0

I’m looking for a way to enable the Apache2 apparmor profile on Ubuntu Server 18.04 According to the documentation it has to be manually activated (opt-in): https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/AppArmorProfiles

However I can’t seem find any documentation or guidance on how to do this. Can someone point me in the right direction?

gijs007
  • 107
  • 1
  • 4
  • 17

1 Answers1

1

I have found old trusty document useful.

https://www.apt-browse.org/browse/ubuntu/trusty/main/i386/libapache2-mod-apparmor/2.8.95~2430-0ubuntu5/file/etc/apparmor.d/usr.sbin.apache2

1) Apparmor is mostly pre-installed with ubuntu. Please ensure that.

apt policy apparmor

2) You need apache2 profile libapache2-mod-apparmor.

apt install libapache2-mod-apparmor

3) Enable it

aa-enforce /etc/apparmor.d/usr.sbin.apache2

If you are getting error like aa-enforce not found. int apparmor-utils

apt-get install apparmor-utils

To configure your appache, I followed the below url: 

a2enmod mpm_prefork
a2enmod apparmor
service apache2 restart
Aravind
  • 126
  • 4