yggdrasil-network/yggdrasil-go
1
0
Fork 0
mirror of https://github.com/yggdrasil-network/yggdrasil-go.git synced 2025-04-27 21:55:07 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
2493 commits 8 branches 48 tags 25 MiB
Commit graph

5 commits

Author SHA1 Message Date
Sergey Alirzaev
47818a1a7c
apparmor: add yggdrasilctl policy (#1235)
Some checks failed
Yggdrasil / Lint (push) Has been cancelled
Details
Yggdrasil / Analyse (push) Has been cancelled
Details
Yggdrasil / Build & Test (Linux, Go 1.22) (push) Has been cancelled
Details
Yggdrasil / Build & Test (Linux, Go 1.23) (push) Has been cancelled
Details
Yggdrasil / Build & Test (Linux, Go 1.24) (push) Has been cancelled
Details
Yggdrasil / Build & Test (Windows, Go 1.22) (push) Has been cancelled
Details
Yggdrasil / Build & Test (Windows, Go 1.23) (push) Has been cancelled
Details
Yggdrasil / Build & Test (Windows, Go 1.24) (push) Has been cancelled
Details
Yggdrasil / Build & Test (macOS, Go 1.22) (push) Has been cancelled
Details
Yggdrasil / Build & Test (macOS, Go 1.23) (push) Has been cancelled
Details
Yggdrasil / Build & Test (macOS, Go 1.24) (push) Has been cancelled
Details
Yggdrasil / Build (Cross freebsd, Go 1.22) (push) Has been cancelled
Details
Yggdrasil / Build (Cross freebsd, Go 1.23) (push) Has been cancelled
Details
Yggdrasil / Build (Cross freebsd, Go 1.24) (push) Has been cancelled
Details
Yggdrasil / Build (Cross openbsd, Go 1.22) (push) Has been cancelled
Details
Yggdrasil / Build (Cross openbsd, Go 1.23) (push) Has been cancelled
Details
Yggdrasil / Build (Cross openbsd, Go 1.24) (push) Has been cancelled
Details
Yggdrasil / All tests passed (push) Has been cancelled
Details
2025-04-15 17:17:52 +01:00
rany
709ea6976c
apparmor: allow yggdrasil to resolve hostnames (#739) 
The apparmor profile in it's current state won't allow resolving hostnames. We need `<abstractions/nameservice>` because we simply can't just allow `/etc/resolv.conf`. This is because systemd-resolved, resolvconf, and others rely on symbolic links to `/etc/resolv.conf` which would make this extremely complicated.  `<abstractions/nameservice>` deals with this complexity to allow every single one of those packages (systemd-resolved, resolvconf, ... ).

```
  network inet stream,
  network inet dgram,
  network inet6 dgram,
  network inet6 stream,
  network netlink raw,
```
was removed because it's already included in `<abstractions/nameservice>`. Some permissions that are no longer needed in newer yggdrasil versions were also removed.

`owner /sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` was changed to `/sys/kernel/mm/transparent_hugepage/hpage_pmd_size r,` because there is no guarantee that yggdrasil will always be run as root. (`owner` makes sure that the process's user and the file have the same owner, in that case, root. This might not always be the case so `owner` was removed)
 2020-12-06 20:52:10 +00:00
Rany
c1816ae86f
Update usr.bin.yggdrasil 2020-03-10 16:47:41 +02:00
Viktor Villainov
f5c6c191ea AppArmor: multiarch support and allow datagram transports 2019-03-09 22:34:26 -05:00
Viktor Villainov
00ad8e594e Add AppArmor profile 2019-03-09 08:15:14 -05:00