Alexandre Pujol
|
3c77da8f7d
|
feat(fsp): improve the systemd profiles.
|
2024-03-05 00:20:05 +00:00 |
|
Alexandre Pujol
|
c80449719e
|
feat(fsp): rewrite mount rules for systemd.
|
2024-03-05 00:18:40 +00:00 |
|
Alexandre Pujol
|
1699260a87
|
fear(fsp): expand systemd-service for more services.
|
2024-03-05 00:16:24 +00:00 |
|
Alexandre Pujol
|
89cd3d023b
|
fix: entrypoint for systemd-cryptsetup.
|
2024-03-04 23:27:21 +00:00 |
|
Alexandre Pujol
|
8ea0964724
|
feat(fsp): restrict @{run} for systemd.
|
2024-03-04 22:02:43 +00:00 |
|
Alexandre Pujol
|
532162f302
|
feat(abs): improve mount rule for bwrap.
|
2024-03-04 12:55:32 +00:00 |
|
Alexandre Pujol
|
f1b01d03cd
|
feat(profile): add gnome-desktop-thumbnailers.
|
2024-03-04 12:54:39 +00:00 |
|
Alexandre Pujol
|
0533e03756
|
feat(abs): add some dbus access to bwrap-app.
See #302
|
2024-03-03 23:15:19 +00:00 |
|
Alexandre Pujol
|
b91cf4da41
|
feat(abs): cleanup bwrap mount rule as it is not maintainable to restrict more.
|
2024-03-03 23:11:27 +00:00 |
|
Alexandre Pujol
|
0ffa51aca4
|
feat(abs): rewrite bwrap mount rules.
|
2024-03-03 12:08:30 +00:00 |
|
Alexandre Pujol
|
af0c87f712
|
feat(abs): add the initial version of the systemctl abstraction.
|
2024-03-03 12:03:16 +00:00 |
|
Alexandre Pujol
|
7e8f854b16
|
feat(abs): deny apparmor/.null in the base abstraction.
|
2024-03-03 11:51:39 +00:00 |
|
Jeroen Rijken
|
ba6172bb8c
|
Review points
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
346285720d
|
Small updates
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
0332c9cb1b
|
Git SSH agent
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
a2a149e0b7
|
New abstraction uim
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
f807d5a190
|
Deduplicate and revert
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
13079bbd7e
|
name to label
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
23fa2b36ab
|
Remove curly brackets
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
af4038867a
|
Syntax fixes
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
04cf3d3850
|
Various fixes
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
c177ca09ed
|
Typo
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
b0655e9993
|
Fixes and profile updates
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Jeroen Rijken
|
b532dd6827
|
Update various profiles
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
|
2024-03-02 16:05:34 +00:00 |
|
Alexandre Pujol
|
92a1d9f65f
|
feat(profile): general update.
|
2024-03-01 22:35:49 +00:00 |
|
Alexandre Pujol
|
81c55160e6
|
build(debian): fix a few lintian issues.
|
2024-03-01 00:17:19 +00:00 |
|
Alexandre Pujol
|
86898ec673
|
feat(aa-log): update order of impression.
|
2024-02-29 23:37:50 +00:00 |
|
Alexandre Pujol
|
65386321c2
|
feat(aa-log): update shell paths.
|
2024-02-29 23:14:01 +00:00 |
|
Alexandre Pujol
|
19b27a26c0
|
feat(aa-log): do not filter out addresses from the log.
|
2024-02-29 23:13:15 +00:00 |
|
Alexandre Pujol
|
3d4dd5c91a
|
feat(aa-log): correctly handle remount rule from mount log.
|
2024-02-29 23:12:19 +00:00 |
|
Alexandre Pujol
|
06abeac2ee
|
feat(profile): general update.
|
2024-02-29 21:45:42 +00:00 |
|
Alexandre Pujol
|
cd09dc7688
|
feat(abs): update dbus absractions.
|
2024-02-29 21:38:49 +00:00 |
|
Alexandre Pujol
|
f76051f114
|
feat(profile): add some unix rules with local address.
|
2024-02-29 21:15:59 +00:00 |
|
Alexandre Pujol
|
956c282794
|
feat(abs): add apps to the launcher-user abs.
|
2024-02-29 21:06:32 +00:00 |
|
Alexandre Pujol
|
717496e7df
|
fix: cleanup go code.
|
2024-02-29 00:38:29 +00:00 |
|
Alexandre Pujol
|
ffb189ef65
|
feat(profile): general update.
|
2024-02-29 00:32:40 +00:00 |
|
Alexandre Pujol
|
e616b9b3fc
|
feat(aa-log): ensure unix rule are not confused with network unix rule.
Both are technically the same, we simply prioritize `unix` to `network unix`.
|
2024-02-29 00:20:37 +00:00 |
|
Alexandre Pujol
|
e3daaf3d4c
|
feat(aa-log): ensure rule access is always present.
|
2024-02-29 00:19:26 +00:00 |
|
Alexandre Pujol
|
45a6e0bf21
|
fix(build): ensure the displace file get cleaned when not needed.
|
2024-02-29 00:03:39 +00:00 |
|
Alexandre Pujol
|
1f3b812cfb
|
feat(profile): add the loupe profile.
|
2024-02-28 23:52:57 +00:00 |
|
Alexandre Pujol
|
cda8f30c29
|
feat(profile): start using the new bwrap abs.
|
2024-02-28 23:52:15 +00:00 |
|
Alexandre Pujol
|
cbbb2b4a3e
|
fix(profile): better libdir for snap based profiles.
|
2024-02-28 23:47:47 +00:00 |
|
Alexandre Pujol
|
741980f8ab
|
feat(abs): use @{pci} in pci path.
|
2024-02-28 23:32:34 +00:00 |
|
Alexandre Pujol
|
58f130fbb2
|
tests(aa-log): add missing tests for osrelease.
|
2024-02-28 23:27:57 +00:00 |
|
Alexandre Pujol
|
ae9f7e7442
|
build: add initial build support for ubuntu 24.04
|
2024-02-28 17:35:14 +00:00 |
|
Alexandre Pujol
|
431e93c9df
|
feat(abs): update bwrap minimal requirments.
|
2024-02-28 17:17:51 +00:00 |
|
Alexandre Pujol
|
555b5e3c3f
|
feat(profile): general update.
|
2024-02-28 17:17:20 +00:00 |
|
Alexandre Pujol
|
1c999ca921
|
build(debian): add debian displace file.
|
2024-02-28 16:31:25 +00:00 |
|
Alexandre Pujol
|
c900bd873b
|
build: update & cleanup flags files.
|
2024-02-28 15:41:29 +00:00 |
|
Alexandre Pujol
|
d187514fd3
|
feat(profile): add new userns rule.
|
2024-02-28 15:39:18 +00:00 |
|