apparmor.d

mirror of https://github.com/roddhjav/apparmor.d.git synced 2025-02-07 02:35:06 +01:00

Author	SHA1	Message	Date
Alexandre Pujol	c27ec457d0	feat(profile): cleanup some dbus path/interfaces	2023-11-30 00:29:37 +00:00
Alexandre Pujol	459fe7c905	feat(profile): use the new bus/atspi abstraction in the profiles.	2023-11-30 00:22:34 +00:00
Alexandre Pujol	fe0cb4b48d	feat(profile): some cleanup in thunderbird.	2023-11-29 22:58:35 +00:00
Alexandre Pujol	5af4d3c921	fix(profiles): modernise plank & kstart - Still wip profile - Should enable additional DE to boot	2023-11-29 22:29:41 +00:00
Alexandre Pujol	f06f01a36a	Merge branch 'feat/update' of https://github.com/Jeroen0494/apparmor.d into Jeroen0494-feat/update * 'feat/update' of https://github.com/Jeroen0494/apparmor.d: signal to socket Add kstart, XDG KDE updates Plank profile containerd and KDE updates	2023-11-29 22:20:29 +00:00
Alexandre Pujol	f5e7cd7d0c	feat(abs): add some common dbus rules.	2023-11-29 22:10:23 +00:00
Alexandre Pujol	94f18ed6c1	feat(abs): add new atspi dbus abstraction.	2023-11-29 22:09:05 +00:00
Alexandre Pujol	60e4a01a76	feat(abs): add some files into the base abstaction.	2023-11-29 17:50:26 +00:00
Alexandre Pujol	34630b2adf	fix(profile): private-files abs already included in private-files-strict. See `c8fd896`	2023-11-28 11:04:26 +00:00
Alexandre Pujol	a48daa9c9e	fix(profile): reduce the number of profile transition. See: `209688f`	2023-11-28 10:57:48 +00:00
Alexandre Pujol	209688fe86	feat(profile): general update.	2023-11-27 19:35:42 +00:00
Alexandre Pujol	fade97486d	feat(profile): add udev child & low-memory profiles.	2023-11-27 19:32:50 +00:00
Alexandre Pujol	cdfa76924b	feat(profile): add dleyna profiles.	2023-11-27 19:27:44 +00:00
Alexandre Pujol	c8fd896a0b	feat(profile): add nautilus previewer.	2023-11-27 19:26:13 +00:00
Alexandre Pujol	4c689dbad9	feat(profile): add gdm init profiles.	2023-11-27 19:25:34 +00:00
Alexandre Pujol	b8c2380da4	feat(profile): add epiphany providers.	2023-11-27 19:23:35 +00:00
Alexandre Pujol	52278490ab	feat(profile): general update.	2023-11-27 19:00:18 +00:00
Alexandre Pujol	319bea17c3	fix(full): fix pivot_root rule.	2023-11-27 18:56:39 +00:00
Alexandre Pujol	aa1553388b	feat(flatpak): add flatpak integration. - Add flatpak profile - Add flatpak-bwrap subprofile: it manage the sandbox creation & has some larger access. - Add flatpak-app, default profile for sandboxed app. See Full system policy #252	2023-11-26 23:19:09 +00:00
Alexandre Pujol	e41779f576	feat(full): add default bwrap profiles. On full system policy, use the new bwrap profile (and bwrap-app) to confine sandboxed application. It is not enabled by default as the sandbox profile is quite large. Also integrate with the gnome app that use bwrap as sandbox manager. Update other related profiles See Full system policy #252	2023-11-26 23:12:35 +00:00
Alexandre Pujol	3da0ad2572	feat(full): add bwrap-app abstraction.	2023-11-26 23:08:02 +00:00
Alexandre Pujol	d8ff8c8cd6	feat(kde): add some kde profiles.	2023-11-26 23:07:02 +00:00
Alexandre Pujol	c2bc6f26ae	feat(profile): update kde profiles.	2023-11-26 23:05:01 +00:00
Alexandre Pujol	8250e202a0	feat(profile): general update.	2023-11-26 21:24:40 +00:00
Alexandre Pujol	cd1de59aad	feat(abs): improve audio abstraction.	2023-11-24 18:17:26 +00:00
Alexandre Pujol	ef1023156e	feat(profile): minor kde improvment on opensuse. see #208	2023-11-23 11:19:38 +00:00
Alexandre Pujol	31bc5a6053	feat(profiles): general update.	2023-11-22 21:37:09 +00:00
Alexandre Pujol	a49d83993a	feat(profile): add snapd-apparmor	2023-11-22 20:58:05 +00:00
Alexandre Pujol	c62b45964d	feat(profile): add e2scrub_all.	2023-11-22 20:56:42 +00:00
Alexandre Pujol	17d187e93b	feat(profiles): ensure apparmor_parser works with snap.	2023-11-22 20:55:47 +00:00
Alexandre Pujol	e247a3949e	feat(systemd): add initial version of all missing generator.	2023-11-22 20:55:01 +00:00
Alexandre Pujol	07acb8043b	feat(profiles): rename all systemd generator.	2023-11-22 20:51:10 +00:00
Alexandre Pujol	ba1cad7f73	feat(profile): improve child-open.	2023-11-22 20:12:59 +00:00
Alexandre Pujol	9ab0745e2d	feat(full): add default fallback profile. See #252	2023-11-22 20:12:20 +00:00
Alexandre Pujol	da51cdba64	feat(profiles): improve freedesktop profiles.	2023-11-22 20:07:31 +00:00
Alexandre Pujol	6c6646e1f6	feat(profiles): minor kde additions.	2023-11-22 20:06:39 +00:00
Alexandre Pujol	ae99433595	feat(full): simplify the service profiles.	2023-11-22 20:04:17 +00:00
Alexandre Pujol	04513af863	feat: cleanup child-systemctl	2023-11-22 18:43:43 +00:00
Alexandre Pujol	23be43ebd0	feat(full): improve how systemd handle services	2023-11-22 18:42:23 +00:00
Alexandre Pujol	908aba0385	feat(profiles): add some ubuntu specific profiles.	2023-11-19 21:42:31 +00:00
Alexandre Pujol	e29e839c62	feat(profiles): update apt related profiles.	2023-11-19 21:40:12 +00:00
Alexandre Pujol	07e7810d15	feat(full): add some services profile.	2023-11-19 21:39:36 +00:00
Alexandre Pujol	f43f950c90	feat(full): improve systemd-user profile.	2023-11-19 21:35:53 +00:00
Alexandre Pujol	59140f5411	feat(full): improve systemd profile. See https://apparmor.pujol.io/development/structure/#full-system-policy	2023-11-19 21:31:57 +00:00
monsieuremre	83a2a1cbf9	Full-Policy integration for Whonix/Kicksecure - And also everyone else (#249 ) * full-policy * change path * change * big fix * Delete apparmor.d/groups/_full/systemd * Update and rename full-policy to systemd	2023-11-19 20:54:09 +00:00
Alexandre Pujol	f0cdadbdaf	feat(abs): improve mesa abstraction.	2023-11-19 15:39:02 +00:00
Alexandre Pujol	d1c8471b1d	fix: rule compilation.	2023-11-19 11:39:24 +00:00
Alexandre Pujol	88555a12d0	feat(profiles): add initial userns rule. Require apparmor 4 to be enabled.	2023-11-19 11:19:24 +00:00
Alexandre Pujol	2143fb03af	feat(full): add new systemd variable.	2023-11-19 11:13:40 +00:00
Alexandre Pujol	b79a1fcd31	feat(profile): general update. Also include some preparation for the systemd profile.	2023-11-19 11:08:35 +00:00
Alexandre Pujol	e8fcc12c98	feat(profiles): cleanup dbus daemon related profile.	2023-11-13 23:10:00 +00:00
Alexandre Pujol	e99f7de703	fix(profiles): fix slow startup of gnome at-spi-bus-launcher starts the accessibility bus. We need to ensure all buses are initally started by the same profile, otherwise the accessibility fail to start. See #74, #80 & #235	2023-11-13 22:59:10 +00:00
Alexandre Pujol	d3084839d1	feat(profiles): improve support for debian over gnome.	2023-11-13 22:14:54 +00:00
Alexandre Pujol	31edd15e8a	feat(profiles): improve kde integration.	2023-11-13 22:11:12 +00:00
Alexandre Pujol	6f98bb9bfb	feat(abs): add more possible resolv.conf path in nameservice. Used a lot by debian.	2023-11-13 19:32:04 +00:00
Alexandre Pujol	f0a2cb3897	feat(profiles): general update.	2023-11-11 22:02:47 +00:00
Alexandre Pujol	02115a194b	chore: cleanup abstraction' headers.	2023-11-11 20:25:55 +00:00
Alexandre Pujol	758991f67b	feat(profiles): general update.	2023-11-09 17:31:45 +00:00
Alexandre Pujol	ee658c41a6	refractor(profiles): improve child profile structure.	2023-11-09 17:29:34 +00:00
Alexandre Pujol	499b9e785d	feat(full): update full system structure. - Aims to be compatible with full-policy profile - Required by systemd	2023-11-09 17:27:19 +00:00
Jeroen Rijken	d042526ca4	signal to socket Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-10-31 16:32:07 +01:00
Jeroen Rijken	c5998d37a2	Add kstart, XDG KDE updates Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-10-31 16:32:07 +01:00
Jeroen Rijken	eaf9bdb32b	Plank profile Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-10-31 16:31:32 +01:00
Jeroen Rijken	90e98b6b56	containerd and KDE updates Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-10-31 16:31:32 +01:00
Alexandre Pujol	84ecf85c0b	feat(profiles): add dell cctk.	2023-10-26 22:40:21 +01:00
Alexandre Pujol	471b544d99	feat(profiles): better integration with not existing profile.	2023-10-26 22:38:39 +01:00
Alexandre Pujol	0031c9e86f	feat(profiles): minor dbus improvment.	2023-10-26 22:37:56 +01:00
Alexandre Pujol	aa7fe16a20	feat(profile): improve opensuse integration. See #208	2023-10-20 23:50:26 +01:00
Alexandre Pujol	4276ede03c	feat(profile): rewrite update-ca-certificates.	2023-10-20 23:43:36 +01:00
Alexandre Pujol	ed7585c3d0	refractor(profile): clean some dbus rules.	2023-10-20 23:15:39 +01:00
Alexandre Pujol	e26302b155	feat(profile): general update.	2023-10-20 23:13:11 +01:00
curiosityseeker	04cae35e6e	Update pacman-key (#230 )	2023-10-20 21:50:56 +00:00
curiosityseeker	38648bcba1	Update pipewire (#231 ) Necessary after the recent pipewire update, otherwise audio devices are no longer available.	2023-10-20 11:36:09 +00:00
