Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230

 

 

 

disable apparmor on system wide after installation

If none of the specific sub-forums seem right for your thread, ask here.
Post Reply
Message
Author
ericjing
Posts: 2
Joined: 2022-08-18 02:01

disable apparmor on system wide after installation

#1 Post by ericjing »

Dear Sir,

I'm a software engineer and I want to seek the possibility of running my system (web app, nginx, database) on debian 10, and I want to disable apparmor on system wide after installation due to performance reasons (It's almost impossibile to disable it for a specific app since there are a lot of server apps related with each other, e.g. the distributed storage database is consists of a lot of unknown services running behind the scene aside from the main service).
Could you tell me how to disable apparmor on system wide after installation? Thank you so much for your help.

ericjing
Posts: 2
Joined: 2022-08-18 02:01

Re: disable apparmor on system wide after installation

#2 Post by ericjing »

And, one more reason to disable it on systrem wide for a production machine is to avoid system down, since it's impossible to predict what is the exact file/folder that the database is reading/writing, I'm just a user of the database, I'm not the developper of the database. Enable apparmor will make Debian 10 impossible for a production machine. FYI, redhat disable SELinux on a production machine.

User avatar
Head_on_a_Stick
Posts: 14114
Joined: 2014-06-01 17:46
Location: London, England
Has thanked: 81 times
Been thanked: 132 times

Re: disable apparmor on system wide after installation

#3 Post by Head_on_a_Stick »

https://wiki.debian.org/AppArmor/HowToU ... e_AppArmor

Software engineers should know how to use search engines... :roll:

Also:
ericjing wrote:redhat disable SELinux on a production machine
Don't be ridiculous.

Plenty of sysadmins are confused enough by it that they run it in permissive mode but only an idiot would disable it.
deadbang

Post Reply