AppArmor information updated

Clint Byrum clint at
Thu Jan 12 10:03:03 UTC 2012

Just an FYI, I've tested the procedure for building an apparmor profile
and embedding it in a charm. Its quite an easy process, and results in
a webapp that can't perform any operations you haven't explicitly allowed.

Here is the basic information:

And here is the change to the statusnet charm to use it:

Note that the profile was almost entirely generated using aa-logprof,
with only one weird problem introduced during that process (it thought
we needed the libvirt/qemu abstraction which clearly we did not).

More information about the Juju mailing list