Novell AppArmor (2.3) Quick Start


Contents

1. AppArmor Modes
2. Starting and Stopping AppArmor
3. AppArmor Command Line Tools
4. Methods of Profiling
5. Learning Mode
6. Example Profile
7. Structure of a Profile
8. Helpful Additions
9. Logging and Auditing
10. Directories and Files
11. For More Information
12. Legal Notice
13. GNU Free Documentation License

Abstract

This document helps you understand the main concepts behind Novell® AppArmor—the content of AppArmor profiles. Learn how to create or modify AppArmor profiles. You can create and manage AppArmor profiles in three different ways. The most convenient interface to AppArmor is provided by means of the AppArmor YaST modules which can be used either in graphical or ncurses mode. The same functionality is provided by the AppArmor command line tools or if you just edit the profiles in a text editor.

AppArmor Modes

complain/learning

In complain or learning mode, violations of AppArmor profile rules, such as the profiled program accessing files not permitted by the profile, are detected. The violations are permitted, but also logged. This mode is convenient for developing profiles and is used by the AppArmor tools for generating profiles.

enforce

Loading a profile in enforcement mode enforces the policy defined in the profile as well as reports policy violation attempts to syslogd.