3.5 Updating Profiles from Log Entries

The Novell AppArmor profile wizard uses aa-logprof, the tool that scans log files and enables you to update profiles. aa-logprof tracks messages from the Novell AppArmor module that represent exceptions for all profiles running on your system. These exceptions represent the behavior of the profiled application that is outside of the profile definition for the program. You can add the new behavior to the relevant profile by selecting the suggested profile entry.

  1. Start YaST and select Novell AppArmor Update Profile Wizard .

    The AppArmor profile wizard The AppArmor profile wizard

    Running Update Profile Wizard (aa-logprof) parses the learning mode log files. This generates a series of questions that you must answer to guide aa-logprof to generate the security profile. The exact procedure is the same as with creating a new profile. Refer to Step 7 in Section 3.1, Adding a Profile Using the Wizard for details.

  2. When you are done, click Finish. In the following pop-up, click Yes to exit the Add Profile Wizard. The profile is saved and loaded into the Novell AppArmor module.