mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-07 01:41:00 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/apparmor.d/abstractions
History
Jamie Strandboge bafb5ff2b4 The base abstraction for unix sockets uses peer=(addr=none) with getattr, 
getopt, setopt and shutdown. This was added based on incorrect logging in early
iterations of the abstract kernel patches which have since been fixed. These
options don't make sense with peer=(addr=none), so drop that.

Acked-By: Jamie Strandboge <jamie@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
2014-09-05 13:08:55 -05:00
..
apparmor_api Subject: profiles - fix apparmor_api abstractions 2013-01-02 15:02:29 -08:00
ubuntu-browsers.d Subject: using webapps triggers firefox rejections 2014-02-13 18:10:05 -08:00
apache2-common profiles: allow apache hats to receive signals from unconfined 2014-06-24 11:06:06 -07:00
aspell Bug: https://bugs.launchpad.net/bugs/917859 2012-01-18 10:15:57 -08:00
audio Description: Remove access to pulseaudio debug socket from audio abstraction 2014-02-13 17:25:31 -08:00
authentication add p11-kit to authentication abstraction 2012-01-06 11:46:52 -06:00
base The base abstraction for unix sockets uses peer=(addr=none) with getattr, 2014-09-05 13:08:55 -05:00
bash Subject: profiles - use @{pid} tunable 2013-01-02 15:34:38 -08:00
consoles as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
cups-client profiles: rw file perms are now needed on AF_UNIX socket files 2013-12-19 23:19:40 -08:00
dbus profiles: Add strict system bus abstraction 2014-01-10 15:34:45 -06:00
dbus-accessibility profiles: Add strict accessibility bus abstraction 2014-01-10 15:35:30 -06:00
dbus-accessibility-strict profiles: Add strict accessibility bus abstraction 2014-01-10 15:35:30 -06:00
dbus-session profiles: Add strict session bus abstraction 2014-01-10 15:35:09 -06:00
dbus-session-strict r2606 had updates for the dbus-session-strict and X abstractions but 2014-09-03 15:11:05 -05:00
dbus-strict profiles: Add strict system bus abstraction 2014-01-10 15:34:45 -06:00
dconf Add dconf abstraction for querying dconf settings 2013-10-09 06:18:09 -07:00
dovecot-common profiles: add dovecot-common abstraction 2014-06-27 12:14:53 -07:00
enchant Fix from Felix Geyer: in the enchant abstraction, allow the creation of 2012-01-10 11:37:54 +01:00
fonts libthai-data is used by LibThai which is the library used to deal with 2014-02-14 14:28:12 -06:00
freedesktop.org Add missing directory read access rules 2014-02-20 10:31:07 -05:00
gnome Add missing directory read access rules 2014-02-20 10:31:07 -05:00
gnupg Subject: profiles - owner usage for @{HOME} rules 2013-01-04 22:05:53 -08:00
ibus add preliminary ibus abstraction. Will likely need more once more ibus users 2010-12-22 16:57:35 -06:00
kde update kde abstraction for /etc/xdg/Trolltech.conf 2014-09-03 14:48:41 -05:00
kerberosclient Update samba profiles for samba 4.x 2013-11-20 01:17:52 +01:00
launchpad-integration fix up comments in launchpad-integration 2012-01-11 09:27:22 +01:00
ldapclient split off abstractions/ldapclient from abstractions/nameservice 2011-11-01 17:08:37 +01:00
likewise as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
mdns update for /var/run -> /run udev transition. For compatibility, distributions 2011-07-14 07:57:57 -05:00
mysql abstractions/mysql: allow access to mysqld.sock 2014-04-28 14:07:17 -07:00
nameservice abstraction updates for abstract, anonymous and netlink 2014-09-03 14:21:31 -05:00
nis as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
nvidia Description: update nvidia abstraction for additional /proc and ~/.nv/GLCache 2014-06-06 13:50:58 -05:00
openssl add FIPS support to abstractions/openssl 2014-01-03 20:43:43 +01:00
orbit2 fixes for abstractions from Mathias Gug 2007-08-28 23:05:56 +00:00
