Debian-Wheezy.txt

NOTES ABOUT DEBIAN:

- AppArmor is currently only available in Debian 7 (aka "Testing") Wheezy. 
- You need a recent version of Debian Wheezy. We tested with Debian 7 beta 2. 
- By default Debian does not boot with AppArmor support. We need to enable it in GRUB (see below).
- As for now, Debian does not support 'network rules' in AppArmor. You might see warnings about this.
- See also: http://wiki.debian.org/AppArmor/Testing

To get RAppArmor working on Debian 7, follow these steps:

1) Install the latest version of Debian 7 Wheezy (e.g. beta2). 
   An installer can be found here: http://www.debian.org/devel/debian-installer/

2) sudo apt-get update && sudo apt-get upgrade

3) Enable the AppArmor LSM in the Linux Kernel (depending on your bootloader): 

   * When booting form GRUB2 (default):
      Edit /etc/default/grub, and set:
      GRUB_CMDLINE_LINUX=" apparmor=1 security=apparmor"
      
      See also http://wiki.debian.org/AppArmor/Testing
   
   * When booting from legacy GRUB:
      Edit /boot/grub/menu.lst and add "apparmor=1 security=apparmor" to your boot line(s). E.g it will read:

      title Default
      root (hd0)
      kernel /vmlinuz root=/dev/xvda1 ro apparmor=1 security=apparmor
      initrd /initrd.img

4) Reboot

5) Verify that AppArmor LSM is now enabled: sudo aa-status

6) sudo apt-get install r-base-dev
   sudo apt-get install libapparmor-dev apparmor-utils   

7) sudo service apparmor restart

8) #Install the RAppArmor R package:
   sudo R -e 'install.packages("RAppArmor", repos="http://cran.r-project.org")'
    
9) #Copy profiles
   cd /usr/local/lib/R/site-library/RAppArmor/
   sudo cp -Rf profiles/debian/* /etc/apparmor.d/
    
10)#Load the profiles into the kernel
   sudo service apparmor restart
   sudo aa-disable usr.bin.r