# Quick introduction

AppArmor is an effective and easy-to-use Linux application security system. AppArmor proactively protects the operating system and applications from external or internal threats, even zero-day attacks, by enforcing good behavior and preventing both known and unknown application flaws from being exploited.

AppArmor supplements the traditional Unix discretionary access control (DAC) model by providing mandatory access control (MAC). It has been included in the mainline Linux kernel since version 2.6.36 and its development has been supported by Canonical since 2009.

## Installation

Many Linux distributions (e.g. Debian, Ubuntu, OpenSUSE) ship with AppArmor.

Simply run aa-status to see if your Linux distribution already has AppArmor integrated:

$aa-status apparmor module is loaded.  Since it is a kernel module it is usually not something users install themselves. Individual users and system administrators might however want to manage the application profiles which define what each application is allowed to do by editing the files in /etc/apparmor.d/. The list of currently active profiles can be easily checked with aa-status. ## Checking AppArmor log messages Each time AppArmor denies applications from doing potentially harmful operations the event is logged. Depending on your system the AppArmor events can be seen in the syslog, auditd, kernel log or in journald logs. Example: $ sudo journalctl -fx
audit[13172]: AVC apparmor="ALLOWED" operation="open"
profile="libreoffice-soffice"
name="/home/otto/.mozilla/firefox/ov37570l.default/cert8.db"


Desktop systems that have the tool aa-notify installed can show events as graphical notifications.

## Debugging application problems

When debugging issues, the first step should always be to disable the AppArmor profile for the application and check if it had an effect. If not, the problem in the application was not related to AppArmor.

More details about AppArmor can be found in the wiki.

## AppArmor 3.0.6 released

AppArmor 3.0.6 fixes a couple errors discovered in AppArmor 3.0.5 after release. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). The kernel portion of the project is maintained and pushed separately. Read More »

## AppArmor 3.0.5 released

AppArmor 3.0.5 fixes a build error in AppArmor 3.0.4 that could cause AppArmor builds to fail during tests in some build environments. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). Read More »

## AppArmor 3.0.4 released

AppArmor 3.0.4 fixes a build error in AppArmor 3.0.3 that could cause AppArmor builds to fail during tests in some build environments. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). Read More »

## AppArmor 3.0.3 released

AppArmor 3.0.3 fixes a build error in AppArmor 3.0.2 that could cause AppArmor builds to fail during tests in some build environments. It is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). Read More »

## AppArmor 3.0.2 released

AppArmor 3.0.2 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). The kernel portion of the project is maintained and pushed separately. Obtaining the Release There are two ways to obtain this release either through gitlab or a tarball in launchpad. Read More »

## AppArmor 2.10.6 released

AppArmor 2.10.6 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). The kernel portion of the project is maintained and pushed separately. Important Note This is the last release in the 2. Read More »

## AppArmor 2.13.6 released

AppArmor 2.13.6 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). And supports features released in the 4.18 kernel and ubuntu 18.04 kernel with the apparmor 3 development patches. Read More »

## AppArmor 3.0.1 released

AppArmor 3.0.1 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). The kernel portion of the project is maintained and pushed separately. Highlighted fixes or improvements Adds support for capability checkpoint_restore for the 5. Read More »

## AppArmor 3.0 released

AppArmor 3.0 is a major new release of the AppArmor user space that makes an important change to policy development and support. Its focus is transitioning policy to the new features abi and as such other new features have been limited. Apprmor 3.0 is a bridge release between older AppArmor 2.x policy and the newer AppArmor 3 style policy which requires the declaration of a features abi. As such AppArmor 3. Read More »

## AppArmor 2.12.3 released

AppArmor 2.12.3 is a maintenance release of the user space components of the AppArmor security project. The kernel portion of the project is maintained and pushed separately. This version of the userspace should work with all kernel versions from 2.6.15 and later (some earlier version of the kernel if they have the apparmor patches applied). And supports features released in the 4.18 kernel and ubuntu 18.04 kernel with the apparmor 3 development patches. Read More »