Commit graph

3001 commits

Author SHA1 Message Date
Roman Beslik
03e974525e Narrowed the temporary file permission 2024-09-26 13:06:26 +00:00
Roman Beslik
e16ade603a Includes have been sorted alphabetically 2024-09-26 13:06:26 +00:00
Roman Beslik
f70e17da33 Changed the profile attachment to the variable 2024-09-26 13:06:26 +00:00
Roman Beslik
779377ce4c Get images from a scanner 2024-09-26 13:06:26 +00:00
Alexandre Pujol
91fc3adb63
docs: update known issues. 2024-09-25 23:19:54 +01:00
Alexandre Pujol
e3a5812bfb
doc: add man page for aa-log. 2024-09-25 23:17:44 +01:00
Alexandre Pujol
bbd06dcabd
doc: add git-committers extension. 2024-09-25 22:33:32 +01:00
Alexandre Pujol
8fb767a5f9
feat(abs): add user-data abstraction.
Warning: experiemental, only for abi 4+, requires a prompting client.

See: https://discourse.ubuntu.com/t/ubuntu-desktop-s-24-10-dev-cycle-part-5-introducing-permissions-prompting/47963
2024-09-25 15:14:16 +01:00
Alexandre Pujol
28b32f1ae3
feat(profile): restrict some access to @{PROC}/@{pid}. 2024-09-25 14:00:29 +01:00
Alexandre Pujol
90a8e44d20
feat(tunable): add more system vars. 2024-09-25 13:05:35 +01:00
Alexandre Pujol
156cce5362
feat(profile): restrict dbus in dbus
even dbus-* profiles do not need access to the full bus.
2024-09-25 00:48:42 +01:00
Alexandre Pujol
69f9e8464f
feat(profile): update profiles for gnome 47. 2024-09-25 00:14:02 +01:00
Alexandre Pujol
457953876a
feat(profile): improve systemd-dissect 2024-09-24 21:49:56 +01:00
Alexandre Pujol
24e0746efa
fix(profile): libreoffice: support any version of java.
fix #520
2024-09-24 21:46:50 +01:00
Alexandre Pujol
6578b55829
fix(profile) Gimp thumbnails log
fix #522
2024-09-24 21:44:49 +01:00
Alexandre Pujol
3a34a70181
fix(profile): xfs support in udisksd
fix #524
2024-09-24 21:38:51 +01:00
Alexandre Pujol
a0dab01401
feat(profile): update multipath.
fix #523
2024-09-24 21:36:49 +01:00
odomingao
67b1c301ed Create vesktop 2024-09-24 10:13:13 +00:00
curiosityseeker
8cc986ab92 Update protonmail 2024-09-24 10:12:52 +00:00
curiosityseeker
9400e5fd00 Update main.flags 2024-09-24 10:12:52 +00:00
curiosityseeker
0bf60c313f New profile: protonmail 2024-09-24 10:12:52 +00:00
curiosityseeker
97676dcf71 Update sudo
Condensing requests like:

@{sys}/fs/cgroup/{hostcritical,system,unevictable,user}.slice/*.service/cgroup.procs r,
@{sys}/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs r,
@{sys}/fs/cgroup/user.slice/user-1000.slice/user@1000.service/cgroup.procs r,
@{sys}/fs/cgroup/system.slice/system-getty.slice/getty@tty3.service/cgroup.procs r,
@{sys}/fs/cgroup/user.slice/user-1000.slice/user@1000.service/cgroup.procs r,
@{sys}/fs/cgroup/user.slice/user-968.slice/user@968.service/cgroup.procs r,
2024-09-23 15:00:22 +00:00
valoq
69cc1031ad clean ssh sk helper 2024-09-23 14:46:05 +00:00
valoq
a854b63162 fix profiles 2024-09-23 14:46:05 +00:00
valoq
4660b7d49c add ssh-sk-helper 2024-09-23 14:46:05 +00:00
curiosityseeker
0d5a3405d8 Update protonmail-bridge-core
because of the following request:

```
/etc/ca-certificates/extracted/*.pem r,
/etc/ssl/certs/{,**} r,
```
2024-09-23 14:44:58 +00:00
curiosityseeker
c28d05f15f Update protonmail-bridge
Because of the following requests:

```
owner "@{user_cache_dirs}/Proton AG/" w,
owner @{user_cache_dirs}/protonmail/ w,

owner @{user_config_dirs}/protonmail/ w,

owner @{user_share_dirs}/protonmail/ w,
```
possibly during setup.
2024-09-23 14:44:58 +00:00
EricLin0509
3a7e4c6705 A Fix for xdg-permission-store 2024-09-23 14:43:56 +00:00
odomingao
8fa2058c55 Small improvement to audio-client 2024-09-23 14:43:28 +00:00
odomingao
18c2f3e8d7 Update gamemoded 2024-09-23 14:43:04 +00:00
odomingao
117b54d16c Create gamemoded 2024-09-23 14:43:04 +00:00
Alexandre Pujol
6723b43559
feat(profile): improve systemsettings. 2024-09-23 15:12:24 +01:00
Alexandre Pujol
31cadd634f
feat(abs): improve some gnome profiles. 2024-09-23 15:11:50 +01:00
Alexandre Pujol
62cb546afa
feat(fps): improve systemd profiles. 2024-09-23 14:59:44 +01:00
Alexandre Pujol
c085c8038b
feat(abs): add glfw.
fix #508
2024-09-23 13:57:32 +01:00
Alexandre Pujol
7f657780e5
feat(tunable): add the word @{w} and digit @{d} variables. 2024-09-21 22:24:45 +01:00
Alexandre Pujol
688f2651fd
feat(tunable): improve python name definition. 2024-09-21 22:14:30 +01:00
Alexandre Pujol
c1d8958aed
fix(profile): missing rule in resolvconf.
fix #502
2024-09-21 16:07:55 +01:00
Alexandre Pujol
f201168877
fix(profile): thunderbird: cpu.max and owner
fix #504
2024-09-21 16:03:02 +01:00
Alexandre Pujol
38a5799979
fix(profile): transmission translation
fix #503
2024-09-21 14:35:25 +01:00
Alexandre Pujol
cc33e29af0
feat(profile): dbus: allow to talk with org.gtk.vfs for some profiles. 2024-09-21 13:35:57 +01:00
Alexandre Pujol
89240929e9
feat(profile): thunderbird: allow to open attachment. 2024-09-21 13:19:35 +01:00
Alexandre Pujol
064e9edec2
fix(profile): ensure torbrowser-update can start torbrowser. 2024-09-21 13:18:03 +01:00
Alexandre Pujol
8572a3ec07
doc: improve the directives page. 2024-09-21 13:16:46 +01:00
Alexandre Pujol
e15bdcc9ad
feat(profile): firefox: handle nnp with keepassxc-proxy. 2024-09-20 23:34:03 +01:00
Alexandre Pujol
8979d84633
feat(profile): remove rules already included in the base abs. 2024-09-20 23:30:09 +01:00
Alexandre Pujol
96defe021c
feat(abs): add the pkexec app abs. 2024-09-20 23:24:15 +01:00
Alexandre Pujol
7a3a1f7725
fix(profile): thunderbird: allow saving of draft. 2024-09-19 12:29:13 +01:00
Alexandre Pujol
5def115a0e
build: enforce a few profiles. 2024-09-19 00:20:13 +01:00
Alexandre Pujol
92b45f895c
feat(profile): add child-open-any. 2024-09-19 00:16:07 +01:00