AppArmor profiles for my personal computer and server
Report Bug
·
Request Feature
Table of Contents
Contains all of personal important apparmor profiles used in my system and server.
This repo will always be updating to improve security of interactions between said software and the system. There are multiple profiles out in the internet, but these profiles are implemented and improved focusing on particular preferences.
To use the same profiles, I recommend to follow the following steps:
- As the mentioned system runs Void Linux:
sudo xbps-install apparmor libapparmor libapparmor-devel runit-void-apparmor
- Append the following to
GRUB_CMDLINE_LINUX_DEFAULTin/etc/default/grub
apparmor=1 security=apparmor
- Set default mode to complain by changing the variable
APPARMORin/etc/default/apparmor
APPARMOR=complain
- Clone the repository
git clone github.com/70xH/AppArmorProfs
-
Copy the files in the repo to the folder
/etc/apparmor.d/ -
Enforce the profile rules by using
aa-enforce. For example
sudo aa-enforce <program_path>
This section will cover a simple example of how to write your own profile
TODO
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b profile/NewProfile) - Commit your Changes (
git commit -m 'Add some NewProfile') - Push to the Branch (
git push origin profile/NewProfile) - Open a Pull Request
Distributed under the MIT License. See LICENSE for more information.