Commit Graph

2219 Commits

Author SHA1 Message Date
Alexandre Pujol
459fe7c905
feat(profile): use the new bus/atspi abstraction in the profiles. 2023-11-30 00:22:34 +00:00
Alexandre Pujol
fe0cb4b48d
feat(profile): some cleanup in thunderbird. 2023-11-29 22:58:35 +00:00
Alexandre Pujol
5af4d3c921
fix(profiles): modernise plank & kstart
- Still wip profile
- Should enable additional DE to boot
2023-11-29 22:29:41 +00:00
Alexandre Pujol
40cec35a58
Merge branch 'Jeroen0494-feat/update'
* Jeroen0494-feat/update:
  signal to socket
  Add kstart, XDG KDE updates
  Plank profile
  containerd and KDE updates
2023-11-29 22:22:42 +00:00
Alexandre Pujol
f06f01a36a
Merge branch 'feat/update' of https://github.com/Jeroen0494/apparmor.d into Jeroen0494-feat/update
* 'feat/update' of https://github.com/Jeroen0494/apparmor.d:
  signal to socket
  Add kstart, XDG KDE updates
  Plank profile
  containerd and KDE updates
2023-11-29 22:20:29 +00:00
Alexandre Pujol
59442062c3
fix(ci): update reference profile. 2023-11-29 22:16:54 +00:00
Alexandre Pujol
f5e7cd7d0c
feat(abs): add some common dbus rules. 2023-11-29 22:10:23 +00:00
Alexandre Pujol
94f18ed6c1
feat(abs): add new atspi dbus abstraction. 2023-11-29 22:09:05 +00:00
Alexandre Pujol
07a6f35b4e
chore(aa-log): minor template improvement. 2023-11-29 22:08:37 +00:00
Alexandre Pujol
60e4a01a76
feat(abs): add some files into the base abstaction. 2023-11-29 17:50:26 +00:00
Alexandre Pujol
66efedfb01
fix(aa-log): fix go linter. 2023-11-28 15:31:43 +00:00
Alexandre Pujol
34630b2adf
fix(profile): private-files abs already included in private-files-strict.
See c8fd896
2023-11-28 11:04:26 +00:00
Alexandre Pujol
a48daa9c9e
fix(profile): reduce the number of profile transition.
See: 209688f
2023-11-28 10:57:48 +00:00
Alexandre Pujol
209688fe86
feat(profile): general update. 2023-11-27 19:35:42 +00:00
Alexandre Pujol
fade97486d
feat(profile): add udev child & low-memory profiles. 2023-11-27 19:32:50 +00:00
Alexandre Pujol
cdfa76924b
feat(profile): add dleyna profiles. 2023-11-27 19:27:44 +00:00
Alexandre Pujol
c8fd896a0b
feat(profile): add nautilus previewer. 2023-11-27 19:26:13 +00:00
Alexandre Pujol
4c689dbad9
feat(profile): add gdm init profiles. 2023-11-27 19:25:34 +00:00
Alexandre Pujol
b8c2380da4
feat(profile): add epiphany providers. 2023-11-27 19:23:35 +00:00
Alexandre Pujol
d4bc07895a
feat(aa-log): add support change_profile & pivot_rule 2023-11-27 19:21:43 +00:00
Alexandre Pujol
52278490ab
feat(profile): general update. 2023-11-27 19:00:18 +00:00
Alexandre Pujol
319bea17c3
fix(full): fix pivot_root rule. 2023-11-27 18:56:39 +00:00
Alexandre Pujol
926431da1e
doc: remove note about wayland & xorg as both work fine. 2023-11-26 23:37:25 +00:00
Alexandre Pujol
aa1553388b
feat(flatpak): add flatpak integration.
- Add flatpak profile
- Add flatpak-bwrap subprofile: it manage the sandbox creation & has some larger access.
- Add flatpak-app, default profile for sandboxed app.

See Full system policy #252
2023-11-26 23:19:09 +00:00
Alexandre Pujol
e41779f576
feat(full): add default bwrap profiles.
On  full system policy, use the new bwrap profile (and bwrap-app) to confine sandboxed application.
It is not enabled by default as the sandbox profile is quite large.

Also integrate with the gnome app that use bwrap as sandbox manager.

Update other related profiles

See Full system policy #252
2023-11-26 23:12:35 +00:00
Alexandre Pujol
3da0ad2572
feat(full): add bwrap-app abstraction. 2023-11-26 23:08:02 +00:00
Alexandre Pujol
d8ff8c8cd6
feat(kde): add some kde profiles. 2023-11-26 23:07:02 +00:00
Alexandre Pujol
c2bc6f26ae
feat(profile): update kde profiles. 2023-11-26 23:05:01 +00:00
Alexandre Pujol
8250e202a0
feat(profile): general update. 2023-11-26 21:24:40 +00:00
Alexandre Pujol
4b61abf7ce
build: simplify full system policy generation. 2023-11-26 21:19:16 +00:00
Alexandre Pujol
cd1de59aad
feat(abs): improve audio abstraction. 2023-11-24 18:17:26 +00:00
Alexandre Pujol
ef1023156e
feat(profile): minor kde improvment on opensuse.
see #208
2023-11-23 11:19:38 +00:00
Alexandre Pujol
31bc5a6053
feat(profiles): general update. 2023-11-22 21:37:09 +00:00
Alexandre Pujol
a49d83993a
feat(profile): add snapd-apparmor 2023-11-22 20:58:05 +00:00
Alexandre Pujol
c62b45964d
feat(profile): add e2scrub_all. 2023-11-22 20:56:42 +00:00
Alexandre Pujol
17d187e93b
feat(profiles): ensure apparmor_parser works with snap. 2023-11-22 20:55:47 +00:00
Alexandre Pujol
e247a3949e
feat(systemd): add initial version of all missing generator. 2023-11-22 20:55:01 +00:00
Alexandre Pujol
0d124065b9
build: enforce the use on the default profile on full mode. 2023-11-22 20:52:25 +00:00
Alexandre Pujol
07acb8043b
feat(profiles): rename all systemd generator. 2023-11-22 20:51:10 +00:00
Alexandre Pujol
ba1cad7f73
feat(profile): improve child-open. 2023-11-22 20:12:59 +00:00
Alexandre Pujol
9ab0745e2d
feat(full): add default fallback profile.
See #252
2023-11-22 20:12:20 +00:00
Alexandre Pujol
da51cdba64
feat(profiles): improve freedesktop profiles. 2023-11-22 20:07:31 +00:00
Alexandre Pujol
6c6646e1f6
feat(profiles): minor kde additions. 2023-11-22 20:06:39 +00:00
Alexandre Pujol
ae99433595
feat(full): simplify the service profiles. 2023-11-22 20:04:17 +00:00
Alexandre Pujol
04513af863
feat: cleanup child-systemctl 2023-11-22 18:43:43 +00:00
Alexandre Pujol
23be43ebd0
feat(full): improve how systemd handle services 2023-11-22 18:42:23 +00:00
Alexandre Pujol
f2ef493ca7
build: full system for whonix. 2023-11-22 18:16:03 +00:00
Alexandre Pujol
7909bb1948
fix(build): tunable path. 2023-11-19 23:21:50 +00:00
Alexandre Pujol
e84750453c
fix: dpkg build. 2023-11-19 23:04:43 +00:00
Alexandre Pujol
157798e93c
tests(packer): improve debian vm. 2023-11-19 21:48:38 +00:00