AppArmor

Setup AppArmor on CachyOS

Install apparmor.

sudo pacman -S apparmor apparmor.d

Add the following line to /etc/limine-entry-tool.conf. This should enable AppArmor and auditd at boot time.

KERNEL_CMDLINE[default]+=lsm=landlock,lockdown,yama,integrity,apparmor,bpf audit=1

Update the limine config.

sudo limine-update

Enable apparmor.service and auditd.service on boot.

sudo systemctl enable apparmor.service
sudo systemctl enable auditd.service

Reboot.

Check to see if AppArmor is enabled.

aa-enabled