AppArmor is an open source and powerful command-line software written in C, C++, Perl, UNIX shell and designed to provide an extra layer of security for your Linux operating system. As its name suggests, AppArmor is just like an armor for your Linux applications, offering you network application security through necessary access control for apps. It is designed to protect your system from various malware.
AppArmor is a command-line tool that has been designed from the offset to be easy to use and effective, while proactively protects your entire Linux-based operating system and open source applications from various threats. Many modern GNU/Linux distributions include the AppArmor software by default.
What options are available from the command-line?
The ‘apparmor’ command includes a wide range of options, such as the ability to add, replace or remove AppArmor definitions, force the profile into complain mode, set the input as pre-compiled profile, dump compiled profiles and names of profiles to stdout or in input, write output to a specific file, set the base directory and cwd, as well as to set the location of the AppArmor filesystem.
Additionally, it provides support for mapping profiles’ read permissions to mr, report cache miss and hit details, save cached profiles, set the location of the profile cache, display profile names as they are loaded, debug AppArmor definitions, control DFA optimizations, set Namespace for a certain profile, run in quiet mode without outputting warnings, dump internal information for debugging and AppArmor pre-processed profiles.
Is AppArmor compatible with my Linux box?
AppArmor is currently included in the Arch Linux, Annvix, Debian GNU/Linux, Ubuntu, openSUSE, Pardus Linux, Gentoo, PLD and Mandriva operating systems. It supports both 32-bit and 64-bit hardware platforms, and it will most probably run on many other distributions of Linux based on the aforementioned OSes.