diff --git a/DC-SAP-lsm b/DC-SAP-lsm
new file mode 100644
index 000000000..370b2885e
--- /dev/null
+++ b/DC-SAP-lsm
@@ -0,0 +1,15 @@
+# This file originates from the project https://github.com/openSUSE/doc-kit
+# This file can be edited downstream.
+
+MAIN="lsm.asm.xml"
+# Point to the ID of the <structure> of your assembly
+SRC_DIR="articles"
+IMG_SRC_DIR="images"
+
+PROFOS="sles4sap"
+PROFCONDITION="16.0"
+#PROFCONDITION="suse-product;beta"
+#PROFCONDITION="community-project"
+
+STYLEROOT="/usr/share/xml/docbook/stylesheet/suse2022-ns"
+FALLBACK_STYLEROOT="/usr/share/xml/docbook/stylesheet/suse-ns"
\ No newline at end of file
diff --git a/DC-SLES-lsm b/DC-SLES-lsm
new file mode 100644
index 000000000..708968e04
--- /dev/null
+++ b/DC-SLES-lsm
@@ -0,0 +1,15 @@
+# This file originates from the project https://github.com/openSUSE/doc-kit
+# This file can be edited downstream.
+
+MAIN="lsm.asm.xml"
+# Point to the ID of the <structure> of your assembly
+SRC_DIR="articles"
+IMG_SRC_DIR="images"
+
+PROFOS="sles"
+PROFCONDITION="16.0"
+#PROFCONDITION="suse-product;beta"
+#PROFCONDITION="community-project"
+
+STYLEROOT="/usr/share/xml/docbook/stylesheet/suse2022-ns"
+FALLBACK_STYLEROOT="/usr/share/xml/docbook/stylesheet/suse-ns"
\ No newline at end of file
diff --git a/articles/lsm.asm.xml b/articles/lsm.asm.xml
new file mode 100644
index 000000000..ef33879f0
--- /dev/null
+++ b/articles/lsm.asm.xml
@@ -0,0 +1,135 @@
+<?xml version="1.0" encoding="UTF-8" standalone="no"?>
+<?xml-model href="https://cdn.docbook.org/schema/5.2/rng/assemblyxi.rnc"
+            type="application/relax-ng-compact-syntax"?>
+<!DOCTYPE assembly
+[
+    <!ENTITY % entities SYSTEM "../common/generic-entities.ent">
+    %entities;
+]>
+<assembly version="5.2" xml:lang="en"
+          xmlns:xlink="http://www.w3.org/1999/xlink"
+          xmlns:trans="http://docbook.org/ns/transclusion"
+          xmlns:its="http://www.w3.org/2005/11/its"
+          xmlns="http://docbook.org/ns/docbook">
+<!-- R E S O U R C E S -->
+  <resources>
+    <resource href="../concepts/intro-lsm.xml" xml:id="_intro-lsm"/>
+    <resource href="../concepts/intro-lsm-yama.xml" xml:id="_intro-lsm-yama"/>
+    <resource href="../tasks/enable-yama-lsm.xml" xml:id="_enable-yama-lsm"/>
+    <resource href="../tasks/yama-troubleshooting.xml" xml:id="_yama-troubleshooting"/>
+    <resource href="../glues/lsm-more-info.xml" xml:id="_lsm-more-info"/>
+            <resource href="../common/legal.xml" xml:id="_legal"/>
+    <resource href="../common/license_gfdl1.2.xml" xml:id="_gfdl"/>
+  </resources>
+<!-- S T R U C T U R E -->
+  <structure renderas="article" xml:id="lsm" xml:lang="en">
+    <merge>
+      <title>Introduction to the Linux Security Module Framework </title>
+      <revhistory xml:id="rh-lsm">
+        <revision><date>2026-04-07</date>
+          <revdescription>
+            <para>
+              Initial version
+            </para>
+          </revdescription>
+        </revision>
+      </revhistory>
+
+      <!-- Maintainer-->
+      <meta name="maintainer" content="amrita.sathivel@suse.com" its:translate="no"/>
+
+      <!-- Series-->
+      <meta name="series" its:translate="no">Smart Docs</meta>
+
+      <!-- Task -->
+      <meta name="task" its:translate="no">
+        <phrase>Administration</phrase>
+        <phrase>Configuration</phrase>
+        <phrase>Security</phrase>
+      </meta>
+
+      <!-- Docmanager -->
+      <dm:docmanager xmlns:dm="urn:x-suse:ns:docmanager">
+        <dm:bugtracker>
+          <dm:url>https://bugzilla.suse.com/enter_bug.cgi</dm:url>
+          <dm:component>Documentation</dm:component>
+          <dm:product os="sles">SUSE Linux Enterprise Server 16.0</dm:product>
+          <dm:product os="sles4sap">SUSE Linux Enterprise Server 16.0</dm:product>
+          <dm:assignee>amrita.sakthivel@suse.com</dm:assignee>
+        </dm:bugtracker>
+        <dm:translation>yes</dm:translation>
+      </dm:docmanager>
+
+      <!-- Architecture -->
+      <meta name="architecture" its:translate="no">
+        <phrase>&x86-64;</phrase>
+        <phrase>&power;</phrase>
+        <phrase>&zseries;</phrase>
+        <phrase>&aarch64;</phrase>
