AppArmor or SELinux


Are there any instructions on enabling security frameworks like AppArmor or SELinux in DietPi?

  • FredSki

apt install apparmor

Simply follow any guide for Debian. AppArmor is something we might add by default, but some custom rules are required to make it fully compatible with all provided software installs. E.g. by default or blocks MariaDB from accessing the database through symlinks but we symlink /var/lib/mysql by default to /mnt/dietpi_userdata/mysel.

On the off chance that you take a gander at SELinux and Apparmor, they are both solid and frail in similar manners. SELinux is “more grounded” in that it can get considerably more finely grained access to records, yet what does that increase an aggressor over being in an apparmor profile? You’re now essentially confined in an apparmor profile. Things being what they are, do you genuinely increase considerably more with SELinux?
Kodi Lucky Patcher nox

AppArmor seems to generally much easier to configure, but less flexible. However I tend in AppArmor direction and add profiles or each software title we offer, where required.