1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. APPARMOR - AND
  6. Admin manual

Systemic Profiling - Novell APPARMOR Admin Manual

Hide thumbs Also See for APPARMOR:
Table of Contents

Advertisement

Two Methods of Profiling
program called genprof. This method is easy, because genprof
takes care of everything, but limited, because it requires genprof to
run for the entire duration of the test run of your program, i.e. you can-
not reboot the machine while you are still developing your profile.
To use genprof a n d t h e s t a n d a l o n e f o r p r o f i l i n g , r e f e r t o " Genprof" o n
page 56.

Systemic Profiling

This method is called Systemic Profiling because it updates all of the
profiles on the system at once, rather than focusing on the one or few
being targeted by genprof or Standalone Profiling.
With Systemic Profiling, building and improving profiles are somewhat
less automated, but more flexible. This method is suitable for profiling
long-running applications whose behavior continues after rebooting, or
a large numbers of programs to be profiled all at once.
Building a Novell AppArmor profile for a group of applications is as fol-
lows:
1. Create profiles for the individual programs that make up your
application. Even though this approach is systemic, Novell AppAr-
mor still only monitors those programs with profiles, and their chil-
dren. Thus, to get Novell AppArmor to consider a program, you
must at least have Autodep create an approximate profile for it. To
c r e a t e t h i s a p p r o x i ma t e p r o f i l e , r e f e r t o " Autodep" o n p a g e5 3 .
2. Put relevant profiles into learning/complain mode. Activate
learning/complain mode for all profiled programs by typing the fol-
lowing:
complain /etc/subdomain.d/*
When in learning mode, access requests are not blocked even if
the profile dictates that they should be. This enables you to run
through several tests (as shown in Step 3) and learn the access
needs of the program so it runs properly. With this information, you
can decide how secure to make the profile.
R e f e r t o " Complain or Learning Mode" o n p a g e5 4 f o r mo r e d e t a i l e d
instructions on how to use learning/complain mode.
51

Advertisement

Table of Contents
loading

Related Manuals for Novell APPARMOR

Related Content for Novell APPARMOR

Table of Contents