Originally Posted by
q.dinar
how to create profile for x server? as was said in this thread or "share your apparmor profiles" to limit/set rules for/confine/restrict video driver profile for x server should be created.
Very carefully I'm only half-joking, and I'm not completely sure where to start. Probably /usr/sbin/gdm and /usr/X11R6/bin/X, and be prepared to do a lot of work tracing why it's not working and what it's asking for. You may want to put the profiles into complain mode so you don't completely lose graphics:
Code:
sudo aa-complain /path/to/profile
Then when you're satisfied and/or ready to test your profile in enforcing mode:
Code:
sudo aa-enforce /path/to/profile
Remember of course that this doesn't give you the ability to have separate profiles for nvidia, nv, radeon, etc., the profile is for X in general.
To get an idea of the programs you'd need to have profiles for (or give execute permissions with 'ix') open a terminal and use this command:
That prints out a process tree. Look for the set starting with '/usr/sbin/gdm'.
Bookmarks