Alexandre Pujol	ec5311413a	fix(tunables): better mountdirs.	2023-10-16 22:48:36 +01:00
Alexandre Pujol	e43ce58de1	feat(profiles): improve kde integration. See #208	2023-10-16 22:48:13 +01:00
Alexandre Pujol	5f47df0b79	feat(profiles): general update.	2023-10-13 00:05:53 +01:00
Alexandre Pujol	387f2f91fc	fix(profiles): fix brave entry point.	2023-10-13 00:03:29 +01:00
Alexandre Pujol	f5e3c86c6c	feat(profile): improve kde integration See #208	2023-10-09 21:13:40 +01:00
Alexandre Pujol	1cfe802172	feat(profile): support open suse path for git. See #208	2023-10-09 21:01:49 +01:00
Alexandre Pujol	b5fbef8eef	feat(profiles): general update.	2023-10-08 14:00:21 +01:00
Alexandre Pujol	352c444ae6	feat(profiles): general update.	2023-10-01 16:06:28 +01:00
Alexandre Pujol	ab0ee1a317	feat(profiles): add initial version of passim passimd.	2023-10-01 13:10:17 +01:00
Alexandre Pujol	70dc9b7844	feat(profile): remove the atom profile.	2023-09-29 19:47:08 +01:00
Alexandre Pujol	2aace6bccb	feat(profile): improve kde integration.	2023-09-29 19:33:09 +01:00
curiosityseeker	047c819e8c	Update fontconfig-cache-write	2023-09-29 19:28:51 +01:00
curiosityseeker	3d1c8e8b22	Update kwin_wayland	2023-09-29 19:28:51 +01:00
curiosityseeker	901cd72199	Update kwin_wayland	2023-09-29 19:28:51 +01:00
curiosityseeker	4eaa560dd2	Update systemd-logind	2023-09-29 19:28:51 +01:00
curiosityseeker	45cfd7a145	Update kwin_wayland	2023-09-29 19:28:51 +01:00
curiosityseeker	4a62b3c46b	Update systemd-logind	2023-09-29 19:28:51 +01:00
curiosityseeker	65d0513ebb	Update kde-powerdevil	2023-09-29 19:28:51 +01:00
curiosityseeker	db71240aca	Update xkbcomp	2023-09-29 19:28:51 +01:00
curiosityseeker	a0e8801f7c	Update uname	2023-09-29 19:28:51 +01:00
curiosityseeker	2438497385	Update which	2023-09-29 19:28:51 +01:00
curiosityseeker	2ec1f7daa1	Update kwin_wayland	2023-09-29 19:28:51 +01:00
Alexandre Pujol	c8ee832c11	feat(profile): general update	2023-09-29 19:25:30 +01:00
Alexandre Pujol	24affe46f2	fix(abs): SSD Nvme devices pci path.	2023-09-18 19:08:07 +01:00
Alexandre Pujol	c12f089af3	fix(tunables): ensure pci devices are correctly catched. It is less restrictive, but is is guaranted to work.	2023-09-17 21:58:30 +01:00
Alexandre Pujol	d3f05fb334	chore: cosmetic	2023-09-17 21:55:11 +01:00
Alexandre Pujol	2d76c6fc31	refractor(profiles): change variable stryle in thunderbird.	2023-09-15 22:03:51 +01:00
Alexandre Pujol	0713599eb4	feat(profiles): update vlc profile.	2023-09-15 22:02:45 +01:00
Alexandre Pujol	6a78b17d23	feat(profiles): general update.	2023-09-15 22:01:08 +01:00
Alexandre Pujol	f7d1931bdf	feat(dbus): improve dbus introspectable rules.	2023-09-15 18:14:39 +01:00
Alexandre Pujol	2d2693bd99	refractor(profiles): unify the name of the local variables.	2023-09-13 20:55:20 +01:00
Alexandre Pujol	57f914d7fd	feat(profiles): ensure some major program can launch from dbus-daemon-launch-helper See: #216	2023-09-12 23:15:57 +01:00
Alexandre Pujol	6f8ad7ab81	fix: profile compilation.	2023-09-12 23:00:40 +01:00
Alexandre Pujol	6db83003c7	feat(profiles): general update.	2023-09-12 22:59:07 +01:00
Alexandre Pujol	6c397882ad	feat(dbus): update dbus rules.	2023-09-12 22:55:24 +01:00
Alexandre Pujol	600a71a6b1	refractor: move vlc profile.	2023-09-12 22:49:20 +01:00
Alexandre Pujol	9a8a919b6c	feat(kde): add baloorunner.	2023-09-11 21:33:19 +01:00
Jose Maldonado	9fec58db35	Fix access to /tmp folders for Firefox ESR in Debian (#215 ) Firefox ESR in Debian Stable require access to additional folders in /tmp when use a configuration with multiple profiles.	2023-09-11 16:51:01 +00:00
Jose Maldonado aka Yukiteru	4aaa9379a1	Update ignore and better defaults for mpv Add access to GPU ids (amdgpu) for hwaccel in mpv, and better defaults for user_config. Update gitnore and debian/control	2023-09-11 10:03:51 +01:00
Alexandre Pujol	b9fb4b72d2	fix: minor profiles fixes.	2023-09-10 12:41:47 +01:00
Alexandre Pujol	e381aace56	feat(profiles): ensure child-open is available.	2023-09-10 12:10:14 +01:00
Alexandre Pujol	3147f7d59a	feat(snap): do not confine snap. Curently ignored because of some incompatibilities with snap-confine. snap-confine is more important to confine than snap itself.	2023-09-10 12:07:35 +01:00
curiosityseeker	aaed7a25da	Various updates (#209 )	2023-09-10 10:59:26 +00:00
nobody43	5d7ce06a62	scratch that	2023-09-10 11:58:13 +01:00
nobody43	d414083113	Debian 12 Gnome DE	2023-09-10 11:58:13 +01:00
Jose Maldonado aka Yukiteru	0687c32df2	Add a Music Player Daemon profile This is a simple Music Player Daemon (mpd) profile. Tested in my workstation (actually this is my setup for music) using Debian Stable.	2023-09-10 11:00:27 +01:00
Jose Maldonado aka Yukiteru	43ade39bbd	Fix access to /tmp/user/@{uid} in Debian Stable Firefox require access to /tmp/user/@{uid}/ for downloads in Firefox ESR for actual Debian Stable (FirefoxESR-102.15.0esr-1-deb12u1)	2023-09-10 11:00:27 +01:00
Alexandre Pujol	f008e9c6cf	feat: remove some useless or deprecated profiles	2023-09-07 17:59:29 +01:00
Alexandre Pujol	6b159fe918	feat: cleanup ignored profile list.	2023-09-07 17:58:47 +01:00
Alexandre Pujol	1fb2de0acd	feat(profiles): general update.	2023-09-05 23:36:46 +01:00
Alexandre Pujol	7b4979cc63	feat(profiles): update snap profiles.	2023-09-05 23:33:58 +01:00
Alexandre Pujol	245db40b2d	fix(abs): update pci path for disk acess.	2023-09-05 23:32:11 +01:00
Alexandre Pujol	19c1bcc2c7	fix(tunable): pci id are hex.	2023-09-05 23:23:06 +01:00
Alexandre Pujol	7c24dde028	feat(profile): rewrite profile for vscode (wip).	2023-09-05 19:15:01 +01:00
Alexandre Pujol	73ff7efe60	refractor(profile): merge swapon & swapoff	2023-09-05 19:09:11 +01:00
Alexandre Pujol	9a614a3502	feat(profiles): improve opensuse integration. See: #208	2023-09-05 16:53:50 +01:00
Alexandre Pujol	155ef6bef1	feat(profiles): general update.	2023-09-05 16:42:06 +01:00
Alexandre Pujol	1fb5475ad1	fix(profiles): compatibilty with some dist. See #191	2023-09-05 16:36:20 +01:00
Alexandre Pujol	a3cacccd90	fix(profiles): ensure some profile do not break when sandboxed. See #191	2023-09-05 16:34:22 +01:00
Alexandre Pujol	e169ea5ccf	fix(profiles): ensure entry points for snap work.	2023-09-05 13:59:37 +01:00
curiosityseeker	41525621aa	Various updates (#204 )	2023-09-04 13:58:07 +00:00
glitsj16	090349bed2	xdg-user-dirs.d/apparmor.d: ftx typo (#207 )	2023-09-04 08:58:29 +00:00
Alexandre Pujol	ad13a1a0c3	feat(profiles): remove profile for wget.	2023-09-03 20:28:31 +01:00
Alexandre Pujol	ca2469c470	feat(profiles): add aa-teardown	2023-09-03 20:27:32 +01:00
Alexandre Pujol	b2fa7bacb8	feat(profiles): general update.	2023-09-01 22:50:43 +01:00
Alexandre Pujol	0c151259d2	feat(profiles): update kde group.	2023-09-01 22:47:37 +01:00
Alexandre Pujol	aea0034fcc	chore: various cosmetic changes.	2023-09-01 19:26:52 +01:00
curiosityseeker	c2bb733624	Various updates (#201 )	2023-09-01 18:09:45 +00:00
curiosityseeker	86b1ee4df2	Updating sddm, plasmashell, kwin_wayland, startplasma, kscreenlocker-greet and mesa and wayland abstractions (#200 ) * Update sddm * Update plasmashell * Update kwin_wayland * Update kscreenlocker-greet * Update startplasma * Update complete Needed by various applications, e.g. kwin_wayland. * Mesa rules for sddm	2023-08-30 18:48:25 +00:00
Alexandre Pujol	266db5d030	chore: cosmetic.	2023-08-27 15:50:51 +01:00
Alexandre Pujol	993d490a62	feat(profiles): add aa-complain.	2023-08-27 15:47:49 +01:00
Alexandre Pujol	a30d3dd415	feat(profiles): add element-desktop.	2023-08-27 15:42:30 +01:00
Alexandre Pujol	22e57b3620	feat(profiles): apply guideline on some profile. Update flags list.	2023-08-27 15:30:18 +01:00
Alexandre Pujol	7a5096e7d8	feat(profiles): add inital version of dolphin.	2023-08-27 15:24:54 +01:00
Alexandre Pujol	ad3e5a5dcf	feat(profiles): add protonmail-bridge.	2023-08-27 15:17:36 +01:00
Alexandre Pujol	8cfe2780d4	feat(profiles): rewrite the spotify profile.	2023-08-27 15:00:02 +01:00
Alexandre Pujol	b0eed1ae39	feat(profiles): add transmission-gtk	2023-08-27 14:59:02 +01:00
Alexandre Pujol	4d79af2203	feat(profiles): add gnome-extension-gsconnect	2023-08-27 14:57:50 +01:00
Alexandre Pujol	75ef5ef6ad	feat(profiles): general update.	2023-08-27 14:54:04 +01:00
Alexandre Pujol	19331acaa9	feat(profiles): improve dbus related rules.	2023-08-27 14:46:49 +01:00
Alexandre Pujol	2db6b12a9b	chore: cosmetic on snap profiles.	2023-08-27 14:42:13 +01:00
Alexandre Pujol	eb1c03949f	feat(abs): improve some abstraction.	2023-08-27 14:40:56 +01:00
Alexandre Pujol	ec3c5cd62e	feat(profiles): improve kde integration.	2023-08-27 14:32:08 +01:00
Alexandre Pujol	41e0ac6ba8	feat(profiles): rewrite dpkg profile.	2023-08-27 13:30:01 +01:00
