mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 01:57:43 +00:00
Code Issues Releases Wiki Activity
apparmor/profiles
History
John Johansen 87e0151c7c Merge added systemd-creds to list of wg-quick binaries 
I'd like to store my wg creds in my TPM module using `systemd-creds`:

```bash
PostUp = systemd-creds --name wg0 decrypt /etc/wireguard/secrets/wg0.cred | wg set wg0 private-key /dev/stdin
```

Currently I use `local/wg-quick` as work-around.
The `Ux` permission is may be a little too open, but 2 problems remain:

- the profile maintainer can't know which creds file need to be accessible
- different TMP module implementations / drivers may require different permissions

MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1644
Approved-by: John Johansen <john@jjmx.net>
Merged-by: John Johansen <john@jjmx.net>
2025-07-30 08:34:49 +00:00
..
apparmor/profiles/extras
abstractions/mesa, chromium_browser, firefox: Updates
2025-07-29 15:22:37 -04:00
apparmor.d
Merge added systemd-creds to list of wg-quick binaries
2025-07-30 08:34:49 +00:00
Makefile
profiles: only include tests extras/abstractions/ if it exists
2025-05-14 12:08:01 +02:00