mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
7777 commits 23 branches 109 tags 32 MiB
Commit graph

3 commits

Author SHA1 Message Date
Zygmunt Krynicki
5c17df0219 profiles: attach toybox profile to /usr/bin/toybox 
This is the actual path used on Debian and derivatives.

Signed-off-by: Zygmunt Krynicki <zygmunt.krynicki@canonical.com>
 2025-01-21 11:16:24 +01:00
John Johansen
7c684f9d22 profiles: convert local include to match profile name 
The recently added unconfined profiles use the binary name for the
local include instead of the profile name. Switch to using the
profile name for the local include.

Signed-off-by: John Johansen <john.johansen@canonical.com>
 2023-11-24 18:53:51 -08:00
Georgia Garcia
2594d936ad add profiles for applications in unconfined mode 
Adding profiles for applications even if they allow all operations
will allow them to be referenced as peer by other policies. This is a
step towards a more comprehensive system policy, adding names, instead
of just unconfined, to peers of existing policy and to applications
that are known to use unprivileged user namespaces.

Note that unconfined mode should be changed for default_allow
when https://gitlab.com/apparmor/apparmor/-/merge_requests/1109 is
merged.

Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
 2023-11-23 10:34:20 -03:00