21.5 Network Access Control . . . . . . . . . . . . . . . . . . . . . 245
21.6 Paths and Globbing . . . . . . . . . . . . . . . . . . . . . . . 246
21.7 File Permission Access Modes . . . . . . . . . . . . . . . . . . . 249
21.8 Execute Modes . . . . . . . . . . . . . . . . . . . . . . . . . 252
21.9 Resource Limit Control . . . . . . . . . . . . . . . . . . . . . . 257
21.10 Auditing Rules . . . . . . . . . . . . . . . . . . . . . . . . . . 258
21.11 Setting Capabilities per Prole . . . . . . . . . . . . . . . . . . . 259
22 AppArmor Prole Repositories 261
22.1 Using the Local Repository . . . . . . . . . . . . . . . . . . . . 261
22.2 Using the External Repository . . . . . . . . . . . . . . . . . . . 262
23 Building and Managing Proles with YaST 265
23.1 Adding a Prole Using the Wizard . . . . . . . . . . . . . . . . . 267
23.2 Manually Adding a Prole . . . . . . . . . . . . . . . . . . . . . 275
23.3 Editing Proles . . . . . . . . . . . . . . . . . . . . . . . . . 275
23.4 Deleting a Prole . . . . . . . . . . . . . . . . . . . . . . . . 281
23.5 Updating Proles from Log Entries . . . . . . . . . . . . . . . . . 281
23.6 Managing Novell AppArmor and Security Event Status . . . . . . . . . 283
24 Building Proles from the Command Line 287
24.1 Checking the AppArmor Module Status . . . . . . . . . . . . . . . 287
24.2 Building AppArmor Proles . . . . . . . . . . . . . . . . . . . . 289
24.3 Adding or Creating an AppArmor Prole . . . . . . . . . . . . . . 290
24.4 Editing an AppArmor Prole . . . . . . . . . . . . . . . . . . . . 290
24.5 Deleting an AppArmor Prole . . . . . . . . . . . . . . . . . . . 290
24.6 Two Methods of Proling . . . . . . . . . . . . . . . . . . . . . 291
24.7 Important Filenames and Directories . . . . . . . . . . . . . . . . 312
25 Proling Your Web Applications Using ChangeHat 315
25.1 Apache ChangeHat . . . . . . . . . . . . . . . . . . . . . . . . 316
25.2 Conguring Apache for mod_apparmor . . . . . . . . . . . . . . . 322
26 Conning Users with pam_apparmor 327
27 Managing Proled Applications 329
27.1 Monitoring Your Secured Applications . . . . . . . . . . . . . . . 329
27.2 Conguring Security Event Notication . . . . . . . . . . . . . . . 330
27.3 Conguring Reports . . . . . . . . . . . . . . . . . . . . . . . 333