Protection software for OES with AppArmor

When AppArmor is active, profiles must be created for the system agent binaries to allow communication between the OES server and the system.

To perform backup and restore activities, the system agent uses two binaries:

\usr\bp\bin\bpclientd – bpclientd listens on standard port 1743. It communicates with the system software, over sockets, to read and write data to the system.

\usr\bp\bin\bkup – bkup runs with root privileges and reads and writes data to the entire disk. The bkup process requires read and write access to the entire disk. The bkup application communicates locally with bpclientd over sockets.

AppArmor profiles for bpclientd and bkup can be created using the YaST wizard. Details on creating AppArmor profiles can be found at: Novell AppArmor Administration Guide