Novell LINUX ENTERPRISE DESKTOP 11 - SECURITY GUIDE 17-03-2009 Manual page 327

The simplest method to ensure that your security policy files are regularly backed
up is to include the directory /etc/apparmor.d in the list of directories that
your backup system archives.
2 You can also use scp or a file manager like Konqueror or Nautilus to store the
files on some kind of storage media, the network, or another computer.
27.6.2 Changing Your Security Profiles
Maintenance of security profiles includes changing them if you decide that your system
requires more or less security for its applications. To change your profiles in Novell
AppArmor, refer to Section 23.3, "Editing Profiles"
27.6.3 Introducing New Software into Your
Environment
When you add a new application version or patch to your system, you should always
update the profile to fit your needs. You have several options that depend on your
company's software deployment strategy. You can deploy your patches and upgrades
into a test or production environment. The following explains how to do this with each
method.
If you intend to deploy a patch or upgrade in a test environment, the best method for
updating your profiles is one of the following:
• Run the profiling wizard by selecting Add Profile Wizard in YaST. This creates a
new profile for the added or patched application. For step-by-step instructions, refer
to Section 23.1, "Adding a Profile Using the Wizard"
• Run aa-genprof by typing aa-genprof in a terminal while logged in as root.
For detailed instructions, refer to
(page 257).
If you intend to deploy a patch or upgrade directly into a production environment, the
best method for updating your profiles is one of the following:
(page 235).
(page 227).
Section "aa-genprof—Generating Profiles"
Managing Profiled Applications 315