In the past with SLES 11 sp3 and sp4 I could go into AppArmor and there were some shared/community profiles available that others had created to help provide a “sample” for applications I was looking for. I am updating a BIND server from SLES 11sp4 to SLES 12sp1 and when I attempted to create the AppArmor profile that option wasn’t there. In fact, the AppArmor Yast settings are very small when compared to previous version. I looked at the SLES 11sp4 AppArmor profile and alot appears to have changed with SLES 12sp1 so I am looking for recommendations on setting up a good AppArmor profile for BIND? This is just going to be used as a forwarder to Cisco openDNS service but want to secure this box, specifically AppArmor the named service.
Here is what I have from SLES 11sp4
[CODE]# Last Modified: Mon Oct 17 12:17:06 2011
When I look at my SLES 12sp1 server some of these files are not present. Just looking for a basic AppArmor profile for named. I see plenty for Ubuntu but not sure if those would work. I am guessing not since the file locations are different.