mirrors/apparmor.d
1
0
Fork 0
mirror of https://github.com/roddhjav/apparmor.d.git synced 2024-11-15 16:03:51 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,516 Commits 7 Branches 0 Tags 14 MiB
faab4928ed
Commit Graph

2516 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Alexandre Pujol
065f2233ac
feat(abs): ensure pam-tmpdir-helper is allowed in the auth abs for all distribution. 2024-04-29 11:58:55 +01:00
Alexandre Pujol
af4ee0df00
fix(ci): build tests. 2024-04-28 17:50:07 +01:00
Alexandre Pujol
d2523a434a
doc: update supported DE. 2024-04-28 17:47:07 +01:00
Alexandre Pujol
608b599caf
doc: add a note on debian based install. 2024-04-28 17:34:38 +01:00
Alexandre Pujol
aa94ce1740
build: ensure KDE Neon is in the supported dist list. 
See #312
 2024-04-28 17:17:29 +01:00
Jeroen Rijken
e8eadcc7ec Cleanup 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
 2024-04-28 16:25:45 +02:00
Jeroen Rijken
c40bdcece7 Remove temp 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
 2024-04-28 16:19:01 +02:00
Jeroen Rijken
8b3613fa48 Various updates all over 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
 2024-04-28 16:08:03 +02:00
Jeroen Rijken
d866e04e56 Add KDE Neon to package tools 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
 2024-04-28 15:57:46 +02:00
Jeroen Rijken
821e753572 Various profile updates 
Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>
 2024-04-28 15:57:27 +02:00
Alexandre Pujol
c7fb47e97a
build: remove directive text not applied on build. 2024-04-28 14:22:00 +01:00
Alexandre Pujol
2aa8986a21
feat(profile): update gvfsd-recent. 2024-04-28 13:57:27 +01:00
Alexandre Pujol
454daa9602
feat(profile): restrict torbrowser. 2024-04-28 13:53:25 +01:00
Alexandre Pujol
a63201486b
feat(profile): update flatpak profiles stack. 2024-04-28 13:51:57 +01:00
Alexandre Pujol
65d0cfafe4
feat(profile): general update. 2024-04-28 13:50:48 +01:00
Alexandre Pujol
e44b0613c7
build: ensure compatibility with ubuntu 24.04 2024-04-28 13:33:07 +01:00
Alexandre Pujol
f2c45d7507
ci: exclude paths lib from the tests. 2024-04-28 12:23:47 +01:00
Alexandre Pujol
d1fb9574cb
feat(aa-log): speed up log generation. 2024-04-28 12:06:40 +01:00
Jose Maldonado
b4e5837bb9
Fix access to /tmp using libpam-tmpdir in Debian (#318) 
In Debian with the use of libpam-tmpdir, the paths for $TMP and $TMPDIR
for PAM sessions are affected by much stronger rules and permissions,
providing additional security to the environment.

Those rules for the directory

/tmp/user/@{uid}/<affected_program>

In the case of qBitorrent this applies to the following directory:

/tmp/user/@{uid}/.qBitorrent

This PR fixes the bug and allows qBittorrent to work correctly
under these conditions.

Note: This PR would also have positive effects on Whonix, which uses
libpam-tmpdir according to this link
(https://forums.whonix.org/t/make-symlink-attacks-and-other-tmp-based-attacks-harder-or-impossible-using-libpam-tmpdir/8488)
 2024-04-28 10:27:39 +00:00
Alexandre Pujol
fc64028097
chore(lint): do not lint the path helper lib. 2024-04-28 00:48:17 +01:00
Alexandre Pujol
00f6d88cb8
fix: add missings paths import. 2024-04-28 00:44:23 +01:00
Alexandre Pujol
ac8eec933b
fix: keep go 1.21. 2024-04-28 00:39:24 +01:00
Alexandre Pujol
cbddd56f39
chore: update go sum. 2024-04-28 00:37:07 +01:00
Alexandre Pujol
926e146dad
chore: use internal paths lib. 2024-04-28 00:36:16 +01:00
Alexandre Pujol
f66789d381
chore: include build dep go-paths-helper. 
See #305
 2024-04-28 00:30:59 +01:00
Alexandre Pujol
0cd0262bed
chore: update go mod deps. 2024-04-28 00:04:42 +01:00
Jose Maldonado aka Yukiteru
2f3d55e924 Fix out-of-scope in abstractions/video and bad use abstraction in chromium 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
d88e88767e Fix minitube profile for support Qt5CT and Qt6CT 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
df52a5aa50 Fix support for Qt5CT and Qt6CT in profiles-s-z 
This fix the next apps/binaries

