AppArmor

AppArmor (“Application Armor”) is a Linux kernel security module that allows the system administrator to restrict programs' capabilities with per-program profiles.

Profiles can allow capabilities like network access, raw socket access, and the permission to read, write, or execute files on matching paths.

Create an AppArmor Profile

Get AppArmor Status

Disable AppArmor

Disable an AppArmor Profile

Enable AppArmor

Enable an AppArmor Profile

Install additional AppArmor security profiles

Load an AppArmor Profile

Place an AppArmor Profile into Complain Mode

Place an AppArmor Profile into Enforce Mode

• https://help.ubuntu.com/12.04/serverguide/apparmor.html

• See the AppArmor Administration Guide for advanced configuration options.

• For details using AppArmor with other Ubuntu releases see the AppArmor Community Wiki page.

• The OpenSUSE AppArmor page is another introduction to AppArmor.

• A great place to ask for AppArmor assistance, and get involved with the Ubuntu Server community, is the #ubuntu-server IRC channel on freenode.