AppArmor is able to restrict what programs can do and access based on policies for those programs.
By default (e. g. no auditd installed) log messages from AppArmor are logged
via syslog to the kernel facility which usually ends up under
This role requires at least Ansible
v2.1.3. To install it, run:
ansible-galaxy install debops-contrib.apparmor