curiosityseeker	7f4cef2fff	Kwin wayland, kwin wayland wrapper and sddm (#198 ) * Update kwin_wayland Please check the udev rules and change them if needed - I'm not familiar with them. * Update kwin_wayland_wrapper * Update sddm * Update kwin_wayland_wrapper Reverting change for @{run}/user/@{uid} * Update kwin_wayland: Correct udev rule * Update kwin_wayland: adding the wayland abs * Update sddm: reverting owner /tmo rules * Update sddm: reverting /usr/share/X11/xkb rule * Update sddm: adding the mesa abs * Update kwin_wayland: order udev rules	2023-08-27 11:19:13 +00:00
Alexandre Pujol	393f7001dc	fix(aa-log): profile template. See #182	2023-08-26 11:32:56 +01:00
Alexandre Pujol	d80b758968	feat(abs): modernize disk-read/write abs.	2023-08-24 19:34:21 +01:00
Alexandre Pujol	25782cb925	feat(abs): devices-usb - remove unneeded udev rule.	2023-08-24 19:32:45 +01:00
Alexandre Pujol	07cfbcd952	feat(profiles): modernize udev access.	2023-08-24 19:31:54 +01:00
Alexandre Pujol	73cb5a4545	feat(profiles): add kwin_wayland.	2023-08-23 18:14:22 +01:00
curiosityseeker	80b2124807	kded5, plasmashell, startplasma and sddm updates (#197 ) * Update kded5 * Update startplasma * Update plasmashell * Update sddm	2023-08-23 12:54:28 +00:00
Alexandre Pujol	96b8f96137	feat(profiles): general update.	2023-08-22 23:23:47 +01:00
Alexandre Pujol	261778dbb3	revertL dbus session unix address.	2023-08-22 18:54:39 +01:00
Alexandre Pujol	360230b2a5	feat(profiles): general update.	2023-08-21 23:32:10 +01:00
Alexandre Pujol	6756ca8138	fix(abs): gstreamer cache structure.	2023-08-21 23:27:35 +01:00
Alexandre Pujol	3c6898db5a	fix(tunables): pci devices path.	2023-08-21 23:27:00 +01:00
Alexandre Pujol	0ed036efd5	feat(firefox): minor firefox update.	2023-08-21 23:23:08 +01:00
Alexandre Pujol	5dbc42aaab	feat(abs): update some abstractions.	2023-08-21 23:21:14 +01:00
Alexandre Pujol	310f36f433	feat(tunables): some variables tweak definition.	2023-08-21 23:10:31 +01:00
Alexandre Pujol	5badb6f32c	feat(tunables): add a new @{rand10} variable.	2023-08-19 14:33:07 +01:00
Alexandre Pujol	5704d1ba20	feat(profiles): various profile fixes.	2023-08-19 14:01:50 +01:00
Alexandre Pujol	1dbced42ed	feat(tunables): add a new @{pci} variable.	2023-08-18 22:35:32 +01:00
Alexandre Pujol	275d6b6e62	feat(profiles): replace old [0-9]* glob by @{int} Beware some [0-9]* glob are actually not proper @{int}.	2023-08-18 17:09:53 +01:00
Alexandre Pujol	8ea4491a56	fix(abs): some block device use more than int as identifier.	2023-08-18 15:24:22 +01:00
Alexandre Pujol	b2d093e125	feat(abs): restric abstraction by using new @{int} and @{rand} variables.	2023-08-17 21:24:02 +01:00
Alexandre Pujol	557d905543	Merge branch 'tunables' of https://github.com/nobody43/apparmor.d into nobody43-tunables * 'tunables' of https://github.com/nobody43/apparmor.d: dbus temp tails Update apparmor.d Update gdm-runtime-config more unrelated changes adjust date-time random tails rename to int, convert more profiles fixes tunables	2023-08-17 20:01:53 +01:00
curiosityseeker	7b018a60bd	Update pacman (#193 ) * Update pacman `@{exec_path} mr,` is causing the following errors: ``` ALLOWED pacman exec owner /usr/bin/pacman -> pacman//null-/usr/bin/pacman comm=bash requested_mask=x denied_mask=x ALLOWED pacman//null-/usr/bin/pacman file_inherit owner /dev/pts/4 comm=pacman requested_mask=wr denied_mask=wr ALLOWED pacman//null-/usr/bin/pacman file_mmap owner /usr/bin/pacman comm=pacman requested_mask=r denied_mask=r ALLOWED pacman//null-/usr/bin/pacman file_mmap owner /usr/lib/ld-linux-x86-64.so.2 comm=pacman requested_mask=r denied_mask=r ALLOWED pacman//null-/usr/bin/pacman open owner /etc/ld.so.preload comm=pacman requested_mask=r denied_mask=r ALLOWED pacman//null-/usr/bin/pacman getattr owner /etc/ld.so.preload comm=pacman requested_mask=r denied_mask=r ALLOWED pacman//null-/usr/bin/pacman open owner /etc/ld.so.cache comm=pacman requested_mask=r denied_mask=r ALLOWED pacman//null-/usr/bin/pacman getattr owner /etc/ld.so.cache comm=pacman requested_mask=r denied_mask=r ALLOWED pacman//null-/usr/bin/pacman open owner /usr/lib/libalpm.so.13.0.2 comm=pacman requested_mask=r denied_mask=r ALLOWED pacman//null-/usr/bin/pacman getattr owner /usr/lib/libalpm.so.13.0.2 comm=pacman requested_mask=r denied_mask=r etc. ``` `@{exec_path} mrix,` fixes it. Commits for new profiles for `checkrebuild` and `pkgfile` will follow. * Fix pacman update * Update apparmor.d/groups/pacman/pacman Co-authored-by: Alex <roddhjav@users.noreply.github.com> --------- Co-authored-by: Alex <roddhjav@users.noreply.github.com>	2023-08-17 18:49:56 +00:00
curiosityseeker	c2c745888c	Update complete Move entries from child-open to this abstraction.	2023-08-17 19:43:29 +01:00
curiosityseeker	2299eb00f6	Partially revert change in child-open	2023-08-17 19:43:29 +01:00
curiosityseeker	f2511210af	Update complete Adding `kde-open`	2023-08-17 19:43:29 +01:00
curiosityseeker	c409fe84d2	Create complete `child-open` includes the `xdg-open` abstraction which in turn includes the `kde-open5` abstraction which contains `/usr/bin/kde-open5 rix,` but NOT `/usr/bin/kde-open rix,`causing an error.	2023-08-17 19:43:29 +01:00
curiosityseeker	9da2809695	Update child-open Adding gwenview and libreoffice	2023-08-17 19:43:29 +01:00
curiosityseeker	6fc8cd3e60	Brave: adjust @{exec_path} (#161 ) The path in Ubuntu is: /opt/brave.com/brave/brave The path in Arch is: /opt/brave-bin/brave That's why Brave was not confined on Arch.	2023-08-17 18:41:13 +00:00
ShellCode	cc8210a1bd	Fix xdg user dirs (#186 ) * Rename XDG__HOME to XDG__DIR for consistent naming * tunables/xdg-user-dirs.d/apparmor.d now includes 'apparmor.d.d' subfolder to permit user override	2023-08-17 18:28:10 +00:00
Alexandre Pujol	5ee31716ae	feat(profile): split evince profiles in multiple files.	2023-08-17 18:47:53 +01:00
Alexandre Pujol	f3ab8d2c71	refractor: rename some vscode related profile	2023-08-17 18:47:01 +01:00
Alexandre Pujol	3f8d559dcc	feat(profiles): add some thunderbird related profiles.	2023-08-17 18:45:10 +01:00
Alexandre Pujol	5d47dfba95	feat(profiles): general update.	2023-08-17 18:43:56 +01:00
Alexandre Pujol	f7b9ff959a	feat(profiles): rewrite the signal-desktop profile.	2023-08-17 18:37:36 +01:00
Alexandre Pujol	5911c43930	Merge branch 'main' of github.com:roddhjav/apparmor.d * 'main' of github.com:roddhjav/apparmor.d: fix: signal-desktop (#195)	2023-08-17 18:35:50 +01:00
Cyril Levis	b49bd32564	fix: signal-desktop (#195 ) issue: https://github.com/roddhjav/apparmor.d/issues/194	2023-08-14 15:55:02 +00:00
Alexandre Pujol	1db6f5f67c	feat(profiles): improve ibus entry point.	2023-08-13 21:19:16 +01:00
Alexandre Pujol	09943156bc	feat(profiles): add multipath profiles See #134 Signed-off-by: @cboltz	2023-08-13 20:06:08 +01:00
Alexandre Pujol	a2c35b07a5	fix: libvirtd profile.	2023-08-06 16:45:39 +02:00
Alexandre Pujol	03cf850666	feat(profile): support for diverse wayland compositors. See #165	2023-08-06 16:31:49 +02:00
Alexandre Pujol	1cac6715db	feat(profiles): general update.	2023-08-06 16:30:38 +02:00
Alexandre Pujol	cdc10fdb31	feat(profiles): general update. See #134	2023-08-06 16:06:17 +02:00
Alexandre Pujol	5938079dfd	fix: missing "startplasma-wayland" profile, but "sddm" tries to transition to it. #188	2023-08-06 10:22:05 +02:00
curiosityseeker	4894d6a3c4	Adding /dev/tty[0-9]* and /dev/pts/[0-9]* to various profiles; update kded5 and reflector (#183 ) * Update update-mime-database * Update btrfs * Update update-grub * Update pacman-hook-depmod * Update pacman * Update systemd-sysusers * Update lscpu * Update pacman-hook-systemd * Update pacman-hook-perl * Update pacman-hook-gtk * Update needrestart-iucode-scan-versions * Update reflector * Update kded5	2023-07-27 11:23:04 +00:00
ShellCode	0f9b7cb474	Fix #184 (#185 ) * Replace @{HOME}/.config with @{user_config_dirs} * Replace @{HOME}/.cache with @{user_cache_dirs} * Replace @{HOME}/.local/state with @{user_state_dirs} * Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d * Update docs/variables.md * Replace @{HOME}/.local/share with @{user_share_dirs} * Replace @{HOME}/.local/lib with @{user_lib_dirs} * Revert "Add missing user_share_dirs to apparmor.d/tunables/home.d/apparmor.d" This reverts commit `9525003098`.	2023-07-27 11:20:19 +00:00
curiosityseeker	714971911a	Update needrestart (#181 )	2023-07-24 10:31:03 +00:00
Alexandre Pujol	2307c536b3	feat: add XDG_MAIL_DIR variable	2023-07-20 21:19:23 +01:00
Alexandre Pujol	9b4be2d2c4	feat(profiles): rewrite the thunderbird profile. Only thunderbird version 115+ is supported.	2023-07-20 21:12:37 +01:00
Alexandre Pujol	a79f03f038	feat(kde): improve support for kde.	2023-07-20 21:10:19 +01:00
Alexandre Pujol	1424fb5493	feat(profiles): add iio-sensor-proxy	2023-07-20 21:09:18 +01:00
