Home | Content | Search | Navigation | Toolbox | Actions | In other languages

AppArmorProfiles

From openSUSE


[edit]

AppArmor profiles for OpenSUSE

There are two sets that are distributed in the apparmor-profiles rpm that ships with openSUSE. The default set that is loaded is located under /etc/apparmor.d and represents the profiles that will be loaded when the apparmor service is started during the boot process. These profiles are considered stable and robust for deployment. A development set, or extras, is located under /etc/apparmor/profiles/extras that contains many profiles that are in various levels of completion. These can be used as templates for developing new profiles and in many cases just need small amounts of customization to a users particular enviroment.


[edit]

The current set of enabled profiles 

/bin/netstat
/bin/ping
/sbin/klogd
/sbin/syslogd
/usr/bin/ldd
/usr/lib/postfix/bounce
/usr/lib/postfix/cleanup
/usr/lib/postfix/flush
/usr/lib/postfix/local
/usr/lib/postfix/master
/usr/lib/postfix/nqmgr
/usr/lib/postfix/pickup
/usr/lib/postfix/proxymap
/usr/lib/postfix/qmgr
/usr/lib/postfix/scache
/usr/lib/postfix/showq
/usr/lib/postfix/smtp
/usr/lib/postfix/smtpd
/usr/lib/postfix/tlsmgr
/usr/lib/postfix/trivial-rewrite
/usr/sbin/identd
/usr/sbin/mdnsd
/usr/sbin/nscd
/usr/sbin/ntpd
/usr/sbin/postalias
/usr/sbin/postdrop
/usr/sbin/postmap
/usr/sbin/postqueue
/usr/sbin/sendmail
/usr/sbin/squid
/usr/sbin/traceroute
[edit]

The current set of extra profiles


To enable profiles they must be copied to /etc/apparmor.d/ and the apparmor service must be restarted by running rcapparmor restart as the root user. 


/etc/cron/daily/logrotate
/etc/cron/daily/slocate/cron
/etc/cron/daily/tmpwatch
/opt/MozillaFirefox/bin/firefox.sh
/opt/MozillaFirefox/lib/firefox-bin
/opt/MozillaFirefox/lib/mozilla-xremote-client
/opt/gnome/bin/evolution-2.4
/opt/gnome/bin/gaim
/opt/gnome/lib/GConf.2.gconfd-2
/opt/gnome/lib/bonobo/bonobo-activation-server
/opt/gnome/lib/evolution-data-server-1.2.evolution-data-server-1.4
/sbin/dhclient
/sbin/dhcpcd
/sbin/portmap
/sbin/rpc/lockd
/sbin/rpc/statd
/usr/NX/bin/nxclient
/usr/X11R6/bin/acroread
/usr/X11R6/bin/ethereal
/usr/X11R6/bin/xfs
/usr/bin/apropos
/usr/bin/fam
/usr/bin/man
/usr/bin/opera
/usr/bin/procmail
/usr/bin/spamc
/usr/lib/RealPlayer10/realplay
/usr/lib/man-db/man
/usr/lib/openldap/slapd
/usr/sbin/dhcpd
/usr/sbin/httpd
/usr/sbin/httpd2-prefork
/usr/sbin/imapd
/usr/sbin/in/fingerd
/usr/sbin/in/ftpd
/usr/sbin/in/ntalkd
/usr/sbin/ipop2d
/usr/sbin/ipop3d
/usr/sbin/mysqld
/usr/sbin/named
/usr/sbin/nmbd
/usr/sbin/sendmail/postfix
/usr/sbin/sendmail/sendmail
/usr/sbin/smbd
/usr/sbin/spamd
/usr/sbin/sshd
/usr/sbin/useradd
/usr/sbin/userdel
/usr/sbin/vsftpd
/usr/sbin/xinetd
Retrieved from "http://en.opensuse.org/AppArmorProfiles"
The content on this and other wiki pages is posted by community members who are not acting for or on behalf of Novell, Inc., whether or not they otherwise have affiliation with Novell.
This site uses the YAML CSS framework.
About openSUSE | Disclaimers | Feedback
This page was last modified 01:48, 1 May 2006. This page has been accessed 2,230 times.

Founded by Novell