Merge pull request #12701 from ericeberry/u2404_1311

Ubuntu 24.04 1.3.1.1 Ensure AppArmor is installed

Author: dodys

components/apparmor-utils.yml

@@ -0,0 +1,7 @@
+groups:
+- apparmor-utils
+name: apparmor-utils
+packages:
+- apparmor-utils
+rules:
+- package_apparmor-utils_installed

components/apparmor.yml

@@ -10,4 +10,5 @@ rules:
 - apparmor_configured
 - grub2_enable_apparmor
 - package_apparmor_installed
+- package_apparmor-utils_installed
 - package_pam_apparmor_installed

controls/cis_ubuntu2404.yml

@@ -370,11 +370,11 @@ controls:
     levels:
       - l1_server
       - l1_workstation
-    related_rules:
+    rules:
       - package_apparmor_installed
-    status: planned
-    notes: TODO. Partial/incorrect implementation exists.See related rules. Analogous to ubuntu2204/1.6.1.1.
-
+      - package_apparmor-utils_installed
+    status: automated
+    
   - id: 1.3.1.2
     title: Ensure AppArmor is enabled in the bootloader configuration (Automated)
     levels:

linux_os/guide/system/apparmor/package_apparmor-utils_installed/rule.yml

@@ -0,0 +1,17 @@
+documentation_complete: true
+
+title: 'Ensure AppArmor Utils is installed'
+
+description: |-
+    AppArmor provide Mandatory Access Controls.
+
+rationale: |-
+    Without a Mandatory Access Control system installed only the default
+    Discretionary Access Control system will be available.
+
+severity: medium
+
+template:
+    name: package_installed
+    vars:
+        pkgname: apparmor-utils