Development VM

To ensure compatibility across distribution, this project ships a wide range of development and tests VM images.

The test VMs can be built locally using cloud-init, packer on Qemu/KVM using Libvirt. No other hypervisor will be targeted for these tests. The files that generate these images can be found in the tests/packer directory. The VMs are fully managed using a justfile that provides an integration environment helper for apparmor.d.

$ just

Available recipes:
    help                    # Show this help message
    build                   # Build the go programs
    enforce                 # Prebuild the profiles in enforced mode
    complain                # Prebuild the profiles in complain mode
    fsp                     # Prebuild the profiles in FSP mode
    install                 # Install the profiles
    pkg                     # Build & install apparmor.d on Arch based systems
    dpkg                    # Build & install apparmor.d on Debian based systems
    rpm                     # Build & install apparmor.d on OpenSUSE based systems
    tests                   # Run the unit tests
    lint                    # Run the linters
    check                   # Run style checks on the profiles
    man                     # Generate the man pages
    docs                    # Build the documentation
    serve                   # Serve the documentation
    clean                   # Remove all build artifacts
    package dist            # Build the package in a clean OCI container
    img dist flavor         # Build the VM image
    create dist flavor      # Create the machine
    up dist flavor          # Start a machine
    halt dist flavor        # Stops the machine
    reboot dist flavor      # Reboot the machine
    destroy dist flavor     # Destroy the machine
    ssh dist flavor         # Connect to the machine
    list                    # List the machines
    images                  # List the VM images
    available               # List the VM images that can be created
    init dist flavor        # Install dependencies for the bats integration tests
    integration dist flavor # Run the integration tests on the machine
    get_ip dist flavor
    get_osinfo dist

See https://apparmor.pujol.io/development/ for more information.

Requirements¶

Note

You may need to edit some settings to fit your setup:

The default ssh key and ISO directory in tests/packer/variables.pkr.hcl

Build¶

One can see the available images by running:

$ just available

Distribution       Flavor    
archlinux          gnome
archlinux          kde
archlinux          server
archlinux          xfce
debian12           gnome
debian12           kde
debian12           server
ubuntu24           server
...

A VM image can be build with:

$ just img archlinux gnome

The image will then be showed in the list of images:

$ just images

Distribution       Flavor     Size  Date
archlinux          gnome      3.3G  Mar 1 14:49

The VM can then be created with:

$ just create archlinux gnome

And connected to with:

$ just ssh archlinux gnome

Develop¶

Credentials

The admin user is: user, its password is: user. It has passwordless sudo access. Automatic login is not enabled on DE. The root user is not locked.

Directories

All the images come pre-configured with the latest version of apparmor.d installed and running in the VM. The apparmor.d project directory is mounted as /home/user/Projects/apparmor.d

Usage

On all images, aa-update can be used to rebuild and install the latest version of the profiles. p, pf, and pu are two pre-configured aliases of ps that show the security status of processes. htop is also configured to show this status.