avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-03-18 10:42:11 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,095 Commits 6 Branches 0 Tags
101ce9752f3fcf6f23942425a4a7aae4b44fac01
Commit Graph

19 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
3c53e69161 Replace blanket capability, with specific capabilities in all AppArmor profiles 
Remove overly permissive blanket `capability,` rule (grants ALL Linux
capabilities) from 107 addon AppArmor profiles. Replace with only the
specific capabilities each addon needs based on its config.yaml
`privileged` field.

Base capabilities for all addons: setuid, setgid, chown, fowner, dac_override
Additional capabilities mapped from config.yaml privileged list:
- SYS_ADMIN -> sys_admin
- DAC_READ_SEARCH -> dac_read_search
- NET_ADMIN -> net_admin
- NET_RAW -> net_raw
- SYS_RAWIO -> sys_rawio
- SYS_TIME -> sys_time
- SYS_RESOURCE -> sys_resource

Addons with full_access: true (portainer_agent) retain blanket capability.

Co-authored-by: alexbelgium <44178713+alexbelgium@users.noreply.github.com>
 2026-03-17 07:42:05 +00:00
github-actions
4133525441 Github bot : image compressed 2026-03-15 23:11:54 +00:00
alexbelgium
9af940965f Updater bot : maintainerr updated to 3.1.0 2026-03-14 01:28:28 +01:00
github-actions
aa17f35f46 GitHub bot : graphs updated 2026-03-13 12:17:41 +00:00
github-actions
d8f791ef9f Github bot : image compressed 2026-03-08 23:08:54 +00:00
github-actions
ccb87b6c0d GitHub bot : graphs updated 2026-03-06 12:17:46 +00:00
Alexandre
7b8620efc4 Update CHANGELOG.md 2026-03-06 10:52:01 +01:00
Alexandre
bc5d41c063 Update config.yaml 2026-03-06 10:51:51 +01:00
Alexandre
6e65d8a29b revert 2026-03-06 10:51:43 +01:00
github-actions
070836086d GitHub bot: changelog 2026-03-06 09:51:28 +00:00
Alexandre
97f6bd8382 revert 2026-03-06 10:51:28 +01:00
Alexandre
79d7914a6c Update config.yaml 2026-03-06 10:48:54 +01:00
Alexandre
2da14124fe Update Dockerfile 2026-03-06 10:48:46 +01:00
github-actions
06a1751a07 GitHub bot: sanitize (spaces + LF endings) & chmod 2026-03-06 09:43:03 +00:00
Alexandre
f555f14dc7 Update Dockerfile 2026-03-06 10:41:01 +01:00
Alexandre
82418264a8 Add 99-run.sh to cont-init.d directory 2026-03-06 10:40:18 +01:00
Alexandre
2c0c0089a3 Update config.yaml 2026-03-06 10:38:55 +01:00
Pierre
3aaac1f178 Fix review feedback: use /config, scope chmod, gate chown 
- Use DATA_DIR=/config (config:rw map) per maintainer request
- Scope chmod to /entrypoint.sh and cont-init.d instead of whole FS
- Gate chown -R behind .initialized marker to avoid slow restarts
 2026-03-06 09:31:32 +01:00
Pierre
c4374e2c90 Add Maintainerr addon 2026-03-05 15:59:21 +01:00