Alexandre Pujol	af1eda51bd	feat(profiles): general update.	2023-07-20 21:07:27 +01:00
Alexandre Pujol	a3d121fe23	feat(kde): improve support for support.	2023-07-20 21:04:22 +01:00
Alexandre Pujol	d2a650f6c6	feat(profiles): improve dbus integration.	2023-07-20 21:00:41 +01:00
Alexandre Pujol	2a4fa1e6de	refactor(profiles): move thunderbird and code profiles.	2023-07-20 20:54:36 +01:00
Alexandre Pujol	ce7209f2a1	feat(kde): improve kde integration (wip).	2023-07-18 22:30:01 +01:00
Alexandre Pujol	9c08b36182	feat(profiles): general update.	2023-07-18 22:28:30 +01:00
Alexandre Pujol	b4311dac65	fix(profiles): add missing firefox_config_dirs.	2023-07-12 22:01:28 +01:00
Alexandre Pujol	db35aa9249	feat(profiles): add firefox glxtest & vaapitest profiles.	2023-07-12 21:59:13 +01:00
Alexandre Pujol	0bf068d3f2	fix: add missing lib vars.	2023-07-09 15:15:20 +01:00
Alexandre Pujol	dab27a492d	feat(profiles): update dhcpcd.	2023-07-09 15:13:59 +01:00
Alexandre Pujol	1f75dc9956	build: update build for new bin & lib variables	2023-07-09 15:09:32 +01:00
Alexandre Pujol	2b2c42d23c	refactor(profiles): use @{bin} and @{lib} in profiles (7)	2023-07-09 14:59:53 +01:00
Alexandre Pujol	7c2c806ffa	refactor(profiles): use @{bin} and @{lib} in profiles (6)	2023-07-09 14:46:56 +01:00
Alexandre Pujol	fcedbbfd95	refactor(profiles): use @{bin} and @{lib} in profiles (5)	2023-07-09 14:34:42 +01:00
Alexandre Pujol	43b0f09b65	refactor(profiles): use @{bin} and @{lib} in profiles (4)	2023-07-09 14:23:22 +01:00
Alexandre Pujol	27daa7c9bb	refactor(profiles): use @{bin} and @{lib} in profiles (3)	2023-07-09 14:09:55 +01:00
Alexandre Pujol	2eed3b725f	refactor(profiles): use @{bin} and @{lib} in profiles (2)	2023-07-09 13:30:27 +01:00
Alexandre Pujol	bb71f49598	refactor(profiles): use @{bin} and @{lib} in profiles (1)	2023-07-09 13:20:25 +01:00
Alexandre Pujol	59469b57b4	feat(profiles): general update.	2023-07-09 12:30:09 +01:00
Alexandre Pujol	1a82f00d2f	feat(profiles): rewrite vscode profile.	2023-07-09 12:26:38 +01:00
Alexandre Pujol	6d7996a2fd	fix: allow thunderbird to be started by gnome. fix #175	2023-07-08 12:58:58 +01:00
Alexandre Pujol	501d0afa35	feat(profiles): akonadi update.	2023-07-08 12:44:05 +01:00
Alexandre Pujol	7deac2c904	feat(profiles): add mutter-x11-frames.	2023-07-08 12:39:24 +01:00
Alexandre Pujol	6715564053	feat(profiles): general update.	2023-07-08 12:37:40 +01:00
Alexandre Pujol	62cb1d9b96	feat: improve firefox profile - New subprofile - Restric udev/data	2023-07-08 12:30:01 +01:00
Alexandre Pujol	2e69fa0a01	feat: remove unsuported profiles.	2023-07-08 12:28:47 +01:00
Alexandre Pujol	03753373a9	fix: discord entrypoint. fix #174	2023-07-08 12:28:07 +01:00
curiosityseeker	10bd4973c5	General update (#172 ) * Update akonadi_mailfilter_agent * Update plasmashell https://github.com/roddhjav/apparmor.d/discussions/168 Adding k, to the "targets" suggested by audit.log * Update pacman	2023-07-04 09:55:51 +00:00
Alexandre Pujol	69490ed262	feat: add @{lib} and @{bin} variable def.	2023-07-03 14:11:07 +01:00
Alexandre Pujol	11617131ce	feat(profiles): general update.	2023-07-03 14:09:25 +01:00
curiosityseeker	98e59e9336	Akonadi and plasmashell updates (#163 ) * Update plasmashell * Update akonadi_akonotes_resource * Update akonadi_archivemail_agent * Update akonadi_birthdays_resource * Update akonadi_contacts_resource * Update akonadi_control * Update akonadi_followupreminder_agent * Update akonadi_ical_resource * Update akonadi_indexing_agent * Update akonadi_maildir_resource * Update akonadi_maildispatcher_agent * Update akonadi_mailfilter_agent * Update akonadi_mailmerge_agent * Update akonadi_migration_agent * Update akonadi_newmailnotifier_agent * Update akonadi_sendlater_agent * Update akonadi_unifiedmailbox_agent * Revert change * Revert change * Revert change * Revert change * Revert change and add dri-enumerate abstraction * Revert change * Revert change and add dri-enumerate abstraction * Revert change * Revert change * Revert change * Revert change * Revert change and add dri-enumerate abstraction * Revert change * Revert change * Revert change * Revert change * Removing /usr/share/icons/{,*} again Adding the audio abstraction * Adding the consoles abstraction * plasmashell: adding back /dev/shm/ r, and /dev/ptmx rw, * akonadi_mailfilter_agent: removing the user-tmp abstraction I haven't been able to observe new related requests. --------- Co-authored-by: Alex <roddhjav@users.noreply.github.com>	2023-06-14 21:46:34 +00:00
Jeroen Rijken	96c79417cc	Add vscodium & thunderbird Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-06-13 17:58:22 +01:00
Jeroen Rijken	d0553ff4f7	Add apt-overlay Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-06-13 17:58:22 +01:00
Jeroen Rijken	83bff808dc	dpkg updates Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-06-13 17:58:22 +01:00
Jeroen Rijken	a84f0b540c	Add unix domain socket Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-06-13 17:58:22 +01:00
Jeroen Rijken	5ccd92e12f	General update Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-06-13 17:58:22 +01:00
curiosityseeker	0a468caff2	Revert adding the user-tmp abstraction	2023-06-13 17:53:14 +01:00
curiosityseeker	a93c80fac0	Fix kde-powerdevil copy and paste error	2023-06-13 17:53:14 +01:00
curiosityseeker	0bb8937cc2	Update mullvad-daemon	2023-06-13 17:53:14 +01:00
curiosityseeker	6227a51d86	Update kde-powerdevil	2023-06-13 17:53:14 +01:00
curiosityseeker	4deb8f135a	Update mount	2023-06-13 17:53:14 +01:00
Alexandre Pujol	a98a86600a	feat(profiles): general update.	2023-06-13 17:15:37 +01:00
Alexandre Pujol	3c41453591	feat: better wayland client integration.	2023-05-27 23:54:53 +01:00
Alexandre Pujol	526dcc3252	feat(profiles): general update.	2023-05-07 20:34:00 +01:00
Vladimir Bauer	b740a1c3e6	allow k for user_publicshare_dirs ALLOWED libvirtd file_lock /home/vbauer/Public/archlinux/archlinux-2023.05.03-x86_64.iso comm=qemu-event requested_mask=k denied_mask=k class=file ALLOWED libvirtd file_lock /home/vbauer/Public/archlinux/archlinux-2023.05.03-x86_64.iso comm=rpc-libvirtd requested_mask=k denied_mask=k class=file	2023-05-06 19:01:07 +01:00
Alexandre Pujol	fe2edb31d8	feat(abs): qt5 - additional resource.	2023-04-30 21:50:53 +01:00
Alexandre Pujol	35ca2692c9	feat(kde): add more kde profiles.	2023-04-30 21:50:08 +01:00
Alexandre Pujol	ee10658d09	feat(kde): big kde profiles update.	2023-04-30 21:46:10 +01:00
Alexandre Pujol	57e995e4be	feat(apt): improve apt/dpkg integration with ubuntu.	2023-04-30 21:42:42 +01:00
Alexandre Pujol	b45987ee8c	feat(profiles): improve some profiles related to kde (with xorg).	2023-04-30 21:41:23 +01:00
Alexandre Pujol	c9ef8f55c4	feat(profiles): add firefox-kmozillahelper.	2023-04-30 21:38:59 +01:00
Alexandre Pujol	f086f71ba9	feat(firefox): distributions have many paths for ff.	2023-04-30 20:29:22 +01:00
Alexandre Pujol	a95da2e5b8	feat(abs): window_decorations is also needed in gtk abs.	2023-04-30 20:27:45 +01:00
Alexandre Pujol	a1236d583b	feat(kde): add fonts to akonadi & .xinitrc rPix See #134	2023-04-30 14:59:47 +01:00
Alexandre Pujol	fd3e7ba820	fix( libvirtd): add missing resources. See #158	2023-04-30 14:51:09 +01:00
Alexandre Pujol	697e196e42	feat(openvpn): improve integration accross profiles. See #157	2023-04-30 14:49:44 +01:00
curiosityseeker	97a76b4872	Small addition for ...pulse/cookie	2023-04-30 14:26:21 +01:00
curiosityseeker	119c3a27fd	More additions for plasmashell	2023-04-30 14:26:21 +01:00
curiosityseeker	570cd70df0	Update plasmashell	2023-04-30 14:26:21 +01:00
curiosityseeker	49b491b803	Update ksmserver	2023-04-30 14:25:22 +01:00
curiosityseeker	72227923c8	run-parts: 0anacron rPUx -> rix, and some other additions The rule `/etc/cron.{hourly,daily,weekly,monthly}/0anacron rPUx, ` causes the error: `ALLOWED run-parts exec /etc/cron.hourly/0anacron info="no new privs" comm=run-parts requested_mask=x denied_mask=x class=file error=-1`	2023-04-30 14:25:22 +01:00
curiosityseeker	2e4788c51e	Update run-parts Correct include statement	2023-04-28 17:20:31 +01:00
curiosityseeker	1cf1fc35e3	run-parts: include <nameservice-strict>	2023-04-28 17:20:31 +01:00
curiosityseeker	98badeb77d	Update run-parts	2023-04-28 17:20:31 +01:00
curiosityseeker	0560bc18fb	Update run-parts	2023-04-28 17:20:31 +01:00
Alexandre Pujol	1083520225	feat(kde): add initial version for more kde profles.	2023-04-27 22:27:16 +01:00
Alexandre Pujol	aca0501d10	feat(kde): update kde profiles.	2023-04-27 22:22:24 +01:00
Alexandre Pujol	ff2aae77b9	feat(kde): update akonadi profiles.	2023-04-27 22:20:46 +01:00
Alexandre Pujol	1e533ec656	feat(profiles): general update.	2023-04-26 18:39:23 +01:00
Alexandre Pujol	ba27ac1f12	fix(firefox): kmozillahelper path.	2023-04-25 23:20:14 +01:00