+      </meta>
+
+      <!-- Productname & Version -->
+      <meta name="productname" its:translate="no">
+        <productname version="16.0" os="sles;sles4sap">&productname;</productname>
+      </meta>
+
+      <!-- Social Media -->
+      <meta name="title" its:translate="yes">Introduction to the Yama Linux Security Module</meta>
+      <meta name="social-descr" its:translate="yes">Understanding the Yama LSM is vital because it provides a foundational layer of defense-in-depth by restricting ptrace capabilities</meta>
+
+      <!-- Search -->
+      <meta name="description" its:translate="yes">The Linux Security Module (LSM) framework is a critical component of the kernel because it allows the system to enforce Mandatory Access Control (MAC) policies that go beyond standard user permissions</meta>
+
+      <abstract>
+        <variablelist>
+          <varlistentry>
+            <term>WHAT?</term>
+            <listitem>
+              <para>
+                The LSM functions as a secondary, mandatory validation layer that intercepting system calls only after DAC has granted permission, ensuring that security policies are strictly enforced even if a user or process possesses ownership of a resource.
+              </para>
+            </listitem>
+          </varlistentry>
+          <varlistentry>
+            <term>WHY?</term>
+            <listitem>
+              <para>
+                Learn how to use and configure LSMs like Yama, as it enables you to transition from basic user-level security to a robust, hardened system capable of neutralizing zero-day exploits.
+              </para>
+            </listitem>
+          </varlistentry>
+          <varlistentry>
+            <term>EFFORT</term>
+            <listitem>
+              <para>
+The average reading time of this article is approximately 40 minutes.
+              </para>
+            </listitem>
+          </varlistentry>
+          <varlistentry>
+            <term>REQUIREMENTS</term>
+            <listitem>
+              <itemizedlist>
+                <listitem>
+                  <para>
+<emphasis>Linux fundamentals:</emphasis> Understanding basic Linux commands, file permissions, directory structures
+and use of the command line.
+                  </para>
+                </listitem>
+                       </itemizedlist>
+            </listitem>
+          </varlistentry>
+        </variablelist>
+      </abstract>
+    </merge>
+    <module resourceref="_intro-lsm"></module>
+    <module resourceref="_intro-lsm-yama"></module>
+    <module resourceref="_enable-yama-lsm"></module>
+    <module resourceref="_yama-troubleshooting"></module>
+    <module resourceref="_lsm-more-info"></module>
+    <module resourceref="_legal"/>
+    <module resourceref="_gfdl">
+      <output renderas="appendix"/>
+    </module>
+  </structure>
+</assembly>
\ No newline at end of file
diff --git a/concepts/intro-lsm-yama.xml b/concepts/intro-lsm-yama.xml
new file mode 100644
index 000000000..cecc0be10
--- /dev/null
+++ b/concepts/intro-lsm-yama.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE topic
+[
+  <!ENTITY % entities SYSTEM "../common/generic-entities.ent">
+    %entities;
+]>
+<!-- refers to legacy doc: <add github link to legacy doc piece, if applicable> -->
+<!-- point back to this document with a similar comment added to your legacy doc piece -->
+<!-- refer to README.md for file and id naming conventions -->
+<!-- metadata is dealt with on the assembly level -->
+<topic xml:id="intro-lsm-yama"
+ role="concept" xml:lang="en"
+ xmlns="http://docbook.org/ns/docbook" version="5.2"
+ xmlns:its="http://www.w3.org/2005/11/its"
+ xmlns:xi="http://www.w3.org/2001/XInclude"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:trans="http://docbook.org/ns/transclusion">
+  <info>
+    <title>Introduction to the YAMA security module</title>
+    <meta name="maintainer" content="amrita.sakthivel@suse.com" its:translate="no"/>
+    <abstract>
+      <para>
+Yama is a Linux security module designed to enhance system-wide security by implementing DAC (Discretionary Access Control) for certain kernel functionalities.
