Follow Techotopia on Twitter

On-line Guides
All Guides
eBook Store
iOS / Android
Linux for Beginners
Office Productivity
Linux Installation
Linux Security
Linux Utilities
Linux Virtualization
Linux Kernel
System/Network Admin
Programming
Scripting Languages
Development Tools
Web Development
GUI Toolkits/Desktop
Databases
Mail Systems
openSolaris
Eclipse Documentation
Techotopia.com
Virtuatopia.com
Answertopia.com

How To Guides
Virtualization
General System Admin
Linux Security
Linux Filesystems
Web Servers
Graphics & Desktop
PC Hardware
Windows
Problem Solutions
Privacy Policy

  




 

 

AppArmor Admin Guide
Previous Page Table of Contents Next Page

3.6 Managing Novell AppArmor and Security Event Status

You can change the status of AppArmor by enabling or disabling it. Enabling AppArmor protects your system from potential program exploitation. Disabling AppArmor, even if your profiles have been set up, removes protection from your system. You can determine how and when you are notified when system security events occur.

NOTE: For event notification to work, you must set up a mail server on your system that can send outgoing mail using the single mail transfer protocol (SMTP), such as postfix or exim.

To configure event notification or change the status of AppArmor, start YaST and select Novell AppArmor > Novell AppArmor Control Panel.

The AppArmor control panel

From the AppArmor Configuration screen, determine whether Novell AppArmor and security event notification are running by looking for a status message that reads enabled or configure the mode of individual profiles.

To change the status of Novell AppArmor, continue as described in Changing Novell AppArmor Status. To change the mode of individual profiles, continue as described in Section 3.6.2, Changing the Mode of Individual Profiles. To configure security event notification, continue as described in Section 6.2, Configuring Security Event Notification.

3.6.1 Changing Novell AppArmor Status

When you change the status of AppArmor, set it to enabled or disabled. When AppArmor is enabled, it is installed, running, and enforcing the AppArmor security policies.

  1. Start YaST and select Novell AppArmor > AppArmor Control Panel.

  2. Enable AppArmor by checking Enable AppArmor or disable AppArmor by deselecting it.

  3. Click Done in the AppArmor Configuration window.

  4. Click File > Quit in the YaST Control Center.

3.6.2 Changing the Mode of Individual Profiles

AppArmor can apply profiles in two different modes. In complain or learning mode, violations of AppArmor profile rules, such as the profiled program accessing files not permitted by the profile, are detected. The violations are permitted, but also logged. This mode is convenient for developing profiles and is used by the AppArmor tools for generating profiles. Loading a profile in enforce mode enforces the policy defined in the profile and reports policy violation attempts to syslogd.

The Profile Modes dialog allows you to view and edit the mode of currently loaded AppArmor profiles. This feature is useful for determining the status of your system during profile development. During the course of systemic profiling (see Section 4.6.2, Systemic Profiling), you can use this tool to adjust and monitor the scope of the profiles for which you are learning behavior.

To edit an application's profile mode, proceed as follows:

  1. Start YaST and select Novell AppArmor > AppArmor Control Panel.

  2. In the Configure Profile Modes section, select Configure.

  3. Select the profile for which to change the mode.

  4. Select Toggle Mode to set this profile to complain mode or to enforce mode.

  5. Apply your settings and leave YaST with Done.

To change the mode of all profiles, use Set All to Enforce or Set All to Complain.

HINT: Listing the Profiles Available

By default, only active profiles are listed—any profile that has a matching application installed on your system. To set up a profile before installing the respective application, click Show All Profiles and select the profile to configure from the list that appears.

AppArmor Admin Guide
Previous Page Table of Contents Next Page

 
 
  Published under the terms fo the GNU General Public License Design by Interspire