Does apparmor and firewall come already configured?

Does the app armor and firewall come already configured or do i have to set them up myself?

(If this is the wrong place to ask this kind of question i am sorry, tried to find a right category but couldn’t)

AFAIK AppArmor no. Firewall may depend on you choice of DE.

We don’t ship apparmor at all. If you want to install it, you can.

We do start and include firewalld which includes a set of preconfigured profiles.

1 Like

Setting up apparmor is described well in the Arch Wiki. An easy thing to do…

:v:

1 Like

If you are looking for a hardened system, on top of that, you could also install the zen kernel (a more hardened kernel version) like this:

sudo pacman -Syy linux-zen-headers linux-zen

Additionally, install firejail.

Addidtionally, install opensnitch. Package info here. More details here.

:rock:

3 Likes

Will this kernel come ready to go or will i need to configure it like apparmor?

Also thanks for taking your time to reply to this post :+1:

Yeah it doesn’t, i use a script to download all the apps i use and one of them seems to use apparmor, my bad.

Thank your the reply.

i wouldnt say its “easy”, it comes with some profiles following that but you need to audit and make profiles yourself for it to really be useful. Its easier than SELinux but still needs a decent amount of effort to setup properly.

default kernel should support apparmor and selinux OOTB, you just gotta set them up