+It focuses on restricting the use of the <literal>ptrace</literal> system call, which is commonly used for debugging but can also be exploited for malicious purposes.
+<literal>ptrace</literal> is a short form of process call, which is a powerful system call that allows one process to observe, control, and manipulate another process.
+</para>
+    </abstract>
+  </info>
+    <para>
+The Yama module is vital because it addresses a fundamental weakness in the traditional Linux process model, where any process could freely peek and poke into the memory of any other process owned by the same user.
+By introducing configurable scopes, most notably the restriction that a process can only trace its own descendants Yama prevents lateral movement by attackers. This means a compromised low-privilege application, like a Web browser or a chat client, cannot easily reach out to steal sensitive data from an SSH agent or a password manager running in the same session.
+You can implement Yama which is selectable at build-time with <literal>CONFIG_SECURITY_YAMA</literal> and can be controlled at run-time through <literal>sysctls</literal> in <filename>/proc/sys/kernel/yama</filename>.
+  </para>
+ </topic>
\ No newline at end of file
diff --git a/concepts/intro-lsm.xml b/concepts/intro-lsm.xml
new file mode 100644
index 000000000..846fadeee
--- /dev/null
+++ b/concepts/intro-lsm.xml
@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE topic
+[
+  <!ENTITY % entities SYSTEM "../common/generic-entities.ent">
+    %entities;
+]>
+<!-- refers to legacy doc: <add github link to legacy doc piece, if applicable> -->
+<!-- point back to this document with a similar comment added to your legacy doc piece -->
+<!-- refer to README.md for file and id naming conventions -->
+<!-- metadata is dealt with on the assembly level -->
+<topic xml:id="intro-lsm"
+ role="concept" xml:lang="en"
+ xmlns="http://docbook.org/ns/docbook" version="5.2"
+ xmlns:its="http://www.w3.org/2005/11/its"
+ xmlns:xi="http://www.w3.org/2001/XInclude"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:trans="http://docbook.org/ns/transclusion">
+  <info>
+    <title>About the Linux Security Module Framework</title>
+    <meta name="maintainer" content="amrita.sakthivel@suse.com" its:translate="no"/>
+    <abstract>
+      <para>
+The LSM (Linux Security Module) framework is a modular architecture within the Linux kernel that allows for the implementation of various security models, primarily MAC (Mandatory Access Control).
+   </para>
+    </abstract>
+  </info>
+    <para>
+Rather than hard-coding a specific security policy into the kernel, LSM provides a set of hooks at every critical system call,such as opening files, creating sockets, or starting processes that allow security modules like &selnx;, AppArmor, or Yama to verify actions.
+When a process attempts a sensitive operation, the kernel triggers these hooks to ask the loaded security module for permission; if the module's specific policy denies the request, the action is blocked even if the user has root privileges.
+This framework ensures that Linux remains flexible, allowing users to choose or stack different security layers based on their specific needs for system hardening.
+  </para>
+  <section xml:id="how-does-lsm-work">
+    <title>How LSM works? </title>
+    <para>Whenever a process tries to access an object like opening a file, sending a network packet, or creating a directory, the kernel first performs its standard  DAC (Discretionary Access Control). This is the basic root versus user or <literal>read/write/execute</literal> permission check.
+If the DAC allows it, the LSM framework then steps in:</para>
+<itemizedlist>
+<listitem>
+<para>The kernel calls a hook which is a redirection point.</para>
+</listitem>
+<listitem>
+  <para>The Security Module, for example &selnx; checks its own specific policy.</para>
+  </listitem>
+  <listitem>
+    <para>The security module then returns a decision; <literal>Allowed</literal> or <literal>Denied</literal>.</para>
+    </listitem>
+</itemizedlist>
+<para>You can check which security modules are currently initialized on your Linux system:</para>
+<screen>cat /sys/kernel/security/lsm
+lockdown,capability,landlock,yama,selinux,bpf,ima,evm
+</screen>
+<para>sysctl is a powerful interface used to examine and modify kernel parameters at runtime. However, because these settings can fundamentally change how the OS behaves, they are guarded by specific permissions.
+When a setting is writable only with <literal>CAP_SYS_PTRACE</literal>, it means the kernel requires the process attempting the change to possess a specific capability.
