Is it just following the commands here: GitHub - Kicksecure/apparmor-profile-everything: AppArmor for everything. APT, systemd, init, all systemd units, all applications. Mandatory Access Control. Security Hardening.. It’s that simple? Is there a way to confirm the install? Thanks
I have done this on a Debian host, as well as Debian virtuals running under that same host and the procedure is simple:
First, enable the whonix repo, if not already enabled. Download signing key, and add a file /etc/apt/sources.list.d/whonix.list with the contents of deb tor://deb.whonix.org buster main contrib nonfree
them simply sudo apt install apparmor-profile-everything Of course you need the apparmor package too if you do not have it. Check the status of apparmor with sudo aa-status. The actual profiles get installed to the /etc/apparmor.d directory and there are a few initramfs tools that automatically get installed as well. It should be active after you install and reboot but to make sure go to the /etc/apparmor.d directory on cli and type sudo apparmor_parser -r init-systemd apt-get and then sudo aa-enforce init-systemd apt-get
To double confirm everything is there, go to /etc/apparmor.d and see the 2 new profiles, /etc/apparmor.d/abstractions to see the "dangerous-files"abstraction, /etc/initramfs-tools/hooks and /etc/initramfs-tools/scripts/init-bottom to see apparmor-profile-everything scripts. the apt-get wrapper lives at /usr/bin/rapt and there are some docs at /usr/share/docs and a man page.
Keep in mind that this project is being updated very frequently, so to see the exact bleeding edge of development, follow on github. Many improvements are being made, sometimes things are added, sometimes things are re arranged or taken away, so definitely check regularly
Thanks! That really made every thing very easy!