Commit graph

280 commits

Author SHA1 Message Date
Alexandre Pujol
9ab0745e2d
feat(full): add default fallback profile.
See #252
2023-11-22 20:12:20 +00:00
Alexandre Pujol
23be43ebd0
feat(full): improve how systemd handle services 2023-11-22 18:42:23 +00:00
Alexandre Pujol
e84750453c
fix: dpkg build. 2023-11-19 23:04:43 +00:00
Alexandre Pujol
908aba0385
feat(profiles): add some ubuntu specific profiles. 2023-11-19 21:42:31 +00:00
Alexandre Pujol
dd767f13c0
chore: update flags list. 2023-11-19 21:39:04 +00:00
Alexandre Pujol
59140f5411
feat(full): improve systemd profile.
See https://apparmor.pujol.io/development/structure/#full-system-policy
2023-11-19 21:31:57 +00:00
Alexandre Pujol
d64ef39bd1
build: minor fixes. 2023-11-19 21:04:58 +00:00
Alexandre Pujol
1b48e419f4
build(suse): add systemd-userdbd drop in file. 2023-11-19 15:38:36 +00:00
Alexandre Pujol
9e04743156
build: do not use rsync to synchronise file anymore. 2023-11-19 14:47:55 +00:00
Alexandre Pujol
a66debd2fb
build(dpkg): ignore libvirt profiles. 2023-11-13 22:22:40 +00:00
Alexandre Pujol
5760c0129c
build: add ignore file for whonix. 2023-11-09 20:53:30 +00:00
Alexandre Pujol
3ab5046d5d
build: ignore non suse profiles on other dists. 2023-11-09 20:53:03 +00:00
Alexandre Pujol
18da36238e
build: add some flags definition. 2023-11-09 20:51:34 +00:00
Alexandre Pujol
84ecf85c0b
feat(profiles): add dell cctk. 2023-10-26 22:40:21 +01:00
Alexandre Pujol
cdf601ca5c
build: minor improvements. 2023-10-21 21:51:23 +01:00
Alexandre Pujol
4276ede03c
feat(profile): rewrite update-ca-certificates. 2023-10-20 23:43:36 +01:00
Alexandre Pujol
958cc671b2
build: ignore chronyd profile on apt dist. 2023-10-08 13:57:23 +01:00
Alexandre Pujol
92bfdfa64a
build: do not install the man profile as it is provided by apparmor itself. 2023-10-01 14:27:48 +01:00
Alexandre Pujol
b122d9424f
feat(profiles): enforce some stable profiles. 2023-10-01 13:20:59 +01:00
Alexandre Pujol
ab0ee1a317
feat(profiles): add initial version of passim passimd. 2023-10-01 13:10:17 +01:00
Alexandre Pujol
2aace6bccb
feat(profile): improve kde integration. 2023-09-29 19:33:09 +01:00
Alexandre Pujol
4047921300
fix(build): update backport repo. 2023-09-20 23:08:17 +01:00
Alexandre Pujol
1eda792122
chore: cosmetic. 2023-09-20 19:01:52 +01:00
Alexandre Pujol
b34356ca03
build(rpm): add apparmor-profiles as deps. 2023-09-19 20:37:07 +01:00
Alexandre Pujol
cd48bb5ba0
fix(rpm): remove unused config dir. 2023-09-19 20:22:33 +01:00
