Linux Intermediate

What is AppArmor?

A Linux security module that restricts program capabilities using per-application profiles, simpler to configure than SELinux.

AppArmor confines applications by associating security profiles with programs rather than labeling all system objects (as SELinux does). Profiles define what files a program can read/write, what network access it has, and what capabilities it requires. Profiles operate in enforce mode (restrictions active) or complain mode (violations logged but allowed). AppArmor uses path-based rules making profiles more intuitive to write. It is the default security module on Ubuntu and SUSE. While less granular than SELinux, AppArmor's simpler model makes it more accessible for most administrators.

Learn More About This Topic

SELinux & AppArmor Guide

Directly covers this topic

Debian Security and Hardening

Closely related

Linux Security Auditing

Closely related

Related Terms

A utility for creating and extracting archive files that combine multiple files and directories into a single file.

A system and service manager for Linux that initializes the system and manages services, logging, and more.

A background process that runs continuously on a system, typically providing services like web serving or logging.

The core component of an operating system that manages hardware resources and provides services to software.

The primary command for managing systemd services, including starting, stopping, enabling, and checking service status.

Security-Enhanced Linux — a mandatory access control system that confines programs to minimum required privileges beyond standard file permissions.

View All Linux Terms →