mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
apparmor/profiles/apparmor.d
History
John Johansen fa26623e6d Merge Move pam-related permissions to abstractions/authentication 
... instead of keeping them in the smbd profile.

For details, see c09f58a364 and
https://bugzilla.opensuse.org/show_bug.cgi?id=1220032#c12

Also replace /usr/etc/ with @{etc_ro} to that also /etc/ is covered.

Fixes: https://bugzilla.opensuse.org/show_bug.cgi?id=1220032#c12
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1191
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
(cherry picked from commit f334884787)
Signed-off-by: John Johansen <john.johansen@canonical.com>
2024-04-03 02:14:16 -07:00
..
abi policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
abstractions Merge Move pam-related permissions to abstractions/authentication 2024-04-03 02:14:16 -07:00
apache2.d policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
local Don't create local/* profile sniplets by default 2023-08-20 11:49:10 +02:00
tunables Add include if exists <tunables/$FILE.d> to all tunables 2023-07-30 00:47:34 +02:00
1password profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
bin.ping policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
brave profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
buildah profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
busybox profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
cam profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
ch-checkns profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
ch-run profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
chrome profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
code profiles: update visual studio code so that it can be run from gnome 2024-02-24 20:27:13 -08:00
crun profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
devhelp add more unconfined profiles 2024-02-06 15:10:20 -03:00
Discord profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
element-desktop add element-desktop unconfined profile 2024-02-20 12:38:26 +00:00
epiphany add more unconfined profiles 2024-02-06 15:10:20 -03:00
evolution add more unconfined profiles 2024-02-06 15:10:20 -03:00
firefox add unconfined profiles for geary, loupe and firefox dev versions 2024-03-15 17:44:23 -03:00
flatpak profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
geary add unconfined profiles for geary, loupe and firefox dev versions 2024-03-15 17:44:23 -03:00
github-desktop profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
goldendict profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
ipa_verify profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
kchmviewer profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
keybase add keybase unconfined profile 2024-02-02 16:53:58 -03:00
lc-compliance profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
libcamerify profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
linux-sandbox profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
loupe add unconfined profiles for geary, loupe and firefox dev versions 2024-03-15 17:44:23 -03:00
lsb_release policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
lxc-attach profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
lxc-create profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
lxc-destroy profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
lxc-execute profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
lxc-stop profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
lxc-unshare profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
lxc-usernsexec profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
mmdebstrap profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
MongoDB_Compass profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
msedge profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
nautilus profiles: add nautilus unconfined profile 2024-02-29 08:21:25 -03:00
notepadqq profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
nvidia_modprobe policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
obsidian profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
opam add more unconfined profiles 2024-02-06 15:10:20 -03:00
opera profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
pageedit profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
php-fpm Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
plasmashell add profiles for applications that create user namespaces 2024-02-02 10:51:06 -03:00
podman profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
polypane profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
privacybrowser profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
qcam profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
qmapshack profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
QtWebEngineProcess profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
qutebrowser profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
rootlesskit profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
rpm profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
rssguard profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
runc profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
samba-bgqd Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
samba-dcerpcd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
samba-rpcd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
samba-rpcd-classic policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
samba-rpcd-spoolss policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
sbin.klogd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
sbin.syslog-ng Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
sbin.syslogd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
sbuild profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-abort profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-adduser profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-apt profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-checkpackages profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-clean profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-createchroot profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-destroychroot profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-distupgrade profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-hold profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-shell add profiles for applications in unconfined mode 2023-11-23 10:34:20 -03:00
sbuild-unhold profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-update profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
sbuild-upgrade profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
scide profiles: Add more unconfined profiles 2024-03-17 00:16:37 -07:00
signal-desktop profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
slack profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
slirp4netns profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
steam add profiles for applications that create user namespaces 2024-02-02 10:51:06 -03:00
stress-ng profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
surfshark add profiles for applications that create user namespaces 2024-02-02 10:51:06 -03:00
systemd-coredump add profiles for applications that create user namespaces 2024-02-02 10:51:06 -03:00
thunderbird profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
toybox profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
trinity profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
tup profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
tuxedo-control-center profiles: add unconfined profile for tuxedo-control-center 2024-03-18 09:17:51 -03:00
unix-chkpwd Allow pam_unix to execute unix_chkpwd 2024-03-13 23:13:19 +01:00
unprivileged_userns add special unprivileged_userns profile 2024-02-02 10:52:26 -03:00
userbindmount profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
usr.lib.apache2.mpm-prefork.apache2 policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.lib.dovecot.anvil profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.auth Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
usr.lib.dovecot.config profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.deliver profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.dict Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
usr.lib.dovecot.director profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.doveadm-server profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.dovecot-auth profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.dovecot-lda profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.imap profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.imap-login Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
usr.lib.dovecot.lmtp Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
usr.lib.dovecot.log profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.managesieve profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.managesieve-login Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
usr.lib.dovecot.pop3 profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.pop3-login Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
usr.lib.dovecot.replicator profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.script-login profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.ssl-params profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.lib.dovecot.stats profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.sbin.apache2 policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.avahi-daemon policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.dnsmasq policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.dovecot profiles: allow for the default dovecot libexecdir 2023-08-03 01:30:42 -04:00
usr.sbin.identd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.mdnsd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.nmbd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.nscd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.ntpd Clean superfluous openssl abstraction includes 2024-03-12 14:54:01 +01:00
usr.sbin.smbd Merge Move pam-related permissions to abstractions/authentication 2024-04-03 02:14:16 -07:00
usr.sbin.smbldap-useradd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.traceroute policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
usr.sbin.winbindd policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00
uwsgi-core profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
vdens profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
virtiofsd profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
vivaldi-bin profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
vpnns profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
wpcom profiles: convert local include to match profile name 2023-11-24 18:53:51 -08:00
zgrep policy: update to use 4.0 abi 2023-06-30 23:36:12 -07:00