p11-kit profiles: rw file perms are now needed on AF_UNIX socket files 2013-12-19 23:19:40 -08:00
perl Update perl abstraction to allow reading /usr/lib/@{multiarch}/perl{,5}/** 2014-08-21 07:28:44 -05:00
php5 profiles: Allow php5 abstraction to access Zend opcache files. 2014-06-24 10:53:00 -07:00
postfix-common profiles: move postfix-common to abstractions/ 2014-06-26 21:32:56 -07:00
private-files deny writes to upstart user sessions jobs in abstractions/private-files 2013-05-13 14:56:10 -05:00
private-files-strict profiles: rw file perms are now needed on AF_UNIX socket files 2013-12-19 23:19:40 -08:00
python Support python 2.[4-7] and python 3.[0-4] for greater cross-distro 2014-03-11 16:03:24 -04:00
ruby refactor/simplify the regex for ruby abstractions 2013-07-01 11:06:52 -07:00
samba profiles: permit clustered Samba access to CTDB socket and databases 2014-07-04 12:09:58 +02:00
smbpass as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
ssl_certs add /var/lib/ca-certificates/ to abstractions/ssl_certs. 2013-11-26 00:41:04 +01:00
ssl_keys as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
svn-repositories as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
ubuntu-bittorrent-clients don't #include ubuntu-helpers in the abstractions. This can only be included 2012-01-11 09:00:35 +01:00
ubuntu-browsers Include IceWeasel in ubuntu-browsers abstraction. 2012-04-25 12:13:15 -07:00
ubuntu-console-browsers don't #include ubuntu-helpers in the abstractions. This can only be included 2012-01-11 09:00:35 +01:00
ubuntu-console-email don't #include ubuntu-helpers in the abstractions. This can only be included 2012-01-11 09:00:35 +01:00
ubuntu-email Adjust path for thunderbird to include non-versioned path 2012-05-18 15:30:22 -05:00
ubuntu-feed-readers don't #include ubuntu-helpers in the abstractions. This can only be included 2012-01-11 09:00:35 +01:00
ubuntu-gnome-terminal update ubuntu abstractions to use '# vim:syntax=apparmor' 2010-12-21 12:53:33 -06:00
ubuntu-helpers fix for starting chromium-browser from evince, 14.04 2014-05-21 22:49:22 -07:00
ubuntu-konsole Subject: profiles - use @{pid} tunable 2013-01-02 15:34:38 -08:00
ubuntu-media-players don't #include ubuntu-helpers in the abstractions. This can only be included 2012-01-11 09:00:35 +01:00
ubuntu-unity7-base add ubuntu-unity7-* abstractions for Ubuntu desktop users 2014-02-05 23:44:04 -05:00
ubuntu-unity7-launcher add ubuntu-unity7-* abstractions for Ubuntu desktop users 2014-02-05 23:44:04 -05:00
ubuntu-unity7-messaging add ubuntu-unity7-* abstractions for Ubuntu desktop users 2014-02-05 23:44:04 -05:00
ubuntu-xterm update for /var/run -> /run udev transition. For compatibility, distributions 2011-07-14 07:57:57 -05:00
user-download Update abstractions to use new XDG_*_DIR values. Thanks to Christian Boltz for 2014-02-14 16:28:16 -06:00
user-mail abstractions/user-mail: 2010-12-22 16:55:18 -06:00
user-manpages From: Christian Boltz <apparmor@cboltz.de> 2011-08-05 13:12:35 -07:00
user-tmp as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
user-write Update abstractions to use new XDG_*_DIR values. Thanks to Christian Boltz for 2014-02-14 16:28:16 -06:00
video fixes for abstractions from Mathias Gug 2007-08-28 23:05:56 +00:00
web-data Add /var/www/html to abstractions/web-data, which is the path used on Debian 2014-02-27 14:49:54 -06:00
winbind update abstractions/winbind 2014-02-14 23:37:13 +01:00
wutmp Merge k permission for /var/log/lastlog into abstractions/wutmp 2011-08-16 12:26:44 +02:00
X r2606 had updates for the dbus-session-strict and X abstractions but 2014-09-03 15:11:05 -05:00
xad as ACKed on IRC, drop the unused $Id$ tags everywhere 2010-12-20 12:29:10 -08:00
xdg-desktop Create an xdg-desktop abstraction based on the upstream documentation for 2012-01-11 13:00:34 +01:00