The following list contains the most important files and directories used by the AppArmor framework. If you intend to manage and troubleshoot your profiles manually, make sure that you know about these files and directories:
/sys/kernel/security/apparmor/profiles
Virtualized file representing the currently loaded set of profiles.
/etc/apparmor/
Location of AppArmor configuration files.
/etc/apparmor.d/
Location of profiles, named with the convention of replacing the
/
in paths with .
(not for
the root /
) so profiles are easier to manage. For
example, the profile for the program /usr/sbin/ntpd
is named usr.sbin.ntpd
.
/etc/apparmor.d/abstractions/
Location of abstractions.
/etc/apparmor.d/program-chunks/
Location of program chunks.
/proc/*/attr/current
Check this file to review the confinement status of a process and the
profile that is used to confine the process. The
ps
auxZ
command retrieves
this information automatically.