You can change the status of Novell AppArmor by enabling or disabling it. Enabling Novell AppArmor protects your system from potential program exploitation. Disabling Novell AppArmor, even if your profiles have been set up, removes protection from your system. You can determine how and when you are notified when system security events occur.
NOTE: For event notification to work, you must set up a mail server on your system that can send outgoing mail using the single mail transfer protocol (SMTP), such as postfix or exim.
To configure event notification or change the status of Novell AppArmor, perform the following steps:
Start YaST and select
.From the
screen, determine whether Novell AppArmor and security event notification are running by looking for a status message that reads or configure the mode of individual profiles.To change the status of Novell AppArmor, continue as described in Changing Novell AppArmor Status.
To change the mode of individual profiles, continue as described in Section 3.6.2, Changing the Mode of Individual Profiles.
To configure security event notification, continue as described in Section 6.2, Configuring Security Event Notification.
When you change the status of Novell AppArmor, set it to enabled or disabled. When Novell AppArmor is enabled, it is installed, running, and enforcing the Novell AppArmor security policies.
Start YaST and select
.In the
section of the window, click . The dialog box opens.Enable Novell AppArmor by selecting
or disable Novell AppArmor by selecting . Then click .Click
in the window.Click
in the YaST Control Center.AppArmor can apply profiles in two different modes. In complain or learning mode, violations of AppArmor profile rules, such as the profiled program accessing files not permitted by the profile, are detected. The violations are permitted, but also logged. This mode is convenient for developing profiles and is used by the AppArmor tools for generating profiles. Loading a profile in enforce mode enforces the policy defined in the profile as well as reports policy violation attempts to syslogd.
YaST's Profile Mode dialog allows you to view and edit the mode of currently loaded AppArmor profiles. This feature is useful to determine the status of your system during profile development. During the course of systemic profiling (see Section 4.6.2, Systemic Profiling), you can utilize this tool to adjust and monitor the scope of the profiles that you are learning behavior for.
To edit an application's profile mode, proceed as follows:
Start YaST and select
.In the
section, select .Select the profile whose mode you want to change.
Select complain mode or to enforce mode.
to either set this profile toApply your settings and leave YaST with
.To change the mode of all profiles, use
or .HINT: Listing the Profiles Available
By default, only active profiles are listed, i.e. any profile that has a matching application installed on your system. Should you want to set up a profile before installing the respective application, click
and select the profile you want to configure from the list that appears.