Alexandre Pujol	11506d5416	feat(abs): improve browser entry point handling.	2023-04-25 23:19:48 +01:00
Alexandre Pujol	e569f907e2	build: etc.d -> multiarch.d as debian does not have etc.d yet.	2023-04-25 21:47:01 +01:00
Alexandre Pujol	ef687d7149	feat(profiles): general update.	2023-04-24 18:58:58 +01:00
Alexandre Pujol	4523a61425	feat(abs): add floppy disk to disk abs.	2023-04-24 18:57:04 +01:00
Alexandre Pujol	7ddba7230d	feat(profiles): update kde integration. See #134	2023-04-24 18:56:28 +01:00
Alexandre Pujol	52d49fa3ec	feat(profiles): update akonadi. See #134	2023-04-24 18:53:36 +01:00
Alexandre Pujol	a4dd6d52cd	feat(profile): improve rootless container support See: #101	2023-04-24 15:43:19 +01:00
Alexandre Pujol	9afb6b93ef	fix: lol	2023-04-24 15:37:23 +01:00
Alexandre Pujol	203f8accdb	feat(profiles): yt-dlp needs rwk on video files. See: #101	2023-04-24 15:34:49 +01:00
Alexandre Pujol	538d708ec0	feat(profiles): improve integration with xfce and small fixes. See: #137	2023-04-24 15:15:40 +01:00
Alexandre Pujol	d224aa4e6a	feat: various mount related fixes. See #152	2023-04-24 12:27:05 +01:00
Alexandre Pujol	b9b3d0fab1	fix(build): debian specificities build.	2023-04-24 00:01:35 +01:00
Alexandre Pujol	03be191442	fix: remove useless ubuntu core integration.	2023-04-23 23:49:17 +01:00
Alexandre Pujol	2b61f3e82e	chore: add missing structure for full system confinment.	2023-04-19 22:05:35 +01:00
Alexandre Pujol	8982bda7c6	fix: cleanup variable definition.	2023-04-19 22:02:35 +01:00
Alexandre Pujol	51c07d3555	build: libexec is now generated by the prebuild job.	2023-04-19 21:55:09 +01:00
Alexandre Pujol	2f455786e7	feat(profiles): general update.	2023-04-16 20:48:14 +01:00
Alexandre Pujol	03b98ad7de	feat(pass): restrict secret dir path.	2023-04-16 20:46:17 +01:00
Alexandre Pujol	15029a198a	feat(kde): add akonadi_* profiles.	2023-04-16 20:44:29 +01:00
Alexandre Pujol	77955aac3d	feat(kde): add kded5.	2023-04-16 19:27:27 +01:00
Alexandre Pujol	12456486f1	feat(kde): general update.	2023-04-16 19:10:14 +01:00
Alexandre Pujol	0edde44e1d	feat(kde): improve integration with various launcher.	2023-04-15 11:58:34 +01:00
Alexandre Pujol	0e21955b0e	feat(profiles): general update.	2023-04-15 11:55:41 +01:00
Alexandre Pujol	c039fe6c99	feat(abs): improve vulkan resource definition.	2023-04-15 11:54:00 +01:00
Alexandre Pujol	e69f997be3	feat(abs): add intel oneapi support.	2023-04-15 11:53:24 +01:00
Alexandre Pujol	5ea6ede589	feat(profile): general update.	2023-04-15 11:52:00 +01:00
curiosityseeker	9a612f754c	Fix dhcpcd	2023-04-06 13:13:22 +01:00
curiosityseeker	cb741490c6	Update pacman	2023-04-06 13:13:22 +01:00
curiosityseeker	4eea83d623	Update mullvad-daemon	2023-04-06 13:13:22 +01:00
curiosityseeker	7c9b908ba1	Update grub-mkrelpath	2023-04-06 13:13:22 +01:00
Alexandre Pujol	a01c0ec989	feat(kde): better packagekit support.	2023-04-06 00:01:37 +01:00
Alexandre Pujol	26b4c574e3	feat(kde): improve integration.	2023-04-05 23:52:45 +01:00
Alexandre Pujol	4f22a6ebaa	feat(kde): add kauth helper.	2023-04-05 23:51:27 +01:00
Alexandre Pujol	1a09d74df3	fix: ensure /boot/ is a directory. See `de54984`	2023-04-05 21:37:07 +01:00
curiosityseeker	bde3ca0d08	Update cupsd	2023-04-05 13:52:23 +01:00
curiosityseeker	aeb3dc0ea3	Update sddm	2023-04-05 13:52:23 +01:00
curiosityseeker	1fb7d3a90b	Update pipewire Oops, forgotten comma :-(	2023-04-04 14:37:04 +01:00
curiosityseeker	07e5a0d43a	Update cupsd	2023-04-04 13:51:02 +01:00
curiosityseeker	f3698ad4fe	Update dnscrypt-proxy dnscrypt-proxy should be able to read all files in /etc/dnscrypt-proxy	2023-04-04 13:51:02 +01:00
curiosityseeker	392bd49136	Update pipewire	2023-04-04 13:51:02 +01:00
curiosityseeker	1d4477e770	Update run-parts	2023-04-04 13:51:02 +01:00
curiosityseeker	24526961c8	Update smartd	2023-04-04 13:51:02 +01:00
curiosityseeker	6e7b4af93f	Update dhcpcd	2023-04-04 13:51:02 +01:00
curiosityseeker	222e9b96eb	Update aa-status	2023-04-04 13:51:02 +01:00
curiosityseeker	7aa48480e6	Update mullvad-daemon	2023-04-04 13:51:02 +01:00
curiosityseeker	e044053207	Update pacman-conf	2023-04-04 13:51:02 +01:00
curiosityseeker	27eae0e067	Update systemd-tty-ask-password-agent	2023-04-04 13:51:02 +01:00
curiosityseeker	d59c7322f7	Update wget	2023-04-04 13:51:02 +01:00
curiosityseeker	1b255188db	Update kaccess	2023-04-04 13:51:02 +01:00
curiosityseeker	c05f15b15f	Update xauth	2023-04-04 13:51:02 +01:00
curiosityseeker	88efd62344	Update xdg-desktop-portal-kde	2023-04-04 13:51:02 +01:00
curiosityseeker	f9d4a07009	Update pacman	2023-04-04 13:51:02 +01:00
curiosityseeker	d963acfe15	Update dhcpcd	2023-04-04 13:51:02 +01:00
curiosityseeker	de54984592	Update grub-probe	2023-04-04 13:51:02 +01:00
curiosityseeker	62b0a850ed	Update grub-mkrelpath	2023-04-04 13:51:02 +01:00
Alexandre Pujol	1f7b192680	feat(gnome): improve first boot compatibility.	2023-04-03 18:26:42 +01:00
nobody43	dbbe1d8c69	polishing	2023-04-03 18:20:15 +01:00
nobody43	fb92aa5716	fixes	2023-04-03 18:20:15 +01:00
nobody43	2a20b69c65	readers	2023-04-03 18:20:15 +01:00
curiosityseeker	9b51f26500	Update xorg	2023-04-03 18:10:21 +01:00
curiosityseeker	3db3a4e4f1	Update kaccess	2023-04-03 18:10:21 +01:00
curiosityseeker	a42ca870a6	Update ksmserver	2023-04-03 18:10:21 +01:00
curiosityseeker	d7e63c19d6	Update kwalletd5	2023-04-03 18:10:21 +01:00
curiosityseeker	1efbcf1ffa	Update polkit-kde-authentication-agent	2023-04-03 18:10:21 +01:00
curiosityseeker	e633d9a3fc	Update xdg-desktop-portal-kde	2023-04-03 18:10:21 +01:00
Alexandre Pujol	d192faf94a	fix(kde): minor profile fixes. See #134	2023-04-02 12:07:20 +01:00
Alexandre Pujol	fa4d065f52	feat(profile): minor profile update. See: #137	2023-03-31 18:47:32 +01:00
Alexandre Pujol	ac75f2ee5c	feat(kde): add xdg-desktop-portal-kde	2023-03-31 17:06:03 +01:00
Alexandre Pujol	0efc3e0703	feat(kde): rewrite polkit-kde-authentication-agent.	2023-03-31 17:03:47 +01:00
Alexandre Pujol	19d1a59bd3	feat(kde): add new kde profiles.	2023-03-31 17:02:49 +01:00
Alexandre Pujol	5cc4279e36	feat(kde): update existting kde profiles.	2023-03-31 16:59:26 +01:00
Alexandre Pujol	e927145edb	feat(profiles): general update.	2023-03-31 16:52:35 +01:00
Alexandre Pujol	1131fdf412	feat(profiles): add kgx.	2023-03-31 16:49:41 +01:00
Alexandre Pujol	e84e22a917	feat(kde): move more sddm and kde profiles in the kde group.	2023-03-31 16:29:55 +01:00
Alexandre Pujol	cbc1d8faf3	feat(profiles): small profiles update.	2023-03-29 23:55:43 +01:00
Alexandre Pujol	f3d4912be8	feat(profiles): better kde integration Step 1: Ensure it can boot.	2023-03-29 23:54:23 +01:00
Alexandre Pujol	df792530cd	feat(profile): add kreadconfig5 & some network integration. See: #134	2023-03-28 22:11:12 +01:00
Alexandre Pujol	aaa24f644b	feat(profile): zypper & kde integration. See: #134	2023-03-28 00:02:35 +01:00
Alexandre Pujol	e73fc07792	fix: single profile error.	2023-03-27 23:41:29 +01:00
Alexandre Pujol	ed4bd4628a	feat: remove conflicting files with upstream. See: #131	2023-03-27 22:59:59 +01:00
Alexandre Pujol	41766ebd2a	feat(profiles): better integration with openSUSE. See #134	2023-03-27 22:22:36 +01:00
Alexandre Pujol	4ca3ced1a5	feat(browserpass): gpg give access to password repo.	2023-03-27 21:43:38 +01:00
Alexandre Pujol	b793968690	feat(profiles): general update.	2023-03-27 21:42:13 +01:00
Alexandre Pujol	c7cf156de9	feat(profiles): add most virtio related profiles.	2023-03-25 15:54:20 +00:00
Alexandre Pujol	02499d90f0	feat(profiles): general update.	2023-03-25 15:48:59 +00:00
Alexandre Pujol	c5098007a5	feat(abs): cleanup abstraction completion. Most of this is already upstreamed.	2023-03-23 17:33:35 +00:00
Alexandre Pujol	0dfce498c8	feat(profiles): general update.	2023-03-19 17:04:51 +00:00
Alexandre Pujol	1042728ca6	feat(profiles): general update.	2023-03-12 15:35:59 +00:00
Alexandre Pujol	25e2d9d1f4	feat(profiles): ensure gpg stays confined.	2023-03-12 15:33:21 +00:00
Alexandre Pujol	3349dbda7f	feat(full): systemd also need pulseaudio.	2023-03-12 15:30:44 +00:00
Alexandre Pujol	98a1a00a14	feat(profiles): add gsettings.	2023-03-12 15:30:33 +00:00
Alexandre Pujol	8bdce8bd62	feat(profiles): finishing replacing local *_ext variables.	2023-03-12 15:24:53 +00:00
Alexandre Pujol	e0fc80aaa9	feat(profiles): add onefetch and gping.	2023-03-10 10:26:00 +00:00
Alexandre Pujol	c4e607ebfe	feat(profiles): add landscape-sysinfo profiles.	2023-03-10 10:25:18 +00:00
Alexandre Pujol	0d6e3deb24	feat(profiles): start replacing local *_ext variables.	2023-03-10 10:24:02 +00:00
Alexandre Pujol	847eb3deeb	feat(profiles): add steam_lib_dirs local variables.	2023-03-10 10:22:23 +00:00
Alexandre Pujol	52b3c1bcc5	feat(profiles): general update.	2023-03-10 10:20:48 +00:00
Alexandre Pujol	5e77974546	feat(profiles): better cockpit integration.	2023-03-07 18:01:07 +00:00
