SUSE Linux Documentation
Novell AppArmor Administration Guide
About This Guide
Novell AppArmor
Administration Guide
Legal Notice
Contents
About This Guide
1. Feedback
2. Documentation Conventions
1. Immunizing Programs
1.1. Introducing the AppArmor Framework
1.2. Determining Programs to Immunize
1.3. Immunizing cron Jobs
1.4. Immunizing Network Applications
2. Profile Components and Syntax
2.1. Breaking a Novell AppArmor Profile into Its Parts
2.2.
#include
Statements
2.3. Capability Entries (POSIX.1e)
3. Building and Managing Profiles with YaST
3.1. Adding a Profile Using the Wizard
3.2. Manually Adding a Profile
3.3. Editing Profiles
3.4. Deleting a Profile
3.5. Updating Profiles from Log Entries
3.6. Managing Novell AppArmor and Security Event Status
4. Building Profiles from the Command Line
4.1. Checking the AppArmor Module Status
4.2. Building AppArmor Profiles
4.3. Adding or Creating an AppArmor Profile
4.4. Editing an AppArmor Profile
4.5. Deleting an AppArmor Profile
4.6. Two Methods of Profiling
4.7. Paths and Globbing
4.8. File Permission Access Modes
4.9. Important Filenames and Directories
5. Profiling Your Web Applications Using ChangeHat
5.1. Apache ChangeHat
5.2. Configuring Apache for mod_apparmor
6. Managing Profiled Applications
6.1. Monitoring Your Secured Applications
6.2. Configuring Security Event Notification
6.3. Configuring Reports
6.4. Reacting to Security Event Rejections
6.5. Maintaining Your Security Profiles
7. Support
7.1. Updating Novell AppArmor Online
7.2. Using the Man Pages
7.3. For More Information
7.4. Troubleshooting
7.5. Reporting Bugs for AppArmor
A. Background Information on AppArmor Profiling
Glossary
List of Figures
3.1.
YaST Controls for AppArmor
3.2.
Learning Mode Exception: Controlling Access to Specific Resources
3.3.
Learning Mode Exception: Defining Execute Permissions for an Entry
List of Tables
7.1.
Man Pages: Sections and Categories
List of Examples
4.1.
Learning Mode Exception: Controlling Access to Specific Resources
4.2.
Learning Mode Exception: Defining Execute Permissions for an Entry
5.1.
Example phpsysinfo-dev Hat