Alexandre Pujol
55d46631da
ci: add rpm pkg build. 2023-09-19 20:16:55 +01:00
Alexandre Pujol
0797debd1d
build: add rpm packaging files. 2023-09-19 19:04:12 +01:00
Alexandre Pujol
975f7e0d6d
refractort: dists/build -> dists/docker 2023-09-18 17:26:28 +01:00
Alexandre Pujol
9a8a919b6c
feat(kde): add baloorunner. 2023-09-11 21:33:19 +01:00
Alexandre Pujol
b9fb4b72d2
fix: minor profiles fixes. 2023-09-10 12:41:47 +01:00
curiosityseeker
aaed7a25da
Various updates (#209) 2023-09-10 10:59:26 +00:00
nobody43
03384ab0d0 flags 2023-09-10 11:58:13 +01:00
Alexandre Pujol
6b159fe918
feat: cleanup ignored profile list. 2023-09-07 17:58:47 +01:00
Alexandre Pujol
7c24dde028
feat(profile): rewrite profile for vscode (wip). 2023-09-05 19:15:01 +01:00
curiosityseeker
41525621aa
Various updates (#204) 2023-09-04 13:58:07 +00:00
Alexandre Pujol
aea0034fcc
chore: various cosmetic changes. 2023-09-01 19:26:52 +01:00
Alexandre Pujol
a30d3dd415
feat(profiles): add element-desktop. 2023-08-27 15:42:30 +01:00
Alexandre Pujol
28af1fd642
chore: cleanup flags file. 2023-08-27 15:35:01 +01:00
Alexandre Pujol
22e57b3620
feat(profiles): apply guideline on some profile. Update flags list. 2023-08-27 15:30:18 +01:00
Alexandre Pujol
7a5096e7d8
feat(profiles): add inital version of dolphin. 2023-08-27 15:24:54 +01:00
Alexandre Pujol
ad3e5a5dcf
feat(profiles): add protonmail-bridge. 2023-08-27 15:17:36 +01:00
Alexandre Pujol
8cfe2780d4
feat(profiles): rewrite the spotify profile. 2023-08-27 15:00:02 +01:00
Alexandre Pujol
b0eed1ae39
feat(profiles): add transmission-gtk 2023-08-27 14:59:02 +01:00
Alexandre Pujol
4d79af2203
feat(profiles): add gnome-extension-gsconnect 2023-08-27 14:57:50 +01:00
Alexandre Pujol
5704d1ba20
feat(profiles): various profile fixes. 2023-08-19 14:01:50 +01:00
Alexandre Pujol
557d905543
Merge branch 'tunables' of https://github.com/nobody43/apparmor.d into nobody43-tunables
* 'tunables' of https://github.com/nobody43/apparmor.d:
  dbus temp tails
  Update apparmor.d
  Update gdm-runtime-config
  more unrelated changes
  adjust date-time
  random tails
  rename to int, convert more profiles
  fixes
  tunables
2023-08-17 20:01:53 +01:00
Alexandre Pujol
555b53192c
fix: ensure some required flags are set. 2023-08-17 18:45:41 +01:00
Alexandre Pujol
3f8d559dcc
feat(profiles): add some thunderbird related profiles. 2023-08-17 18:45:10 +01:00
Alexandre Pujol
09943156bc
feat(profiles): add multipath profiles
See #134