Alexandre Pujol	558cb68f23	feat(profiles): general update.	2023-03-07 17:57:57 +00:00
Alexandre Pujol	3ff8e3847d	feat(profiles): general update.	2023-03-03 12:20:10 +00:00
Alex	1028e8a02b	fix: sddm profile.	2023-03-03 12:03:43 +00:00
Jeroen Rijken	2f0d31522f	Restructure ap lists Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-03-03 11:56:23 +00:00
Jeroen Rijken	48953bcc6e	Remove duplicate Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-03-03 11:56:23 +00:00
Jeroen Rijken	c2c7e69bc6	Syntax fix Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-03-03 11:56:23 +00:00
Jeroen Rijken	dfadf0aef0	Resolve merge conflicts Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-03-03 11:56:23 +00:00
Jeroen Rijken	6911ca7c13	General update Signed-off-by: Jeroen Rijken <jeroen.rijken@xs4all.nl>	2023-03-03 11:56:23 +00:00
curiosityseeker	4bcfcb25c6	Adding capability net_admin (#130 ) capability net_admin is needed to prevent breaking the boot process on Arch Linux with KDE.	2023-03-03 11:54:49 +00:00
curiosityseeker	3619065c5a	Update chromium	2023-03-02 18:55:24 +00:00
curiosityseeker	f78f46bf48	Update firefox	2023-03-02 18:55:24 +00:00
curiosityseeker	f3f5884abb	Update brave-wrapper	2023-03-02 18:55:24 +00:00
curiosityseeker	0eaafaa8a4	Update brave-sandbox	2023-03-02 18:55:24 +00:00
curiosityseeker	02db2d9641	Update brave	2023-03-02 18:55:24 +00:00
curiosityseeker	c1adeb8c32	Update chromium keepassxc-proxy rPUX -> rix See issue #128	2023-03-02 18:55:24 +00:00
curiosityseeker	781e567d6b	Update firefox keepassxc-proxy rPX -> rix See issue #128	2023-03-02 18:55:24 +00:00
nobody43	c4edf2a6c7	cleanup	2023-03-02 17:50:45 +00:00
nobody43	670411c114	fixes	2023-03-02 17:50:45 +00:00
nobody43	8c0e0a9de1	freedesktop	2023-03-02 17:50:45 +00:00
Alexandre Pujol	491d2176a8	feat(profiles): add systemd as user.	2023-02-24 20:40:04 +00:00
curiosityseeker	11458251c7	Update dhcpcd Thanks!	2023-02-23 11:30:03 +00:00
curiosityseeker	f64edfe6b8	Update dhcpcd Ups , that was an oversight.	2023-02-23 11:30:03 +00:00
curiosityseeker	46bf6f9016	Update dhcpcd	2023-02-23 11:30:03 +00:00
curiosityseeker	2e00023c23	Update dhcpcd Tested on Arch Linux	2023-02-23 11:30:03 +00:00
curiosityseeker	1cc86685ae	Create dhcpcd Tested on Arch Linux.	2023-02-23 11:30:03 +00:00
nobody43	902420c721	vars	2023-02-22 21:52:55 +00:00
nobody43	7e3bb8b1ea	polishing	2023-02-22 21:52:55 +00:00
nobody43	8b4407ca02	fixes	2023-02-22 21:52:55 +00:00
nobody43	01714cc4f0	fixes2	2023-02-22 21:52:55 +00:00
nobody43	d18e012f9e	fixes	2023-02-22 21:52:55 +00:00
nobody43	a873af1f26	general_initial	2023-02-22 21:52:55 +00:00
Alexandre Pujol	6c88213562	feat(aa-log): new journalctl command means new log file.	2023-02-19 21:19:25 +00:00
Alexandre Pujol	a804fe7b56	feat(systemd): add systemd-cryptsetup	2023-02-19 20:35:03 +00:00
Alexandre Pujol	45ca052063	feat(systemd): add systemd-sulogin-shell	2023-02-19 20:33:29 +00:00
Alexandre Pujol	eca22caf8a	feat(systemd): add some systemd-user-generators.	2023-02-19 20:32:18 +00:00
Alexandre Pujol	5d6a4e4e4c	feat(systemd): add systemd-user{db,work}	2023-02-19 20:29:22 +00:00
Alexandre Pujol	c2076a213b	feat(systemd): add systemd-home{d,work}	2023-02-19 20:28:00 +00:00
Alexandre Pujol	da5a3fc6a2	feat: chrome has more multiple possible name.	2023-02-19 20:25:30 +00:00
Alexandre Pujol	c812507792	feat: better integration with Ubuntu Pro.	2023-02-19 20:24:57 +00:00
Alexandre Pujol	cf6aeb5b94	fix: rPX -> rPx	2023-02-19 20:23:37 +00:00
Alexandre Pujol	ef292b585c	feat(profiles): first set of rules for Ubuntu Core support.	2023-02-19 18:22:18 +00:00
Alexandre Pujol	d66a8fa082	feat(profiles): general update.	2023-02-19 17:42:05 +00:00
Alexandre Pujol	9b1aaeb68f	feat(firewalld): forgot non legacy nft. See #101.	2023-02-12 21:59:41 +00:00
Alexandre Pujol	4d317cf807	feat(profiles): remove setpriv. This program should be included by other profile, not generally confined.	2023-02-11 20:20:45 +00:00
Alexandre Pujol	fbd5996531	feat(profiles): general update.	2023-02-11 19:03:01 +00:00
Alexandre Pujol	ef4ed8ba95	fix(power-profiles): see #101	2023-02-08 16:47:52 +00:00
Alexandre Pujol	b53f7559db	feat(pass): better editor integration. Co-authored-by: Andy Ramos <maplewood_broer@8shield.net>	2023-02-08 16:42:39 +00:00
Alexandre Pujol	77b9699270	feat(profiles): add sdcv. Co-authored-by: Andy Ramos <maplewood_broer@8shield.net>	2023-02-08 16:39:37 +00:00
Alexandre Pujol	b4a09ab13a	feat(profiles): networkmanager: compatibility with some distribution Co-authored-by: Andy Ramos <maplewood_broer@8shield.net>	2023-02-08 16:36:24 +00:00
Alexandre Pujol	f20ccedf4f	feat(profiles): general update.	2023-02-07 23:18:10 +00:00
Alexandre Pujol	37dd97a875	feat(profiles): a the XDG_IMG_DIR and user_img_dirs variables	2023-02-07 23:15:18 +00:00
Alexandre Pujol	a8808d3da6	feat(profiles): general update.	2023-02-06 21:25:09 +00:00
Alexandre Pujol	1ff3636fb5	fix: systemd-sleep-grub name.	2023-02-05 00:23:20 +00:00
Alexandre Pujol	a402200dbe	feat(profiles): general update.	2023-02-05 00:03:20 +00:00
Alexandre Pujol	d29bee2789	feat(profiles): add chronyd.	2023-02-04 23:56:56 +00:00
Alexandre Pujol	b16d172e22	feat(systemd): add systemd-cat & systemd-inhibit	2023-02-04 23:56:10 +00:00
Alexandre Pujol	e93e80ee20	feat(opensuse): final opensuse integration.	2023-02-04 23:55:14 +00:00
Alexandre Pujol	609097ef27	feat(opensuse): x11 integration.	2023-02-04 23:48:35 +00:00
Alexandre Pujol	faf7663cde	feat(opensuse): add pidof.	2023-02-04 23:45:39 +00:00
Alexandre Pujol	5bc4860c39	feat(opensuse): add firewalld	2023-02-04 23:44:46 +00:00
Alexandre Pujol	35fcb6fc71	feat(opensuse): desktop integration.	2023-02-04 23:43:18 +00:00
Alexandre Pujol	ff76602843	feat(systemd): split systemd-sleep profile.	2023-02-04 23:41:19 +00:00
Alexandre Pujol	ad23864094	feat(opensuse): gnome integration.	2023-02-04 23:39:19 +00:00
Alexandre Pujol	ff64fbfa51	feat(profiles): cleanup some profiles.	2023-02-04 23:36:49 +00:00
Alexandre Pujol	bac87f9547	feat(profiles): use /etc read only variable: etc_ro	2023-02-04 23:34:29 +00:00
Alexandre Pujol	6e56cfccc9	feat(profiles): make profile entrypoint more universal.	2023-02-04 23:28:17 +00:00
Alexandre Pujol	222b57acb5	feat(profiles): rethink the firefox profiles.	2023-02-04 19:43:05 +00:00
Alexandre Pujol	6061d4981b	feat(profiles): chromium_install_dirs -> chromium_lib_dirs	2023-02-04 19:08:02 +00:00
Alexandre Pujol	e9d61fb7d9	feat(profiles): gpg -> gpg{,2}	2023-02-04 19:02:47 +00:00
Alexandre Pujol	8dca20c5c6	feat(profiles): general update.	2023-02-01 22:37:33 +00:00
Alexandre Pujol	f19379c55f	feat(abs): extend deny-sensitive with new user_password_store_dirs var.	2023-02-01 22:34:54 +00:00
Vladimir Bauer	7d660f7c23	gpgconf: allow write access to @{run}/user/@{uid}/gnupg/ (#114 )	2023-02-01 10:34:50 +00:00
Vladimir Bauer	01419d82c4	pacman: allow dir read in or below @{user_pkg_dirs} (#113 )	2023-01-31 11:43:45 +00:00
Vladimir Bauer	3c3f164e91	minor syntax fix (#112 )	2023-01-29 10:53:41 +00:00
Alexandre Pujol	72e0618aa2	feat(profile): libvirt allow CPU information. See #101.	2023-01-28 19:09:15 +00:00
nobody43	9c61f7ad3e	remove lsd	2023-01-28 15:25:01 +00:00
nobody43	5a9ae96ae8	let it error, works fine	2023-01-28 15:25:01 +00:00
nobody43	9739f2d69e	Armbian	2023-01-28 15:25:01 +00:00
nobody43	8bb5b064d1	fixes	2023-01-28 15:25:01 +00:00
nobody43	4f3864a9b6	rustdesk	2023-01-28 15:25:01 +00:00
nobody43	02ced44a5c	header	2023-01-28 15:25:01 +00:00
nobody43	80de79b66a	Add new profiles	2023-01-28 15:25:01 +00:00
Alexandre Pujol	7a24f98f48	feat(profiles): general update.	2023-01-27 22:31:55 +00:00
Alexandre Pujol	23312c1640	feat(profile): ensure compatibility with userspace tools.	2023-01-27 22:00:10 +00:00
Alexandre Pujol	b7299cecbb	feat(profiles): remove avahi-daemon as it already exist.	2023-01-27 21:50:11 +00:00
Alexandre Pujol	3498be7a37	feat(profiles): better udev range.	2023-01-26 20:05:47 +00:00
Alexandre Pujol	4521061f73	feat(profiles): remove the unused jdownloader profile.	2023-01-26 20:03:08 +00:00
Alexandre Pujol	5a722c42a2	feat(profiles): rewrite the vlc profile.	2023-01-26 20:02:33 +00:00
Alexandre Pujol	807bf7f1c8	feat(profile): general update.	2023-01-24 20:07:10 +00:00
Alexandre Pujol	9343807632	feat(profiles): audit udev on the browsers.	2023-01-24 19:55:50 +00:00
Jeroen Rijken	118c412378	General update	2023-01-22 12:45:32 +00:00
Alexandre Pujol	64ad329dd9	feat(profiles): Cleanup udev rules.	2023-01-19 18:51:16 +00:00
Alexandre Pujol	43606814cc	fix(profiles): compilation fix.	2023-01-18 23:38:48 +00:00
Alexandre Pujol	2f563fa818	feat(profile): general update.	2023-01-18 23:37:06 +00:00
Alexandre Pujol	5b15521255	feat(profile): gemeral update. See: #104.	2023-01-18 23:22:49 +00:00
