How to configure AppArmor for Web Portal Access (Ubuntu 23.10+)

With the Web Portal asset type, it is possible to broker privileged access to web portals. During these remote sessions, the server connects to the target web application with a headless Chromium instance. If you are hosting 12Port on Ubuntu 23.10+ or a similar Linux distribution, this Chromium instance may be blocked by AppArmor. This can be prevented by adding a new profile to your AppArmor configuration. This can be done by creating a new file /etc/apparmor.d/chromium with the following content:

abi <abi/4.0>,
include <tunables/global>

profile chromium /opt/12port/wd/chrome-headless-shell flags=(unconfined) {
  userns,

  include if exists <local/chromium>
}