tribes/guix

mirror of https://git.savannah.gnu.org/git/guix.git synced 2026-04-06 21:20:33 +02:00

Author	SHA1	Message	Date
Artyom V. Poptsov	8ead7a9837	etc: apparmor.d: Fix "guix-daemon/guix-builder" policy. Currently Guix daemon would always fail to build packages that require execution of programs and scripts in "/tmp" directory (e.g. in "bootstrap" phase) on foreign distributions that use AppArmor as it denies such requests due to policy restrictions. This patch fixes "guix-daemon" AppArmor policy by allowing execution of programs in "/tmp" for "guix-builder". See <https://codeberg.org/guix/guix/issues/6501> * etc/apparmor.d/guix-daemon: Fix permissions for guix-daemon/guix-builder. Change-Id: Ib6a33fcc035011d7045da03346f3afeb598b7d7a Signed-off-by: Efraim Flashner <efraim@flashner.co.il>	2026-03-08 11:31:02 +02:00
Efraim Flashner	35930066e5	etc: Spelling corrections. * etc/apparmor.d/guix, etc/teams/release/artifacts-manifest.scm: Fix misspellings in comments. Change-Id: Iff757784cc82968c25004bdb430f1ae3ad44624e	2026-01-14 09:16:45 +01:00
Noé Lopez	60782c20d4	etc: Add AppArmor profile for the guix command. * etc/apparmor.d/guix: New file. * Makefile.am (nodist_apparmor_profile_DATA): Add it. Change-Id: I3d61238203d7663ce582717f8e4eac4c6f679928 Signed-off-by: Rutherther <rutherther@ditigal.xyz>	2025-12-22 22:48:58 +01:00
Noé Lopez	587fd2dad4	etc: Add AppArmor profile for the daemon. * .gitignore: Add etc/apparmor.d/tunables/guix. * Makefile.am (nodist_apparmor_profile_DATA) (nodist_apparmor_profile_tunables_DATA): Define it. * configure.ac: Generate etc/apparmor.d/tunables/guix. Add --with-apparmor-profile-dir option. * etc/apparmor.d/guix-daemon: New file. * etc/apparmor.d/tunables/guix.in: New file. * doc/guix.texi: Document AppArmor profiles. * gnu/packages/package-management.scm (guix): Add future changes commented. Change-Id: Iac7df9d642383cc46a2d450c3badef31199ab041 Signed-off-by: Rutherther <rutherther@ditigal.xyz>	2025-12-22 22:48:57 +01:00

4 Commits