Alexandre Pujol	a16d645dcb	feat(profile): improve xorg start from xinit. See: #105.	2023-01-18 22:52:32 +00:00
Alexandre Pujol	477993df16	fix(profile): gnome-calculator is not yet confined. This kind of program should not be confined but sandboxed anyway. See #101	2023-01-18 10:04:17 +00:00
Alexandre Pujol	4b5d1e1a79	feat(profile): general update. See: #101	2023-01-16 19:01:22 +00:00
Alexandre Pujol	1f16025c10	feat(profile): general update. See: #102	2023-01-15 19:22:18 +00:00
Alexandre Pujol	8ba25a3f6e	feat(profile): rewrite keepassxc. See: #102	2023-01-15 18:57:35 +00:00
Alexandre Pujol	55edf06936	feat(profiles): second general update. See #101	2023-01-15 17:38:28 +00:00
Alexandre Pujol	c59a40ec4e	feat(profiles): general update. See #101	2023-01-15 17:15:26 +00:00
Alexandre Pujol	f20aa4f548	feat(profiles): general update.	2023-01-14 13:28:21 +00:00
Alexandre Pujol	c637d03d81	fix(profiles): profile build fix.	2023-01-14 13:24:53 +00:00
Alexandre Pujol	0ec39dfe98	fix(profile): journald: be less strict on file format. Fix #98.	2023-01-14 13:20:16 +00:00
Alexandre Pujol	4b10da9fc7	fix(profiles): do not break pacman if the pkg install script is not confined. fix #99	2023-01-14 13:10:43 +00:00
Alexandre Pujol	356dfa08e8	fix(profiles): be less precise regarding hadware. fix #97	2023-01-14 13:06:27 +00:00
Alexandre Pujol	2431ba98aa	feat(profile): include more rule from #94 .	2023-01-14 13:00:01 +00:00
Alexandre Pujol	7c4c48f4c3	fix(profile): initial fix for #94 .	2023-01-12 18:24:06 +00:00
Alexandre Pujol	600d929d85	feat(profiles): general update.	2022-12-15 19:41:51 +00:00
Alexandre Pujol	11cc9bd672	feat: merge pacman mkinitcpio hooks.	2022-12-10 19:12:10 +00:00
Alexandre Pujol	c453484eab	fix(profiles): docker pull need full access of the container.	2022-12-10 15:18:00 +00:00
Alexandre Pujol	ee83e1c33c	feat(profiles): general update.	2022-12-09 19:14:56 +00:00
Alexandre Pujol	19d005bf59	feat(profiles): add the @{XDG_WORK_DIR} variable.	2022-12-09 19:13:06 +00:00
Alexandre Pujol	2246e8ae63	feat(profiles): merge the two packagekitd profiles in one.	2022-12-09 19:12:19 +00:00
Alexandre Pujol	90dc848766	feat(profiles): mkinitcpio support for systemd hooks.	2022-12-09 18:55:42 +00:00
Alexandre Pujol	372766f757	Merge branch 'master' of github.com:roddhjav/apparmor.d * 'master' of github.com:roddhjav/apparmor.d: wireshark	2022-12-09 18:54:11 +00:00
Alexandre Pujol	ac25454f02	feat(profiles): improve x11 integraion.	2022-12-09 18:53:18 +00:00
Alexandre Pujol	dd232695d3	feat(profiles): refractor all chromium based browsers. All chromium based browser now use the new chromium abstraction.	2022-12-09 18:50:57 +00:00
Alexandre Pujol	7f231caf1b	feat(profiles): update some dbus rules.	2022-12-07 20:42:36 +00:00
Alexandre Pujol	bec892b179	fix: disk-write need access to /dev/mapper/ too.	2022-12-07 20:41:07 +00:00
Alexandre Pujol	53e04cc10e	feat(profiles): update chrome profiles.	2022-12-07 20:40:34 +00:00
nobody43	038e2882b5	wireshark	2022-11-30 20:45:13 +00:00
Alexandre Pujol	f8b6dfae5c	fix: ensure sys/device/cpu/possible is in the base abs for all dist.	2022-11-29 20:24:38 +00:00
Alexandre Pujol	1e5d90afe8	feat(profiles): general update.	2022-11-29 12:02:38 +00:00
Alexandre Pujol	d52a7bd52a	fix(profiles): fix wayland cursor path.	2022-11-29 11:57:23 +00:00
Alexandre Pujol	f5cb901eef	feat(profiles): new wayland cursor file.	2022-11-28 18:08:01 +00:00
Alexandre Pujol	9a46df81b9	feat(profiles): remove rules promoted into the base abstraction.	2022-11-28 18:05:29 +00:00
Alexandre Pujol	1fa427ca81	feat(profiles): general update.	2022-11-20 11:42:08 +00:00
Alexandre Pujol	0837c158cb	feat(profiles): general update.	2022-11-13 18:27:47 +00:00
Alexandre Pujol	26f838b73f	feat(profiles): general update.	2022-11-11 22:18:55 +00:00
Alexandre Pujol	fd88162c55	feat(profiles): disks access - add NBD devices.	2022-11-11 21:41:04 +00:00
Alexandre Pujol	dd13de385e	feat(profiles): general update.	2022-11-05 17:25:27 +00:00
Alexandre Pujol	18a8b42cbf	feat(profiles): add initial version of iwctl.	2022-11-05 17:13:39 +00:00
Alexandre Pujol	157e2a5df6	feat(profiles): grub update.	2022-11-03 21:42:16 +00:00
Alexandre Pujol	a90cdbe879	feat(profiles): general update.	2022-11-03 21:40:01 +00:00
Alexandre Pujol	fabddee9d6	feat(profiles): add os-prober.	2022-10-23 11:27:50 +01:00
Alexandre Pujol	d6cd1af9c8	feat(profiles): add initial version of nmcli.	2022-10-23 11:26:42 +01:00
Alexandre Pujol	0168f8b13b	feat(profiles): add gnome-software.	2022-10-23 11:25:23 +01:00
nobody43	f94faf697e	Read-only root compatibility (#86 ) * Read-only root compatibility * remove complain Co-authored-by: nobodysu <nobodysu@users.noreply.github.com>	2022-10-18 18:23:52 +00:00
Alexandre Pujol	5fdbc2d00e	fix(profiles): minor bug fixes.	2022-10-18 19:20:12 +01:00
nobody43	81fd594be2	Update apparmor.d/profiles-g-l/htop Co-authored-by: Alex <roddhjav@users.noreply.github.com>	2022-10-17 15:09:52 +00:00
nobodysu	8d61d3256a	more profiles	2022-10-17 17:07:26 +03:00
nobodysu	349689cba4	polishing2	2022-10-16 17:46:39 +03:00
nobodysu	41659f073c	polishing	2022-10-16 17:45:00 +03:00
nobodysu	c6ca84ded4	remove spaces	2022-10-16 17:20:49 +03:00
nobodysu	f637c70f99	remove complain	2022-10-16 17:17:53 +03:00
nobodysu	ac7c42eefd	New user login	2022-10-16 17:12:23 +03:00
Alexandre Pujol	c15f2fbb7b	feat(profiles): ensure ibus-daemon integration with Ubuntu.	2022-10-16 12:15:12 +01:00
Alexandre Pujol	e7fbf5fbef	feat(profiles): better ubuntu integration.	2022-10-15 18:03:23 +01:00
Alexandre Pujol	2aa4618dda	feat(profiles): gnome-session-binary ensure compatibility across distribution.	2022-10-15 17:32:01 +01:00
nobodysu	643a84997e	Unbreak Debian 11 and partially Ubuntu 22.04 (Wayland+GDM+Gnome) (#81 ) * Unbreaking Debian 11 and partially Ubuntu 22.04 * pre-cleanup * pre-cleanup2 * Update im-launch * Update gnome-extension-ding * polishing * not yet * Update ubuntu.flags Allow GDM to boot. `No new privs` fix. * Update debian.flags Allow GDM to boot. `No new privs` fix. * Update CONTRIBUTING.md * fixes * reverting w * move setpriv to main.flags	2022-10-14 21:21:56 +00:00
Alexandre Pujol	bdcaa040fe	feat(profiles): add packagekitd.	2022-10-14 22:18:49 +01:00
Alexandre Pujol	b1950cbe91	feat(profiles): general update.	2022-10-14 22:17:27 +01:00
Alexandre Pujol	3c841e6d6a	fix(profiles): ensure all firefox start is cached.	2022-10-14 22:13:23 +01:00
Alexandre Pujol	513abeb59d	refactor: move child profiles into children group.	2022-10-14 22:12:46 +01:00
Alexandre Pujol	eddf6bfc4f	feat(profiles): general update.	2022-10-08 13:13:44 +01:00
Alexandre Pujol	e226f4eb03	feat(profiles): add iwd.	2022-10-06 21:13:05 +01:00
Alexandre Pujol	736e44a483	feat(profiles): general update.	2022-10-06 20:53:54 +01:00
Alexandre Pujol	ddedb39f3d	refactor: move profile in correct group.	2022-10-06 20:51:30 +01:00
Alexandre Pujol	e4e54a26ef	feat(profiles): restrict path access in pacman.	2022-10-06 20:50:41 +01:00
Alexandre Pujol	ece6524886	fix(profile): fix gio-launch-desktop attachments.	2022-10-06 20:48:08 +01:00
Alexandre Pujol	418107f11e	feat(profiles): allow gvfs-metadata on some profile that really need it.	2022-10-06 20:47:22 +01:00
Alexandre Pujol	1c97feb5c2	feat(profiles): add modprobed-db.	2022-10-06 20:45:31 +01:00
Alexandre Pujol	c2952b1ec5	feat(profiles): more flexibility in password-store dir name.	2022-10-06 20:43:39 +01:00
Alexandre Pujol	ac47e292ac	feat(profiles): general update.	2022-10-04 21:11:13 +01:00
Alexandre Pujol	d0a8030af8	fix(profile): add deny-sensitive-home abstraction.	2022-10-01 19:18:54 +01:00
Alexandre Pujol	8a55eb8330	fix(profile): fontconfig-cache-write needs /var/cache/fontconfig/ access.	2022-10-01 19:11:19 +01:00
Alexandre Pujol	f45c07dfa1	feat(profiles): child-open integration 2/2	2022-10-01 19:10:00 +01:00
Alexandre Pujol	b29f9675eb	feat(profiles): browser - add child-open integration & cleanup.	2022-10-01 19:08:15 +01:00
Alexandre Pujol	7d3c52036b	feat(profiles): add child-open.	2022-10-01 19:05:44 +01:00
Alexandre Pujol	e7d73243af	refactor: move child-systemctl the children group.	2022-10-01 19:04:35 +01:00
Alexandre Pujol	39740f9369	feat(profiles): add systemd-dissect.	2022-10-01 18:56:02 +01:00
Alexandre Pujol	1a73271a1a	feat(profiles): add localectl.	2022-10-01 18:53:11 +01:00
Alexandre Pujol	65bf8278bc	feat(profiles): add gnome-browser-connector-host.	2022-10-01 18:47:49 +01:00
Alexandre Pujol	7c3fcf260c	feat(profiles): add systemd-id128.	2022-10-01 18:46:32 +01:00
Alexandre Pujol	4681a495b3	feat(profiles): general update.	2022-10-01 18:45:08 +01:00
Alexandre Pujol	5580a34184	refactor: move chrome-gnome-shell to the gnome group.	2022-10-01 18:38:29 +01:00
Alexandre Pujol	768e50c6ab	fix: remove not modified lxc rules. Fix #79	2022-09-28 11:54:29 +01:00
