Skip to content

AppArmor.d

Full set of AppArmor profiles

Help Wanted

This project is still in its early development. Help is very welcome; see Development

AppArmor.d is a set of over 1500 AppArmor profiles whose aim is to confine most Linux based applications and processes.

Purpose

  • Confine all root processes such as all systemd tools, bluetooth, dbus, polkit, NetworkManager, OpenVPN, GDM, rtkit, colord
  • Confine all Desktop environments
  • Confine all user services such as Pipewire, Gvfsd, dbus, xdg, xwayland
  • Confine some "special" user applications: web browsers, file managers, etc
  • Should not break a normal usage of the confined software

See the Concepts' page for more detail on the architecture.

Goals

Presentations

Building the largest set of AppArmor profiles:

Chat

A development chat is available on https://matrix.to/#/#apparmor.d:matrix.org