-19 10:59:46 +00:00
Alexandre Pujol
58b577385e
build(ci): add gitlab ci for whonix. 2023-11-13 23:41:41 +00:00
Alexandre Pujol
aa84d08ef6
tests: improve tests image content. 2023-11-13 23:40:51 +00:00
Alexandre Pujol
e8fcc12c98
feat(profiles): cleanup dbus daemon related profile. 2023-11-13 23:10:00 +00:00
Alexandre Pujol
e99f7de703
fix(profiles): fix slow startup of gnome
at-spi-bus-launcher  starts the accessibility bus.
We need to ensure all buses are initally started by the same profile,
otherwise  the accessibility fail to start.

See #74, #80 & #235
2023-11-13 22:59:10 +00:00
Alexandre Pujol
a66debd2fb
build(dpkg): ignore libvirt profiles. 2023-11-13 22:22:40 +00:00
Alexandre Pujol
d3084839d1
feat(profiles): improve support for debian over gnome. 2023-11-13 22:14:54 +00:00
Alexandre Pujol
31edd15e8a
feat(profiles): improve kde integration. 2023-11-13 22:11:12 +00:00
Alexandre Pujol
6f98bb9bfb
feat(abs): add more possible resolv.conf path in nameservice.
Used a lot by debian.
2023-11-13 19:32:04 +00:00
Alexandre Pujol
5a3dface8e
tests: add debian-gnome vm image. 2023-11-13 18:56:15 +00:00
Alexandre Pujol
f0a2cb3897
feat(profiles): general update. 2023-11-11 22:02:47 +00:00
Alexandre Pujol
02115a194b
chore: cleanup abstraction' headers. 2023-11-11 20:25:55 +00:00
Alexandre Pujol
3b42cc0ca7
build: update full system policy setup. 2023-11-11 20:25:27 +00:00
Alexandre Pujol
5760c0129c
build: add ignore file for whonix. 2023-11-09 20:53:30 +00:00
Alexandre Pujol
3ab5046d5d
build: ignore non suse profiles on other dists. 2023-11-09 20:53:03 +00:00
Alexandre Pujol
18da36238e
build: add some flags definition. 2023-11-09 20:51:34 +00:00
Alexandre Pujol
758991f67b
feat(profiles): general update. 2023-11-09 17:31:45 +00:00
Alexandre Pujol
ee658c41a6
refractor(profiles): improve child profile structure. 2023-11-09 17:29:34 +00:00
Alexandre Pujol
b49eb4c416
doc: add link to the ubuntu summit talk. 2023-11-09 17:28:33 +00:00
Alexandre Pujol
499b9e785d
feat(full): update full system structure.
- Aims to be compatible with full-policy profile
- Required by systemd
2023-11-09 17:27:19 +00:00
Jeroen Rijken
d042526ca4 signal to socket
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-10-31 16:32:07 +01:00
Jeroen Rijken
c5998d37a2 Add kstart, XDG KDE updates
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-10-31 16:32:07 +01:00
Jeroen Rijken
eaf9bdb32b Plank profile
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-10-31 16:31:32 +01:00
Jeroen Rijken
90e98b6b56 containerd and KDE updates
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
2023-10-31 16:31:32 +01:00
Alexandre Pujol
4df3f2e52f
chore(doc): enforce strict documentation build. 2023-10-27 15:28:31 +01:00
Alexandre Pujol
23639e0b65
doc: update links format. 2023-10-27 15:27:23 +01:00
Alexandre Pujol
84ecf85c0b
feat(profiles): add dell cctk. 2023-10-26 22:40:21 +01:00
Alexandre Pujol
471b544d99
feat(profiles): better integration with not existing profile. 2023-10-26 22:38:39 +01:00
Alexandre Pujol
0031c9e86f
feat(profiles): minor dbus improvment. 2023-10-26 22:37:56 +01:00
Alexandre Pujol
cdf601ca5c
build: minor improvements. 2023-10-21 21:51:23 +01:00
Alexandre Pujol
a8be57a1db
doc: minor improvments. 2023-10-21 00:13:30 +01:00
Alexandre Pujol
aa7fe16a20
feat(profile): improve opensuse integration.
See #208
2023-10-20 23:50:26 +01:00
Alexandre Pujol
4276ede03c
feat(profile): rewrite update-ca-certificates. 2023-10-20 23:43:36 +01:00
Alexandre Pujol
ed7585c3d0
refractor(profile): clean some dbus rules. 2023-10-20 23:15:39 +01:00
Alexandre Pujol
e26302b155
feat(profile): general update. 2023-10-20 23:13:11 +01:00
Alexandre Pujol
46d25ed922
feat(aa-log): improve error formating on rules. 2023-10-20 23:11:11 +01:00