Alexandre Pujol	9f2b68dd5d	feat(profiles): add ubuntu-advantage-desktop-daemon.	2022-09-26 14:59:54 +01:00
Alexandre Pujol	205c2d7184	feat(profiles): new children group. This group is reserved for profile without an attachment path because it is ended to be used only via "Px -> <profile-name>".	2022-09-26 14:59:18 +01:00
Alexandre Pujol	42f305b244	feat(profiles): add XDG_GAMES_DIR and user_games_dirs variables.	2022-09-24 18:23:11 +01:00
Alexandre Pujol	060ea3acc9	feat(profiles): add archlinux-keyring-wkd-sync.	2022-09-24 18:21:56 +01:00
Alexandre Pujol	8ff571549a	feat(profiles): add gnome-extension-manager.	2022-09-24 18:09:05 +01:00
Alexandre Pujol	a02e67d980	feat(profiles): askpass -> code-askpass.	2022-09-24 18:08:00 +01:00
Alexandre Pujol	f2989321eb	feat(profiles): general update.	2022-09-24 18:06:06 +01:00
Alexandre Pujol	ae6cecde52	feat(profiles): deny gvfs-metadata when possible.	2022-09-24 17:59:20 +01:00
beroal	fcee586e9e	viewing DjVu and PostScript files (#78 )	2022-09-24 11:13:21 +00:00
Alexandre Pujol	a432d656c8	feat(profiles): add sbctl.	2022-09-18 11:21:33 +01:00
Alexandre Pujol	4920922394	feat(profiles): add busctl.	2022-09-13 18:39:41 +01:00
Alexandre Pujol	3c7dda5060	feat(profiles): allow most dbus access to gnome.	2022-09-13 18:17:11 +01:00
Alexandre Pujol	58e060c470	Merge branch 'master' of github.com:roddhjav/apparmor.d * 'master' of github.com:roddhjav/apparmor.d: bulk cross-OS awk (#75)	2022-09-11 20:48:03 +01:00
Alexandre Pujol	80a8be6d9e	feat(profiles): move some flags definition in main.flags	2022-09-11 20:47:49 +01:00
Alexandre Pujol	8ff5ed7a69	feat(profiles): general update.	2022-09-11 20:45:14 +01:00
nobodysu	78a180b2f6	bulk cross-OS awk (#75 )	2022-09-11 19:40:34 +00:00
nobodysu	8fb8e7ced3	lost abi	2022-09-06 22:03:19 +01:00
nobodysu	912a6c48e5	cleanup2	2022-09-06 22:03:19 +01:00
nobodysu	7720802dac	cleanup	2022-09-06 22:03:19 +01:00
nobodysu	cd646ea899	broader gdm	2022-09-06 22:03:19 +01:00
nobodysu	71a7c25a6d	Delete lightdm-guest-session	2022-09-06 22:02:21 +01:00
nobodysu	fe59b4d3f8	Delete lightdm_chromium-browser	2022-09-06 22:02:21 +01:00
nobodysu	f02ec5d273	Delete lightdm	2022-09-06 22:02:21 +01:00
Jeroen	9818daba5f	LVM and general update (#68 ) * Small fixes * General update * Add LVM * Various small fixes * Add profile * Typo * sbin to regex * Date and time to extends * Read cmdline * Remove grep duplicate * Small fixes * Typo * Permissions for warning scripts * Add net_admin for multipath	2022-09-06 21:01:17 +00:00
nobodysu	1649b427f8	Ubuntu 22.04, third batch (#65 ) * initial * ready * cleanup * cleanup2 * Update dbus-gtk	2022-09-06 17:00:18 +00:00
Alexandre Pujol	70aea89ad4	Revert "fix: the trash abstraction has been upstreamed." This reverts commit `688a62e9bc`. Fix #71	2022-09-06 17:52:08 +01:00
Alexandre Pujol	746a36bfb4	feat(profiles): add our virt-aa-helper.	2022-09-03 16:10:17 +01:00
Alexandre Pujol	769627fc25	feat(profiles): remove libvirt abstractions.	2022-09-03 16:06:31 +01:00
Alexandre Pujol	892d44cca2	feat(profiles): remove unused abstractions.	2022-09-03 16:05:37 +01:00
Alexandre Pujol	688a62e9bc	fix: the trash abstraction has been upstreamed.	2022-09-03 16:04:53 +01:00
Alexandre Pujol	3b56d3ff0f	feat(profiles): use the new hex variable.	2022-09-03 14:43:34 +01:00
Alexandre Pujol	5d0c521e44	feat(profiles): move aurpublish profile.	2022-09-03 14:29:07 +01:00
Alexandre Pujol	14fd88aa2f	feat(profiles): add profiles for cups.	2022-08-31 22:10:41 +01:00
Alexandre Pujol	30f0b69a67	feat(profiles): add losetup profile.	2022-08-31 21:58:55 +01:00
Alexandre Pujol	0f61c4649c	feat(profiles): general update.	2022-08-31 21:54:33 +01:00
Alexandre Pujol	0238adaaf1	Merge branch 'ubuntu2204__2' of https://github.com/nobodysu/apparmor.d into nobodysu-ubuntu2204__2 * 'ubuntu2204__2' of https://github.com/nobodysu/apparmor.d: Update pkexec Update polkitd update polishing polishing Ubuntu 22.04, second batch	2022-08-22 22:10:46 +01:00
nobodysu	bea1aab15a	Update pkexec	2022-08-21 21:24:20 +00:00
nobodysu	43a366cca3	Update polkitd	2022-08-21 21:23:05 +00:00
Alexandre Pujol	9d4956df0d	feat(profiles): general update.	2022-08-21 20:16:29 +01:00
Alexandre Pujol	e1e7d611ed	fix(profiles): ensure pinentry can start. See #66 .	2022-08-20 13:45:42 +01:00
Alexandre Pujol	79860f207d	feat(profiles): initial support for dockerd.	2022-08-19 21:26:17 +01:00
Alexandre Pujol	e6c91fdfd7	feat(profiles): general update.	2022-08-19 21:10:10 +01:00
Jeroen Rijken	af603fbc62	Revert "tty and pts are part of abstractions/consoles" This reverts commit `51a33f3f5e`.	2022-08-19 19:25:22 +01:00
Jeroen Rijken	35087ea4bb	Add missing brackets	2022-08-19 19:25:22 +01:00
Jeroen Rijken	d538d2a718	Add write to block	2022-08-19 19:25:22 +01:00
Jeroen Rijken	be2a66afff	read all block devices	2022-08-19 19:25:22 +01:00
Jeroen Rijken	c680dfe7db	sort rules	2022-08-19 19:25:22 +01:00
Jeroen Rijken	e64011c4de	zed temp file	2022-08-19 19:25:22 +01:00
Jeroen Rijken	3c634e8967	Create sanoid under run	2022-08-19 19:25:22 +01:00
Jeroen Rijken	f5634b2803	Move update-grub to grub	2022-08-19 19:25:22 +01:00
Jeroen Rijken	5c6bf4c91b	Remove duplicate consoles	2022-08-19 19:25:22 +01:00
Jeroen Rijken	75a66e573e	Use openssl abstraction	2022-08-19 19:25:22 +01:00
Jeroen Rijken	af0c622b35	Replace rm with mr.	2022-08-19 19:25:22 +01:00
Jeroen	e62465b72f	Use multiarch for lib Co-authored-by: Alex <roddhjav@users.noreply.github.com>	2022-08-19 19:25:22 +01:00
Jeroen Rijken	20f7e01ccc	Brackets	2022-08-19 19:25:22 +01:00
Jeroen Rijken	7621dc9974	Fix typo's	2022-08-19 19:25:22 +01:00
Jeroen Rijken	689f48b217	motd fixes	2022-08-19 19:25:22 +01:00
Jeroen Rijken	cf63b97c9b	Add avahi	2022-08-19 19:25:22 +01:00
Jeroen Rijken	099a97cb36	General update	2022-08-19 19:25:22 +01:00
Jeroen Rijken	575d781c88	Various ZFS fixes	2022-08-19 19:25:22 +01:00
Jeroen Rijken	005dec1a53	tty and pts are part of abstractions/consoles	2022-08-19 19:25:22 +01:00
Jeroen Rijken	7ee9644325	Add profiles for whoami, whereis, which, findmnt, users, sanoid and syncoid.	2022-08-19 19:25:22 +01:00
Jeroen Rijken	6af5c76fb8	Add and update CNI profiles	2022-08-19 19:25:22 +01:00
Jeroen Rijken	b1112e35a7	Add templates for all grub commands	2022-08-19 19:25:22 +01:00
Jeroen Rijken	169a730d3f	Add profiles for grub-mkconfig, grub-mkrelpath, grub-probe, grub-script-check and update-grub.	2022-08-19 19:25:22 +01:00
Alexandre Pujol	c0356e92e5	feat(aa-log): add support dbus session log using journactl.	2022-08-19 19:05:46 +01:00
nobodysu	e65a78972b	Merge branch 'master' into ubuntu2204__2	2022-08-18 15:36:21 +00:00
nobodysu	355d958e26	update	2022-08-18 18:22:56 +03:00
Alexandre Pujol	a2fa2421cb	feat(profiles): add the @{hex} variables.	2022-08-13 20:44:59 +01:00
Alexandre Pujol	66b529497d	feat(profiles): initial support for steam & steam games.	2022-08-13 20:36:52 +01:00
Alexandre Pujol	3e331bd656	fix(profiles): @{PROC}/@{uid} -> @{PROC}/@{pid}	2022-08-13 20:33:58 +01:00
Alexandre Pujol	c148aa978c	feat(profiles): general update.	2022-08-13 20:31:57 +01:00
Jeroen Rijken	e02b12aa6d	Add libexec for apt	2022-08-13 15:21:35 +01:00
Jeroen Rijken	cd93d98bf4	Add support for adding snapshots to grub.	2022-08-13 15:21:35 +01:00
Jeroen Rijken	30cbac1181	Fix typo	2022-08-13 15:21:35 +01:00
Jeroen Rijken	5646c90d4c	Fix zsysd profile name	2022-08-13 15:21:35 +01:00
Jeroen Rijken	b6b510aa36	Remove entries duplicate with base abstractions.	2022-08-13 15:21:35 +01:00
Jeroen Rijken	ddf5f1f512	Use nameservice-strict, fix exec	2022-08-13 15:21:35 +01:00
Jeroen Rijken	e2e14510ff	Small fixes	2022-08-13 15:21:35 +01:00
Jeroen Rijken	2affbf6734	Cosmetic fixes	2022-08-13 15:21:35 +01:00
Jeroen Rijken	03881d5614	Add capability, dbus and some proc	2022-08-13 15:21:35 +01:00
Jeroen Rijken	a9fd0706d1	Move complain flag	2022-08-13 15:21:35 +01:00
Jeroen Rijken	d083e927a4	Initial support for zsys	2022-08-13 15:21:35 +01:00
nobodysu	33ff1abc35	Update thunderbird	2022-08-12 14:41:58 +00:00
nobodysu	db8e881c06	Merge branch 'master' into thunderbird2	2022-08-12 14:35:53 +00:00
nobodysu	00a1e70720	polishing	2022-08-12 17:23:13 +03:00
nobodysu	f2394963d0	cleanup	2022-08-08 02:39:35 +03:00
nobodysu	2c2f6e5557	rearrangement	2022-08-02 19:31:00 +03:00
nobodysu	af49797425	cleanup	2022-08-02 01:59:54 +03:00
nobodysu	c96b6d8ee7	dbus-gtk	2022-08-02 01:47:47 +03:00
Alexandre Pujol	2878fa6a2e	feat(profiles): general update.	2022-07-29 16:47:09 +01:00
Jeroen Rijken	58cfe9ad37	Small fixes	2022-07-29 16:41:19 +01:00
Jeroen Rijken	616753aea0	Consolidate rules	2022-07-29 16:41:19 +01:00
Jeroen Rijken	fcea04c69b	Remove complain flags	2022-07-29 16:41:19 +01:00
Jeroen Rijken	e724d835ed	Add ps to ptrace	2022-07-29 16:41:19 +01:00

... 11 12 13 14 15 ...

1830 commits