Signed-off-by: @cboltz
2023-08-13 20:06:08 +01:00
ShellCode
0f9b7cb474
Fix #184 (#185)
* Replace @{HOME}/.config with @{user_config_dirs}

* Replace @{HOME}/.cache with @{user_cache_dirs}

* Replace @{HOME}/.local/state with @{user_state_dirs}

* Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d

* Update docs/variables.md

* Replace @{HOME}/.local/share with @{user_share_dirs}

* Replace @{HOME}/.local/lib with @{user_lib_dirs}

* Revert "Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d"

This reverts commit 9525003098.
2023-07-27 11:20:19 +00:00
Alexandre Pujol
015db89b4d
fix: do not install code-wrapper profile yet. 2023-07-23 16:22:42 +01:00
Alexandre Pujol
e5ed57c041
fix: ensure flags for plasmashell. 2023-07-20 21:17:47 +01:00
Alexandre Pujol
1424fb5493
feat(profiles): add iio-sensor-proxy 2023-07-20 21:09:18 +01:00
Alexandre Pujol
33a9b062ff
refactor(profiles): do not enable vs code yet. 2023-07-20 20:56:48 +01:00
Alexandre Pujol
db35aa9249
feat(profiles): add firefox glxtest & vaapitest profiles. 2023-07-12 21:59:13 +01:00
Alexandre Pujol
59469b57b4
feat(profiles): general update. 2023-07-09 12:30:09 +01:00
Alexandre Pujol
7deac2c904
feat(profiles): add mutter-x11-frames. 2023-07-08 12:39:24 +01:00
Alexandre Pujol
6715564053
feat(profiles): general update. 2023-07-08 12:37:40 +01:00
Alexandre Pujol
a1946aa171
feat: support for debian 12, drop support for debian 11. 2023-06-18 11:44:56 +01:00
Alexandre Pujol
d4d1b949cd
fix: ensure mount has the disconnected flag.
See #170
2023-06-14 22:31:00 +01:00
Alexandre Pujol
35ca2692c9
feat(kde): add more kde profiles. 2023-04-30 21:50:08 +01:00
Alexandre Pujol
ee10658d09
feat(kde): big kde profiles update. 2023-04-30 21:46:10 +01:00
Alexandre Pujol
c9ef8f55c4
feat(profiles): add firefox-kmozillahelper. 2023-04-30 21:38:59 +01:00
Alexandre Pujol
30e623d73c
fix(profiles): ensure some flags on some profiles. 2023-04-30 15:00:55 +01:00
Alexandre Pujol
1083520225
feat(kde): add initial version for more kde profles. 2023-04-27 22:27:16 +01:00
Alexandre Pujol
e569f907e2
build: etc.d -> multiarch.d as debian does not have etc.d yet. 2023-04-25 21:47:01 +01:00
Alexandre Pujol
7ddba7230d
feat(profiles): update kde integration.
See #134
2023-04-24 18:56:28 +01:00
Alexandre Pujol
9727d1ce1f
fix(build): ubuntu & debian share some build spec. 2023-04-24 00:17:00 +01:00
Alexandre Pujol
c2e4dfa07e
fix(build): add missing trash abs on Ubuntu. 2023-04-23 17:27:49 +01:00
Alexandre Pujol
2e466bab20
build: remove dists file for arch based distribution. 2023-04-19 19:02:05 +01:00
Alexandre Pujol
912f3be8ab
build: remove ubuntu core integration. 2023-04-19 19:00:15 +01:00
Alexandre Pujol
ffa0f7bc3d
build: drop lsb-release build deps. 2023-04-19 18:57:31 +01:00
Alexandre Pujol
7c0863867e
fix(build): ensure a minimum go version in the build process. 2023-04-17 11:26:09 +01:00
Alexandre Pujol
d717a24adc
build: better way to handle package build for development purpose. 2023-04-16 21:25:52 +01:00
Alexandre Pujol
15029a198a
feat(kde): add akonadi_* profiles. 2023-04-16 20:44:29 +01:00
Alexandre Pujol
77955aac3d
feat(kde): add kded5. 2023-04-16 19:27:27 +01:00
Alexandre Pujol
12456486f1
feat(kde): general update. 2023-04-16 19:10:14 +01:00
Alexandre Pujol
5ea6ede589
feat(profile): general update. 2023-04-15 11:52:00 +01:00
Alexandre Pujol
4f22a6ebaa
feat(kde): add kauth helper. 2023-04-05 23:51:27 +01:00
nobody43
fb92aa5716 fixes 2023-04-03 18:20:15 +01:00
Alexandre Pujol
ac75f2ee5c
feat(kde): add xdg-desktop-portal-kde 2023-03-31 17:06:03 +01:00
Alexandre Pujol
0efc3e0703
feat(kde): rewrite polkit-kde-authentication-agent. 2023-03-31 17:03:47 +01:00
