Table of Contents
Advertisement
TIP: Background Information for Novell AppArmor
To get a more in-depth overview of AppArmor and the overall concept behind
it, refer to
(page 127).
1.1 Introducing the AppArmor
This section provides a very basic understanding of what is happening "behind the
scenes" (and under the hood of the YaST interface) when you run AppArmor.
An AppArmor profile is a plain text file containing path entries and access permissions.
See
Section 2.1, "Breaking a Novell AppArmor Profile into Its Parts"
detailed reference profile. The directives contained in this text file are then enforced
by the AppArmor routines to quarantine the process or program.
The following tools interact in the building and enforcement of AppArmor profiles and
policies:
aa-unconfined
aa-unconfined detects any application running on your system that listens for net-
work connections and is not protected by an AppArmor profile. Refer to
"aa-unconfined—Identifying Unprotected Processes"
mation about this tool.
aa-autodep
aa-autodep creates a basic skeleton of a profile that needs to be fleshed out before
it is put to productive use. The resulting profile is loaded and put into complain
mode, reporting any behavior of the application that is not (yet) covered by App-
Armor rules. Refer to
(page 56) for detailed information about this tool.
aa-genprof
aa-genprof generates a basic profile and asks you to refine this profile by executing
the application, generating log events that need to be taken care of by AppArmor
policies. You are guided through a series of questions to deal with the log events
2
Novell AppArmor Administration Guide
Appendix A, Background Information on AppArmor Profiling
Framework
Section "aa-autodep—Creating Approximate Profiles"
(page 12) for a
Section
(page 73) for detailed infor-
Advertisement
Table of Contents
