NAME
aa-autodep - guess basic AppArmor profile requirements
SYNOPSIS
aa-autodep <executable> [<executable> ...] [-d /path/to/profiles] [-f]
OPTIONS
-d --dir /path/to/profiles
Specifies where to look for the AppArmor security profile set. Defaults to /etc/apparmor.d.
-f --force
Overwrites any existing AppArmor profile for the executable with the generated minimal AppArmor profile.
DESCRIPTION
aa-autodep is used to generate a minimal AppArmor profile for a set of executables. This program will generate a profile for binary executable as well as interpreted script programs. At a minimum aa-autodep will provide a base profile containing a base include directive which includes basic profile entries needed by most programs. The profile is generated by recursively calling ldd(1) on the executables listed on the command line.
The --force option will overwrite any existing profile for the executable with the newly generated minimal AppArmor profile.
BUGS
This program does not perform full static analysis of executables, so the profiles generated are necessarily incomplete. If you find any bugs, please report them at <https://gitlab.com/apparmor/apparmor/-/issues>.
SEE ALSO
apparmor(7), apparmor.d(5), aa-complain(1), aa-enforce(1), aa-disable(1), aa_change_hat(2), and <https://wiki.apparmor.net>.