Alexandre Pujol
19d1a59bd3
feat(kde): add new kde profiles. 2023-03-31 17:02:49 +01:00
Alexandre Pujol
1131fdf412
feat(profiles): add kgx. 2023-03-31 16:49:41 +01:00
Alexandre Pujol
b43c3fe0c9
chore: finaly remove dockerfile 2023-03-29 00:22:20 +01:00
Alexandre Pujol
6cbc1a5b47
build: remove local dockerfile for build.
They have been moved to https://gitlab.com/roddhjav/builders
2023-03-29 00:16:31 +01:00
Alexandre Pujol
c7cf156de9
feat(profiles): add most virtio related profiles. 2023-03-25 15:54:20 +00:00
Alexandre Pujol
98a1a00a14
feat(profiles): add gsettings. 2023-03-12 15:30:33 +00:00
Alexandre Pujol
d23348c689
feat(flags): cleanup and enforce some profiles. 2023-03-12 15:14:15 +00:00
Alexandre Pujol
0a2efe7fee
feat: add initial support for Ubuntu Core. 2023-02-24 20:38:48 +00:00
nobody43
a873af1f26 general_initial 2023-02-22 21:52:55 +00:00
Alexandre Pujol
a804fe7b56
feat(systemd): add systemd-cryptsetup 2023-02-19 20:35:03 +00:00
Alexandre Pujol
eca22caf8a
feat(systemd): add some systemd-user-generators. 2023-02-19 20:32:18 +00:00
Alexandre Pujol
5d6a4e4e4c
feat(systemd): add systemd-user{db,work} 2023-02-19 20:29:22 +00:00
Alexandre Pujol
c2076a213b
feat(systemd): add systemd-home{d,work} 2023-02-19 20:28:00 +00:00
Alexandre Pujol
4d317cf807
feat(profiles): remove setpriv.
This program should be included by other profile, not generally confined.
2023-02-11 20:20:45 +00:00
Alexandre Pujol
77b9699270
feat(profiles): add sdcv.
Co-authored-by: Andy Ramos <maplewood_broer@8shield.net>
2023-02-08 16:39:37 +00:00
Alexandre Pujol
11cc454fe2
build: add ignore & glags file for opensuse. 2023-02-06 21:29:26 +00:00
Alexandre Pujol
53d1b7a3fd
feat(profiles): update flags. 2023-02-05 00:00:55 +00:00
nobody43
bbdccd0597 complain 2023-01-28 15:25:01 +00:00
Alexandre Pujol
8bed975d55
fix(build): create build links for manjaro. 2023-01-26 20:00:55 +00:00
Alexandre Pujol
dc8134589d
build: initial build support for full system policy. 2023-01-24 20:17:00 +00:00
Cherkah
291450a050 create manjarolinux.flags 2023-01-22 20:20:52 +00:00
Cherkah
909e2f1d94 create manjarolinux.ignore 2023-01-22 20:20:38 +00:00
name.tar.xz
9a53a047d2 add support for cachyos 2023-01-22 12:46:04 +00:00
Alexandre Pujol
b4a1cf963f
build(arch): include crron profiles in Archlinux.
See #101
2023-01-15 17:47:00 +00:00
Alexandre Pujol
f20aa4f548
feat(profiles): general update. 2023-01-14 13:28:21 +00:00
Alexandre Pujol
2431ba98aa
feat(profile): include more rule from #94. 2023-01-14 13:00:01 +00:00
Alexandre Pujol
11cc9bd672
feat: merge pacman mkinitcpio hooks. 2022-12-10 19:12:10 +00:00
Alexandre Pujol
2246e8ae63
feat(profiles): merge the two packagekitd profiles in one. 2022-12-09 19:12:19 +00:00
leah
6916eefc1b use symbolic link instead 2022-11-08 22:58:22 +00:00
leah
4ed0f824d0 add support for endeavour os 2022-11-08 22:58:22 +00:00
Alexandre Pujol
18a8b42cbf
feat(profiles): add initial version of iwctl. 2022-11-05 17:13:39 +00:00
Alexandre Pujol
82ebbd33a4
feat(profiles): update flags. 2022-11-05 17:12:47 +00:00
Alexandre Pujol
157e2a5df6
feat(profiles): grub update. 2022-11-03 21:42:16 +00:00
Alexandre Pujol
a90cdbe879
feat(profiles): general update. 2022-11-03 21:40:01 +00:00
Alexandre Pujol
fabddee9d6
feat(profiles): add os-prober. 2022-10-23 11:27:50 +01:00
Alexandre Pujol
d6cd1af9c8
feat(profiles): add initial version of nmcli. 2022-10-23 11:26:42 +01:00
Alexandre Pujol
0168f8b13b
feat(profiles): add gnome-software. 2022-10-23 11:25:23 +01:00
Alexandre Pujol
2ed2ed8034
Revert "buid(debian): remove config-package build deps."
config-package-dev is required for files hide and displace in the Debian
pkg.

