Programs are restricted on the basis of profiles, which are traditionally
/etc/apparmor.d/, using filenames which correspond to
the path to the binary being protected by the profile
Profiles can be configured in different modes:
complain (log, but don't enforce).
This role is primarily geared towards allowing other roles to perform customizations of existing profiles, and allowing administrators to selectively enable/disable profiles.
- Getting started
- Default variables
- Default variable details
apparmor - Install and configure AppArmor Copyright (C) 2015-2017 Robin Schneider <email@example.com> Copyright (C) 2022 David Härdeman <firstname.lastname@example.org> Copyright (C) 2015-2022 DebOps <https://debops.org/> SPDX-License-Identifier: GPL-3.0-only This Ansible role is part of DebOps. DebOps is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License version 3, as published by the Free Software Foundation. DebOps is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with DebOps. If not, see https://www.gnu.org/licenses/.