Support

Support for business applications

Kaspersky Endpoint Security 10 for Linux Elbrus Edition

Installing the application

Configuring permissions in the AppArmor system

Kaspersky Endpoint Security 10 for Linux Elbrus Edition
Online Help
FAQ System requirements Forum Contact support Recovery tools Product videos

Configuring permissions in the AppArmor system

October 10, 2024

ID 179508

To update the AppArmor profiles required to run Kaspersky Endpoint Security:

  1. Make sure that the AppArmor module is loaded by typing one of the following in the command line:
    • systemctl status apparmor
    • /etc/init.d/apparmor status
  2. Create a Kaspersky Endpoint Security profile:
    1. In the first console, execute the following commands:

      cd /etc/apparmor.d

      aa-genprof /opt/kaspersky/kesl/libexec/kesl

    2. To create a comprehensive profile, it is recommended to perform all operations that you plan to do while using Kaspersky Endpoint Security. For example, run tasks in the second console:
      • File Threat Protection task:

        kesl-control --start-task 1

      • Boot sector scan task:

        kesl-control --start-task 4 -W

      • Process and kernel memory scan task:

        kesl-control --start-task 5 -W

      • Update task:

        kesl-control --start-task 6 -W

        It is recommended to run all tasks that you plan to run while using Kaspersky Endpoint Security.

    3. In the first console, press S. After event scanning completes, press F.

      After that, the Kaspersky Endpoint Security profile for the AppArmor system is generated in /etc/apparmor.d/ directory. Profile file name is unique for each installation (for example, var.opt.kaspersky.kesl.10.1.1.5960_1537783807.opt.kaspersky.kesl.libexec.kesl).

      You can define the created profile manually, or by executing the command:

      basename /etc/apparmor.d/*kesl*

  3. Switch the created Kaspersky Endpoint Security profile to message display mode:

    aa-complain <Kaspersky Endpoint Security profile file name>

  4. After the application has run for several days, update the profile by running the following command:

    aa-logprof

    Specify the Allow or Glob permissions for all files that Kaspersky Endpoint Security used during this period.

  5. Switch the Kaspersky Endpoint Security profile to blocking mode:

    aa-enforce <Kaspersky Endpoint Security profile file name>

If new audit messages related to Kaspersky Endpoint Security appear, the rules module file needs to be updated.

For additional information, please refer to the documentation on the relevant operating system.

');
Kaspersky Professional Services
Implementation services. Health check and security system configuration. Contact us if you need expert help.
');
Kaspersky Premium Support (MSA): High‑priority incident processing
Telephone and web ticket support. Fast response, monitoring and health check. Submit a request and activate the contract (MSA).