Commit graph

233 commits

Author SHA1 Message Date
Alexandre Pujol
b3a5fb1ce5
fix: enable pam-tmpdir-helper for all distribution.
fix #316
2024-04-25 12:10:29 +01:00
Alexandre Pujol
7c1d8a3efa
build: cleanup ignored profiles. 2024-04-08 19:32:11 +01:00
Alexandre Pujol
d321536f71
fix: whonix build. 2024-04-08 19:30:45 +01:00
Alexandre Pujol
c04189d900
build(whonix): ignore kde & gnome profiles. 2024-04-05 23:45:58 +01:00
Alexandre Pujol
035ed51400
build(opensuse): clean files definition. 2024-03-30 18:24:49 +00:00
Alexandre Pujol
87459197d3
feat(profile): add child-modprobe-nvidia 2024-03-30 14:46:47 +00:00
Alexandre Pujol
197c1bd78a
feat(profile): general update. 2024-03-27 21:53:11 +00:00
Alexandre Pujol
77016661dc
build: update flags tracking list. 2024-03-23 22:43:10 +00:00
Alexandre Pujol
7cbf8a8f9b
fix: do not force early load of userdbd as it can cause issues. 2024-03-21 23:22:08 +00:00
Alexandre Pujol
74b10ec4d3
build: ensure pkgdest directory exist. 2024-03-20 00:05:30 +00:00
Alexandre Pujol
c074c09e3b
build(opensuse): treat config file as normal files.
apparmor.d profile files are **not** expected to be edited by system admin.
They have local directory for this.
2024-03-19 22:14:54 +00:00
Alexandre Pujol
1f3da81d5a
tests: fix pkg outpout directory. 2024-03-17 23:20:05 +00:00
Alexandre Pujol
158c6006b1
build(opensuse): improve opensuse build process. 2024-03-17 21:34:06 +00:00
Alexandre Pujol
1c1855cf6e
build(opensuse): add new systemd drop-in files in the spec file. 2024-03-16 22:01:22 +00:00
Alexandre Pujol
c3c61a9270
build(opensuse): add missing directory. 2024-03-13 18:48:12 +00:00
Alexandre Pujol
7415b85e1c
feat(profile): add some internal kde profile. 2024-03-13 16:10:02 +00:00
Alexandre Pujol
042e9ff543
feat(profile): rewrite the okular profile. 2024-03-11 22:37:59 +00:00
Alexandre Pujol
f5aacbd029
build(debian): use hide instead of displace to overwrite upstream profiles. 2024-03-10 14:43:43 +00:00
Alexandre Pujol
81b726d303
build: update flags definition. 2024-03-10 13:49:43 +00:00
Alexandre Pujol
09cdf6158d
build(debian): add lintian check. 2024-03-06 12:51:08 +00:00
Alexandre Pujol
1df176cf7b
feat: small update and minor fixes. 2024-03-05 18:29:44 +00:00
Alexandre Pujol
06abeac2ee
feat(profile): general update. 2024-02-29 21:45:42 +00:00
Alexandre Pujol
ae9f7e7442
build: add initial build support for ubuntu 24.04 2024-02-28 17:35:14 +00:00
Alexandre Pujol
c900bd873b
build: update & cleanup flags files. 2024-02-28 15:41:29 +00:00
Alexandre Pujol
2cd14aa6bb
chore: add missing and update copyright year. 2024-02-07 00:16:21 +01:00
Alexandre Pujol
952f74b7c4
build: unix-chkpwd has been upstreamed in opensure. 2024-02-01 18:42:24 +00:00
Alexandre Pujol
4234c54f52
feat(profile): add keyboxd. 2024-01-27 19:43:12 +00:00
Alexandre Pujol
72ade58c98
feat(profile): add dbus-broker. 2024-01-27 19:39:54 +00:00
Alexandre Pujol
9a65da3605
feat(profile): apply profile guideline on secure-time-sync. 2024-01-24 21:03:49 +00:00
Alexandre Pujol
8f825473c6
feat(profile): apply profile guideline on sing-box. 2024-01-24 20:58:23 +00:00
Alexandre Pujol
46cb726834
feat(profile): add dbus-broker-launch. 2024-01-21 13:27:19 +00:00
Alexandre Pujol
243e4efb09
build: cleanup flags definition. 2024-01-21 11:57:26 +00:00
Alexandre Pujol
d2fc3c3325
fix(profile): merge flatpak-bwrap & flatpak-app.
See #264
2023-12-15 18:07:18 +00:00
Alexandre Pujol
b8fc5a96a5
fix(ci): my bad. 2023-12-10 15:48:32 +00:00
Alexandre Pujol
d2078fcb3a
feat(profile): general update. 2023-12-10 15:27:44 +00:00
Alexandre Pujol
41a7cb0f5c
fix: build deb in container. 2023-12-10 14:36:29 +00:00
Alexandre Pujol
5e93de2ec2
build: add support for whonix in docker script. 2023-12-10 13:23:11 +00:00
Alexandre Pujol
bc0e0c79bc
build: better whonix build. 2023-12-09 16:17:05 +00:00
Alexandre Pujol
386402ed70
feat(profile): add some new profiles. 2023-12-09 11:39:10 +00:00
Alexandre Pujol
a9c864fe60
feat(profile): initial support for whonix. 2023-12-09 11:25:38 +00:00
Alexandre Pujol
d81bce5559
feat(profile): general update. 2023-12-08 18:01:39 +00:00
Alexandre Pujol
0568ef0d45
feat(profile): add structure for some cups profile.
They are empty, and forced into complain mode.
2023-12-06 20:06:49 +00:00
Alexandre Pujol
c0bab81e45
feat(profile): add some network deps profile. 2023-12-06 20:03:28 +00:00
Alexandre Pujol
5af4d3c921
fix(profiles): modernise plank & kstart
- Still wip profile
- Should enable additional DE to boot
2023-11-29 22:29:41 +00:00
Alexandre Pujol
fade97486d
feat(profile): add udev child & low-memory profiles. 2023-11-27 19:32:50 +00:00
Alexandre Pujol
cdfa76924b
feat(profile): add dleyna profiles. 2023-11-27 19:27:44 +00:00
Alexandre Pujol
4c689dbad9
feat(profile): add gdm init profiles. 2023-11-27 19:25:34 +00:00
Alexandre Pujol
b8c2380da4
feat(profile): add epiphany providers. 2023-11-27 19:23:35 +00:00
Alexandre Pujol
aa1553388b
feat(flatpak): add flatpak integration.
- Add flatpak profile
- Add flatpak-bwrap subprofile: it manage the sandbox creation & has some larger access.
- Add flatpak-app, default profile for sandboxed app.

See Full system policy #252
2023-11-26 23:19:09 +00:00
Alexandre Pujol
e41779f576
feat(full): add default bwrap profiles.
On  full system policy, use the new bwrap profile (and bwrap-app) to confine sandboxed application.
It is not enabled by default as the sandbox profile is quite large.

Also integrate with the gnome app that use bwrap as sandbox manager.

Update other related profiles

See Full system policy #252
2023-11-26 23:12:35 +00:00