NixOS must be configured to use AppArmor.
An XCCDF Rule
Description
Users' home directories/folders may contain information of a sensitive nature. Nonprivileged users should coordinate any sharing of information with a system administrator (SA) through shared resources. Satisfies: SRG-OS-000480-GPOS-00230, SRG-OS-000368-GPOS-00154
- ID
- SV-268173r1039407_rule
- Version
- ANIX-00-001890
- Severity
- Medium
- References
- Updated
Remediation Templates
A Manual Procedure
Add the following Nix code to the NixOS Configuration, usually located in /etc/nixos/configuration.nix.
security.apparmor.enable = true;
Rebuild the NixOS configuration with the following command:
$ sudo nixos-rebuild switch && reboot