avm/hassio-addons
1
0
Fork 0
mirror of https://github.com/alexbelgium/hassio-addons.git synced 2026-03-19 03:02:14 +01:00
Code Issues Packages Projects Releases Wiki Activity
33,095 Commits 6 Branches 0 Tags
101ce9752f3fcf6f23942425a4a7aae4b44fac01
Commit Graph

11 Commits

Author SHA1 Message Date
copilot-swe-agent[bot]
3c53e69161 Replace blanket capability, with specific capabilities in all AppArmor profiles 
Remove overly permissive blanket `capability,` rule (grants ALL Linux
capabilities) from 107 addon AppArmor profiles. Replace with only the
specific capabilities each addon needs based on its config.yaml
`privileged` field.

Base capabilities for all addons: setuid, setgid, chown, fowner, dac_override
Additional capabilities mapped from config.yaml privileged list:
- SYS_ADMIN -> sys_admin
- DAC_READ_SEARCH -> dac_read_search
- NET_ADMIN -> net_admin
- NET_RAW -> net_raw
- SYS_RAWIO -> sys_rawio
- SYS_TIME -> sys_time
- SYS_RESOURCE -> sys_resource

Addons with full_access: true (portainer_agent) retain blanket capability.

Co-authored-by: alexbelgium <44178713+alexbelgium@users.noreply.github.com>
 2026-03-17 07:42:05 +00:00
alexbelgium
44ce5e484d Add /dev/fuse capability 
https://github.com/alexbelgium/hassio-addons/issues/650
 2023-01-20 10:45:11 +01:00
Alexandre
9339132906 apparmor update 2022-06-23 18:24:27 +02:00
Alexandre
1bc7bcfa7c network unix dgram 2022-06-20 10:33:00 +02:00
Alexandre
61d914f5e5 s6 v3 2022-06-15 22:57:40 +02:00
Alexandre
fa1943680e Revert "Revert "Revert "Prepare s6 v3""" 
This reverts commit 73869be1c7.
 2022-06-15 22:52:06 +02:00
Alexandre
73869be1c7 Revert "Revert "Prepare s6 v3"" 
This reverts commit db633a4e5d.
 2022-06-15 21:03:19 +02:00
Alexandre
db633a4e5d Revert "Prepare s6 v3" 
This reverts commit e5afe3391d.
 2022-06-15 20:59:49 +02:00
Alexandre
e5afe3391d Prepare s6 v3 2022-06-15 20:48:01 +02:00
Alexandre
afc7f27686 add network capability 2022-01-25 09:42:36 +01:00
Alexandre
295101fe23 Plex initial upload 2021-04-22 16:25:58 +02:00