How To Setup AppArmor on Ubuntu 22.04 LTS

In this tutorial, we will show you how to setup AppArmor on Ubuntu 22.04 LTS. For those of you who didn’t know, AppArmor is a Linux security module that provides a flexible and effective way of implementing mandatory access control (MAC) policies. MAC policies are a set of rules that specify what access a program should have to the system resources and user data. AppArmor provides an alternative to other security models like SELinux,

This article assumes you have at least basic knowledge of Linux, know how to use the shell, and most importantly, you host your site on your own VPS. The installation is quite simple and assumes you are running in the root account, if not you may need to add ‘sudo‘ to the commands to get root privileges. I will show you the step-by-step installation of AppArmor on Ubuntu 22.04 (Jammy Jellyfish). You can follow the same instructions for Ubuntu 22.04 and any other Debian-based distribution like Linux Mint, Elementary OS, Pop!_OS, and more as well.

Prerequisites

• A server running one of the following operating systems: Ubuntu 22.04, 20.04, and any other Debian-based distribution like Linux Mint.
• It’s recommended that you use a fresh OS install to prevent any potential issues.
• An active internet connection. You’ll need an internet connection to download the necessary packages and dependencies for AppArmor.
• SSH access to the server (or just open Terminal if you’re on a desktop).
• A non-root sudo useror access to the root user. We recommend acting as a non-root sudo user, however, as you can harm your system if you’re not careful when acting as the root.

Setup AppArmor on Ubuntu 22.04 LTS Jammy Jellyfish

Step 1. First, make sure that all your system packages are up-to-date by running the following apt commands in the terminal.

sudo apt update
sudo apt upgrade
sudo apt install wget apt-transport-https gnupg2 software-properties-common

Step 2. Installing AppArmor on Ubuntu 22.04.

By default, AppArmor is available on Ubuntu 22.04 base repository. Now run the following command below to install the latest version of the AppArmorto your Ubuntu system:

sudo apt install apparmor-utils apparmor-notify apparmor-profiles apparmor-profiles-extra

After the installation is complete, AppArmor will be enabled and loaded automatically at boot time. You can verify this by running the following command:

sudo systemctl status apparmor

Step 3. Using AppArmor on Ubuntu.

AppArmor provides several utilities that you can use to manage AppArmor profiles on your system. In this section, we will cover some of the most useful commands and provide examples of how they can be used:

• aa-status: This command displays the status of AppArmor profiles on your system.
• aa-complain: This command changes the enforcement mode of an AppArmor profile from “enforcing” to “complain”. In “complain” mode, the profile will log violations but not enforce them.
• aa-enforce: This command changes the enforcement mode of an AppArmor profile from “complain” to “enforce”. In “enforce” mode, the profile will enforce the rules defined in the profile.
• aa-genprof: This command generates a new profile for an application. It can be used to create a new profile from scratch or to modify an existing profile.
• aa-logprof: This command allows you to review and edit the logs generated by AppArmor profiles in “complain” mode.

Congratulations! You have successfully set up AppArmor. Thanks for using this tutorial to set up AppArmor on Ubuntu 22.04 LTS Jammy Jellyfish system. For additional help or useful information, we recommend you check the official AppArmor website.