This reverts commit d618583390.
2022-10-16 12:05:28 +01:00
Alexandre Pujol
d618583390
buid(debian): remove config-package build deps. 2022-10-15 23:14:09 +01:00
nobodysu
643a84997e
Unbreak Debian 11 and partially Ubuntu 22.04 (Wayland+GDM+Gnome) (#81)
* Unbreaking Debian 11 and partially Ubuntu 22.04

* pre-cleanup

* pre-cleanup2

* Update im-launch

* Update gnome-extension-ding

* polishing

* not yet

* Update ubuntu.flags

Allow GDM to boot. `No new privs` fix.

* Update debian.flags

Allow GDM to boot. `No new privs` fix.

* Update CONTRIBUTING.md

* fixes

* reverting w

* move setpriv to main.flags
2022-10-14 21:21:56 +00:00
Alexandre Pujol
bdcaa040fe
feat(profiles): add packagekitd. 2022-10-14 22:18:49 +01:00
Alexandre Pujol
e226f4eb03
feat(profiles): add iwd. 2022-10-06 21:13:05 +01:00
Alexandre Pujol
75b25c7e07
build: update flags list. 2022-10-06 20:59:07 +01:00
Alexandre Pujol
41b3f37a3f
build: ignore autostart on Ubuntu. 2022-10-06 20:57:55 +01:00
Alexandre Pujol
7632a2c168
build: better change build dev container name. 2022-10-06 20:54:55 +01:00
Alexandre Pujol
fa1f71a151
build: allow to build the package in a clean container. 2022-10-04 23:17:11 +01:00
Alexandre Pujol
7d3c52036b
feat(profiles): add child-open. 2022-10-01 19:05:44 +01:00
Alexandre Pujol
39740f9369
feat(profiles): add systemd-dissect. 2022-10-01 18:56:02 +01:00
Alexandre Pujol
1a73271a1a
feat(profiles): add localectl. 2022-10-01 18:53:11 +01:00
Alexandre Pujol
65bf8278bc
feat(profiles): add gnome-browser-connector-host. 2022-10-01 18:47:49 +01:00
Alexandre Pujol
7c3fcf260c
feat(profiles): add systemd-id128. 2022-10-01 18:46:32 +01:00
Alexandre Pujol
8ff571549a
feat(profiles): add gnome-extension-manager. 2022-09-24 18:09:05 +01:00
Alexandre Pujol
a432d656c8
feat(profiles): add sbctl. 2022-09-18 11:21:33 +01:00
Alexandre Pujol
4920922394
feat(profiles): add busctl. 2022-09-13 18:39:41 +01:00
Alexandre Pujol
c242a59996
fix(profiles): remove not yet commited profiles from flag definition. 2022-09-13 18:19:42 +01:00
Alexandre Pujol
80a8be6d9e
feat(profiles): move some flags definition in main.flags 2022-09-11 20:47:49 +01:00
Alexandre Pujol
14fd88aa2f
feat(profiles): add profiles for cups. 2022-08-31 22:10:41 +01:00
Alexandre Pujol
66b529497d
feat(profiles): initial support for steam & steam games. 2022-08-13 20:36:52 +01:00
Alexandre Pujol
7aca29b244
feat(profiles): initial snap support. 2022-07-21 22:40:06 +01:00
Alexandre Pujol
595a27560f
feat(profiles): add mullvad profiles. 2022-07-21 20:17:03 +01:00
Alexandre Pujol
4a37cd1149
feat(profiles): add software-properties-gtk & ubuntu-advantage. 2022-07-03 20:29:45 +01:00
Alexandre Pujol
55c0827c2a
chore: better profile ignore definition. 2022-06-14 19:40:25 +01:00
Alexandre Pujol
32e36b0c4a
build: compatibility for debian. 2022-06-14 19:39:04 +01:00
Alexandre Pujol
aea0b5d1d9
build: update flags definitions. 2022-06-14 19:38:09 +01:00
Alexandre Pujol
99106a2231
build: enable aa-status & apparmor.systemd on ubuntu. 2022-05-21 18:24:47 +01:00
Alexandre Pujol
b651641c90
fix(profiles): fix debian compatibility. 2022-05-21 18:18:35 +01:00
Alexandre Pujol
ddf27516bd
chore: ignore ubtuntu profiles in archlimux and debian. 2022-05-21 18:04:38 +01:00
Alexandre Pujol
44b4039806
chore: add not yet upstreamed abstraction for debian. 2022-05-21 18:01:35 +01:00