AppArmor enables you to edit Novell AppArmor profiles manually by adding, editing, or deleting entries. To edit a profile, proceed as follows:
Start YaST and select
+ .From the list of profiled applications, select the profile to edit.
Click
. The window displays the profile.In the Section 4.3.1, “Adding an Entry”, Section 4.3.2, “Editing an Entry”, or Section 4.3.3, “Deleting an Entry”.
window, add, edit, or delete Novell AppArmor profile entries by clicking the corresponding buttons and referring toWhen you are finished, click
.In the pop-up that appears, click
to confirm your changes to the profile and reload the AppArmor profile set.Syntax Checking in AppArmor | |
---|---|
AppArmor contains a syntax check that notifies you of any syntax errors in
profiles you are trying to process with the YaST AppArmor tools. If an
error occurs, edit the profile manually as |
The Section 4.2, “Manually Adding a Profile” or Section 4.3, “Editing Profiles”. When you select , a list shows the types of entries you can add to the Novell AppArmor profile.
option can be found inFrom the list, select one of the following:
In the pop-up window, specify the absolute path of a file, including the type of access permitted. When finished, click
.You can use globbing if necessary. For globbing information, refer to Section 2.6, “Paths and Globbing”. For file access permission information, refer to Section 2.7, “File Permission Access Modes”.
In the pop-up window, specify the absolute path of a directory, including the type of access permitted. You can use globbing if necessary. When finished, click
.For globbing information, refer to Section 2.6, “Paths and Globbing”. For file access permission information, refer to Section 2.7, “File Permission Access Modes”.
In the pop-up window, select the appropriate network family and the socket type. For more information, refer to Section 2.5, “Network Access Control”.
In the pop-up window, select the appropriate capabilities. These are statements that enable each of the 32 POSIX.1e capabilities. Refer to Section 2.4, “Capability Entries (POSIX.1e)” for more information about capabilities. When finished making your selections, click .
In the pop-up window, browse to the files to use as includes. Includes are directives that pull in components of other Novell AppArmor profiles to simplify profiles. For more information, refer to Section 2.3, “#include Statements”.
In the pop-up window, specify the name of the subprofile (hat) to add to your current profile and click . For more information, refer to Chapter 6, Profiling Your Web Applications Using ChangeHat.
When you select
, the file browser pop-up window opens. From here, edit the selected entry.In the pop-up window, specify the absolute path of a file, including the type of access permitted. You can use globbing if necessary. When finished, click
.For globbing information, refer to Section 2.6, “Paths and Globbing”. For file access permission information, refer to Section 2.7, “File Permission Access Modes”.