1. Manuals
  2. Brands
  3. Novell Manuals
  4. Software
  5. APPARMOR - AND
  6. Admin manual

Summary Of Profiling Tools - Novell APPARMOR Admin Manual

Hide thumbs Also See for APPARMOR:
Table of Contents

Advertisement

U s e r ' s G u i d e
3. Exercise Your Application. Run your application, and exercise its
functionality. How much to exercise the program is up to you, but
you will need the program to access each file representing its
access needs. Because the execution is not being supervised by
genprof, this step can go on for days or weeks, and can span
complete system reboots.
4. Analyze the log. In Systemic profiling, you run logprof directly
instead of letting genprof run it for us as in the Standalone Profil-
ing. The general form of logprof is:
logprof [ -d /path/to/profiles ] [ -f /path/to/logfile
]
R e f e r t o " Logprof" o n p a g e6 1 f o r mo r e i n f o r ma t i o n o n u s i n g L o g -
prof.
5. Repeat Steps 3-4. Iterate Step 3 and Step 4 to generate optimum
profiles. An iterative approach captures smaller data sets that can
be trained and reloaded into the policy engine. Subsequent itera-
tions will generate fewer messages and run faster.
6. Edit the Profiles. You may wish to review the profiles that have
been generated. You can open and edit the profiles in /etc/subdo-
main.d/ using vim. For help using vim to its fullest capacity, refer to
" Subdomain.vim" o n p a g e6 7 .
7. R e t u r n t o " e n f o r c e " mo d e . This is when the system goes back to
enforcing the rules of the profiles not just logging information. This
c a n b e d o n e ma n u a l l y , b y r e mo v i n g t h e " flags=(complain)" t e x t
from the profiles, or automatically, using the enforce command,
which works identically to the complain command, but edits the
profiles to be in enforce mode.
To assure that all profiles are taken out of complain mode and put
into enforce mode, type:
enforce /etc/subdomain.d/*
8. Re-scan all profiles. To have Novell AppArmor re-scan all of the
profiles and change the enforcement mode in the kernel, type:
/etc/init.d/subdomain restart

Summary of Profiling Tools

All of the Novell AppArmor profiling utilities are provided by the sub-
domain-utils RPM package, and most are stored in /usr/sbin.
Here is a brief summary of each tool:
52

Advertisement

Table of Contents
loading

Related Manuals for Novell APPARMOR

Related Content for Novell APPARMOR

Table of Contents