From 646cbec87457644b1d42ead9a7e688311837d1a3 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Fri, 2 Apr 2021 18:13:03 +0100 Subject: [PATCH] New Readme. --- README | 20 -------------------- README.md | 30 ++++++++++++++++++++++++++++++ 2 files changed, 30 insertions(+), 20 deletions(-) delete mode 100644 README create mode 100644 README.md diff --git a/README b/README deleted file mode 100644 index 4905f039..00000000 --- a/README +++ /dev/null @@ -1,20 +0,0 @@ ------------- -Introduction ------------- -This repository contains various AppArmor profiles, which aim is to confine linux applications. This -work started a few years ago, but still some of the profiles should be considered experimental, -though most of them work well, at least on my system (Xserver/Openbox setup). Whether any of the -profiles will work on your linux, it depends. Basically the software you use matters a lot, for -instance, major desktop environments (KDE/GNOME) are known to cause troubles, and additional rules -probably will be required to make an app work under such DE. Probably many profiles are also -missing some rules because I'm not able to check and test every app in its every detail -- it -simply takes a lot of time. - -The profile rules basically try to map files that a certain application wants to use. Not all the -files are required for an app to make it work, and in some cases giving access to certain files can -be dangerous for both security and privacy. I'm making the file maps just to know how an app works -(what files it tries to use), and whether (or not) it makes some suspicious actions by trying to -read or write exotic locations. With AppArmor everything is clear what apps are trying to do in the -system. When you know what files are used, you can try to deny those you think that can be blocked, -and at some point you get a more strict profiles which provide a better security and privacy, but -of course it will take time. diff --git a/README.md b/README.md new file mode 100644 index 00000000..d4d7fd4e --- /dev/null +++ b/README.md @@ -0,0 +1,30 @@ +[][project] + +# apparmor.d + +[![][build]][project] + +**Full set of apparmor profiles** + +## Installation + +**Requirements** +* An `apparmor` based linux distribution. +* A `systemd` based linux distribution. + +**Archlinux** + +Build and install the package with: +```sh +makepkg -si +``` + +**Debian** + +Build using standard Debian package build tools: +```sh +dpkg-buildpackage -b -d -us -ui --sign-key= +``` + +[project]: https://gitlab.com/archlex/hardening/apparmor.d +[build]: https://gitlab.com/archlex/hardening/apparmor.d/badges/master/pipeline.svg?style=flat-square