termined by the threat or importance of different security events, such as certain
resources accessed or services denied.
Mode
The mode is the permission that the profile grants to the program or process to
which it is applied. The options are
r
(read),
w
(write),
l
(link), and
x
(execute).
Detail
A source to which the profile has denied access.This includes capabilities and files.
You can use this field to report the resources to which the profile prevents access.
Access Type
The access type describes what is actually happening with the security event. The
options are
PERMITTING
,
REJECTING
, or
AUDITING
.
Executive Security Summary
A combined report consisting of one or more high-level reports from one or more ma-
chines. This report can provide a single view of security events on multiple machines
if each machine's data is copied to the report archive directory, which is
/var/log/
apparmor/reports-archived
. One line of the ESS report represents a range of
SIR reports.
100
Novell AppArmor Administration Guide