AppArmor.d

Full set of AppArmor profiles

Help Wanted

This project is still in its early development. Help is very welcome; see Development

AppArmor.d is a set of over 1400 AppArmor profiles whose aim is to confine most Linux based applications and processes.

Purpose

• Confine all root processes such as all systemd tools, bluetooth, dbus, polkit, NetworkManager, OpenVPN, GDM, rtkit, colord
• Confine all Desktop environments
• Confine all user services such as Pipewire, Gvfsd, dbus, xdg, xwayland
• Confine some "special" user applications: web browser, file browser...
• Should not break a normal usage of the confined software

See the Concepts page for more detail on the architecture.

Goals

• Target both desktops and servers
• Support all distributions that support AppArmor:
  • Archlinux
  • Ubuntu 22.04
  • Debian 11
  • OpenSUSE Tumbleweed
• Support all major desktop environments:
  • Currently only Gnome
• Fully tested (Work in progress)

---

Last update: March 3, 2023
Created: March 3, 2023