Novell AppArmor

Administration Guide

AuthorsLeona Beatrice Campbell, Jana Jaeger
Legal Notice

Contents

About This Guide
1. Feedback
2. Documentation Conventions
1. Immunizing Programs
2. Selecting Programs to Immunize
2.1. Immunize Programs That Grant Privilege
2.2. Inspect Open Ports to Immunize Programs
3. Building Novell AppArmor Profiles
3.1. Profile Components and Syntax
3.2. Building and Managing Novell AppArmor Profiles
3.3. Building Novell AppArmor Profiles with the YaST GUI
3.4. Building Novell AppArmor Profiles Using the Command Line Interface
3.5. Two Methods of Profiling
3.6. Pathnames and Globbing
3.7. File Permission Access Modes
4. Managing Profiled Applications
4.1. Monitoring Your Secured Applications
4.2. Setting Up Event Notification
4.3. Reports
4.4. Reacting to Security Events
4.5. Maintaining Your Security Profiles
5. Profiling Your Web Applications Using ChangeHat Apache
5.1. Apache ChangeHat
5.2. Apache Configuration for mod-apparmor
6. Support
6.1. Updating Novell AppArmor Online
6.2. Using the Man Pages
6.3. For More Information
6.4. Troubleshooting
6.5. Reporting Bugs for AppArmor
Glossary

List of Figures

3.1. Learning Mode Exception: Controlling Access to Specific Resources
3.2. Learning Mode Exception: Defining Execute Permissions for an Entry
3.3. Manually Adding a Profile: Select Application
3.4. Learning Mode Exception: Controlling Access to Specific Resources
3.5. Learning Mode Exception: Defining Execute Permissions for an Entry

List of Tables

6.1. Man Pages: Sections and Categories

List of Examples

3.1. Learning Mode Exception: Controlling Access to Specific Resources
3.2. Learning Mode Exception: Defining Execute Permissions for an Entry
5.1. Example phpsysinfo-dev Hat