apparmor.d/docs/index.md

42 lines
1.7 KiB
Markdown
Raw Normal View History

2023-01-29 22:18:22 +01:00
---
title: AppArmor.d
---
# AppArmor.d
**Full set of AppArmor profiles**
!!! danger "Help Wanted"
This project is still in its early development. Help is very welcome;
2023-10-27 16:27:23 +02:00
see [Development](development/index.md)
2023-01-29 22:18:22 +01:00
**AppArmor.d** is a set of over 1400 AppArmor profiles whose aim is to confine
most Linux based applications and processes.
2023-01-29 22:18:22 +01:00
**Purpose**
- Confine all root processes such as all `systemd` tools, `bluetooth`, `dbus`,
`polkit`, `NetworkManager`, `OpenVPN`, `GDM`, `rtkit`, `colord`
2023-01-29 22:18:22 +01:00
- Confine all Desktop environments
- Confine all user services such as `Pipewire`, `Gvfsd`, `dbus`, `xdg`, `xwayland`
- Confine some *"special"* user applications: web browser, file browser...
- Should not break a normal usage of the confined software
2023-10-27 16:27:23 +02:00
See the [Concepts](concepts.md)' page for more detail on the architecture.
2023-01-29 22:18:22 +01:00
**Goals**
- Target both desktops and servers
2023-01-29 22:18:22 +01:00
- Support all distributions that support AppArmor:
2023-10-27 16:27:23 +02:00
* [:material-arch: Archlinux](install.md#archlinux)
* [:material-ubuntu: Ubuntu 22.04](install.md#ubuntu-debian)
* [:material-debian: Debian 12](install.md#ubuntu-debian)
* [:simple-suse: OpenSUSE Tumbleweed](install.md#opensuse)
2023-01-29 22:18:22 +01:00
- Support all major desktop environments:
* Currently only :material-gnome: Gnome
- Fully tested (Work in progress)
**Presentation**
- [Building the largest working set of AppArmor profiles](https://www.youtube.com/watch?v=OzyalrOzxE8) *[Linux Security Summit North America (LSS-NA 2023)](https://events.linuxfoundation.org/linux-security-summit-north-america/)* ([Slide](https://lssna2023.sched.com/event/1K7bI/building-the-largest-working-set-of-apparmor-profiles-alexandre-pujol-the-collaboratory-tudublin))