*smplayer
*smtube
*strawberry
*thunderbird
*transmission-qt
*usbguard-applet-qt
*vidcutter
*vlc
*wpa-gui
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
7ed52e44cd Fix support for Qt5CT and Qt6CT in profiles-m-r 
This fix the next apps/binaries

*megasync
*merkaator
*mkvtoolnix-gui
*pinentry-qt
*psi
*psi-plus
*qnapi
*qpdfview
*qtox
*quiterss
*rpi-imager
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
917a754206 Fix suppport for Qt5CT and Qt6CT in profiles-g-l 
This fix support for this profiles

*kanyremote
*keepassxc
*linssid
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
5c35b1d69c Fix profiles for support Qt5CT and Qt6CT 
This fix the next profiles

*Birdtray
*Convertall
*Fritzing
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
72784f4cbc Fix support for Qt5CT and Qt6CT in kde groups profiles 
This fix support in this apps/binaries

*kio_http
*kiod
*kscreenlocker
*kwalletd
*kwalletmanager
*kwin_wayland
*sddm-greeter
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
7ba5adc6f2 Fix qt5ct and qt6ct support in freedesktop group profiles 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
35f947aaa9 Fix Calibre group profile 
Forgotten qt5ct line in Calibre group profile.
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
d26b86c5d7 Fix support for Qt5 and Qt5 in apps groups 
This changes fix access to qt5ct and qt6ct for:

*Calibre
*Flameshot
*Telegram
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
004572349d Fix support for Qt5 and Qt6 in Akonadi group 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
5d1fae1121 Better support for video devices (ex: webcam) 
Actually, Wirepumbler profile fail to access to /dev/video devices
this update fix this problem.
 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
3291fa7f8f Better support for Qt in abstractions/chromium 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
4355f707db Add support for qt5ct and qt6ct 2024-04-27 23:51:48 +01:00
Jose Maldonado aka Yukiteru
4874bd8c7e Fix path in abstractions/qt5 2024-04-26 00:16:25 +01:00
Jose Maldonado aka Yukiteru
0adb00212a Changes for use @{user_config_dirs} for abstractions/qt5.d integration 2024-04-26 00:16:25 +01:00
Jose Maldonado aka Yukiteru
c733d6b9c2 Modifications for qbittorrent profile and qt5.d abstractions 
This modifications allow read system and user qt5ct configs for better
integrations with other DEs (not-KDE).
 2024-04-26 00:16:25 +01:00
Alexandre Pujol
068373405f
feat(aa): add some missing rule template. 2024-04-25 14:01:04 +01:00
Alexandre Pujol
e4c3f1f076
fix: flatpak-app was too strict for some app. 
See #314
 2024-04-25 13:26:11 +01:00
Alexandre Pujol
b3a5fb1ce5
fix: enable pam-tmpdir-helper for all distribution. 
fix #316
 2024-04-25 12:10:29 +01:00
Alexandre Pujol
978daa446b
feat(aa-log): update aa module to last changes. 2024-04-24 21:58:15 +01:00
Alexandre Pujol
8a8808194b
refractor(aa): move base rule & qualifier to their own file. 2024-04-24 13:31:22 +01:00
Alexandre Pujol
8bb6f07950
feat(prebuilt): update aa usage to the last changes. 2024-04-23 21:43:22 +01:00
Alexandre Pujol
de73c9b706
test(aa): improve some internal unit test. 
Thanks to the last changes...
 2024-04-23 21:38:52 +01:00