Skip to content
AppArmor for everything. APT, systemd, init, all systemd units, all applications. Mandatory Access Control. Security Hardening.
Shell Makefile
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
debian
etc
lib/systemd/system/networking.service.d
man man page Jan 17, 2020
sbin actually better to keep for manual run without systemd Jan 17, 2020
usr lintian Dec 21, 2019
CONTRIBUTING.md
COPYING
GPLv3
Makefile
README.md
changelog.upstream

README.md

AppArmor profile for whole system

Confines all, systemd, init, all systemd units, apt, all applications.

Makes pointer leaks less likely. https://forums.whonix.org/t/apparmor-for-complete-system-including-init-pid1-systemd-everything-full-system-mac-policy/8339

Does not confine initramfs.

This package is produced independently of, and carries no guarantee from, The Tor Project.

How to install apparmor-profile-everything using apt-get

1. Download Whonix's Signing Key.

wget https://www.whonix.org/patrick.asc

Users can check Whonix Signing Key for better security.

2. Add Whonix's signing key.

sudo apt-key --keyring /etc/apt/trusted.gpg.d/whonix.gpg add ~/patrick.asc

3. Add Whonix's APT repository.

echo "deb https://deb.whonix.org buster main contrib non-free" | sudo tee /etc/apt/sources.list.d/whonix.list

4. Update your package lists.

sudo apt-get update

5. Install apparmor-profile-everything.

sudo apt-get install apparmor-profile-everything

How to Build deb Package

Replace apparmor-profile-torbrowser with the actual name of this package with apparmor-profile-everything and see instructions.

Contact

Donate

apparmor-profile-everything requires donations to stay alive!

You can’t perform that action at this time.