Support

Support for business applications

Kaspersky Endpoint Security 10 for Linux ARM Edition

Installing the application

Configuring permissions in the AppArmor system

Kaspersky Endpoint Security 10 for Linux ARM Edition
Knowledge Base Online Help
FAQ System requirements Forum Contact support Recovery tools Product videos

Configuring permissions in the AppArmor system

January 20, 2022

ID 179508

To update the AppArmor profiles required to run Kaspersky Endpoint Security:

  1. Make sure that the AppArmor module is loaded by typing one of the following in the command line:
    • systemctl status apparmor
    • /etc/init.d/apparmor status
  2. Create a Kaspersky Endpoint Security profile:
    1. In the first console, execute the following commands:

      cd /etc/apparmor.d

      aa-genprof /opt/kaspersky/kesl/libexec/kesl

    2. To create a comprehensive profile, it is recommended to perform all operations that you plan to do while using Kaspersky Endpoint Security. For example, run tasks in the second console:
      • File Threat Protection task:

        kesl-control --start-task 1

      • Boot sector scan task:

        kesl-control --start-task 4 -W

      • Process and kernel memory scan task:

        kesl-control --start-task 5 -W

      • Update task:

        kesl-control --start-task 6 -W

        It is recommended to run all tasks that you plan to run while using Kaspersky Endpoint Security.

    3. In the first console, press S. After event scanning completes, press F.

      After that, the Kaspersky Endpoint Security profile for the AppArmor system is generated in /etc/apparmor.d/ directory. Profile file name is unique for each installation (for example, var.opt.kaspersky.kesl.10.1.1.5960_1537783807.opt.kaspersky.kesl.libexec.kesl).

      You can define the created profile manually, or by executing the command:

      basename /etc/apparmor.d/*kesl*

  3. Switch the created Kaspersky Endpoint Security profile to message display mode:

    aa-complain <Kaspersky Endpoint Security profile file name>

  4. After the application has run for several days, update the profile by running the following command:

    aa-logprof

    Specify the Allow or Glob permissions for all files that Kaspersky Endpoint Security used during this period.

  5. Switch the Kaspersky Endpoint Security profile to blocking mode:

    aa-enforce <Kaspersky Endpoint Security profile file name>

If new audit messages related to Kaspersky Endpoint Security appear, the rules module file needs to be updated.

For additional information, please refer to the documentation on the relevant operating system.

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.