cron
and at
pam_apparmor
pam_apparmor
#Edit source
An AppArmor profile applies to an executable program; if a portion of the
program needs different access permissions than other portions need, the
program can change hats via change_hat to a different role, also known as
a subprofile. The pam_apparmor
PAM module allows
applications to confine authenticated users into subprofiles based on
group names, user names, or a default profile. To accomplish this,
pam_apparmor
needs to be registered as a PAM
session module.
The package pam_apparmor
is not installed by
default, you can install it using YaST or zypper
.
Details about how to set up and configure
pam_apparmor
can be found in
/usr/share/doc/packages/pam_apparmor/README
after the
package has been installed. For details on PAM, refer to
Chapter 2, Authentication with PAM.