+The sysctl settings writable only with <literal>CAP_SYS_PTRACE</literal> are: </para>
+<table>
+<title>sysctl settings explained </title>
+<tgroup cols="3">
+  <thead>
+    <row>
+      <entry>Level</entry>
+      <entry>Name</entry>
+      <entry>Description</entry>
+       </row>
+  </thead>
+  <tbody>
+    <row>
+      <entry>0</entry>
+      <entry>Classic</entry>
+      <entry>Regular Linux ptrace permissions (owner can attach).</entry>
+    </row>
+    <row>
+      <entry>1</entry>
+      <entry>Restricted</entry>
+      <entry>Only a parent process can ptrace its descendants.</entry>
+    </row>
+    <row>
+      <entry>2</entry>
+      <entry>Admin-only</entry>
+      <entry>Only processes with <literal>CAP_SYS_PTRACE</literal> can ptrace (usually root).</entry>
+    </row>
+    <row>
+      <entry>3</entry>
+      <entry>No-attach</entry>
+      <entry>Ptrace is disabled globally. Cannot be changed until reboot. </entry>
+    </row>
+    </tbody>
+</tgroup>
+</table>
+    </section>
+    <section xml:id="imp-lsm">
+      <title>Why is LSM important? </title>
+      <para>Before LSM was introduced, users who want to add a new security feature to Linux had to hack the kernel code directly.
+    LSM solved this by:</para>
+    <itemizedlist>
+ <listitem><para><emphasis role="bold">Standardization:</emphasis> It created a stable interface so security developers did not have to rewrite their code every time the kernel updated.</para></listitem>
+ <listitem><para><emphasis role="bold">Modularity:</emphasis> It allows users to choose the security model that fits their needs, for example, AppArmor for ease of use or &selnx; for high-security environments.</para></listitem>
+ <listitem><para><emphasis role="bold">Stacking:</emphasis> Modern kernels allow you to stack multiple modules, so you can run something like Yama to protect against <literal>ptrace</literal> attacks alongside AppArmor.</para></listitem>
+</itemizedlist>
+     </section>
+ </topic>
\ No newline at end of file
diff --git a/glues/lsm-more-info.xml b/glues/lsm-more-info.xml
new file mode 100644
index 000000000..7f21b2a92
--- /dev/null
+++ b/glues/lsm-more-info.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE topic
+[
+  <!ENTITY % entities SYSTEM "../common/generic-entities.ent">
+    %entities;
+]>
+<topic xml:id="lsm-more-info"
+ role="glue" xml:lang="en"
+ xmlns="http://docbook.org/ns/docbook" version="5.2"
+ xmlns:its="http://www.w3.org/2005/11/its"
+ xmlns:xi="http://www.w3.org/2001/XInclude"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:trans="http://docbook.org/ns/transclusion">
+  <info>
+    <title>For more information</title>
+    <!--add author's e-mail address-->
+    <meta name="maintainer" content="amrita.sakthivel@suse.com"/>
+  </info>
+  <itemizedlist>
+    <listitem> <para>
+       To learn more about the Linux Security Module usage:
+        <link xlink:href="https://docs.kernel.org/admin-guide/LSM/index.html"/>.
+      </para>
+    </listitem>
+
+  </itemizedlist>
+</topic>
\ No newline at end of file
diff --git a/tasks/enable-yama-lsm.xml b/tasks/enable-yama-lsm.xml
new file mode 100644
index 000000000..c105fbb14
--- /dev/null
+++ b/tasks/enable-yama-lsm.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- This file originates from the project https://github.com/openSUSE/doc-kit -->
+<!-- This file can be edited downstream. -->
+<!DOCTYPE topic
+[
+  <!ENTITY % entities SYSTEM "../common/generic-entities.ent">
+    %entities;
+]>
+<!-- refers to legacy doc: <add github link to legacy doc piece, if applicable> -->
+<!-- point back to this document with a similar comment added to your legacy doc piece -->
+<!-- refer to README.md for file and id naming conventions -->
+<!-- metadata is dealt with on the assembly level -->
+<topic xml:id="enable-yama-lsm"
+ role="task" xml:lang="en"
+ xmlns="http://docbook.org/ns/docbook" version="5.2"
+ xmlns:its="http://www.w3.org/2005/11/its"
+ xmlns:xi="http://www.w3.org/2001/XInclude"
+ xmlns:xlink="http://www.w3.org/1999/xlink"
+ xmlns:trans="http://docbook.org/ns/transclusion">
+  <info>
+    <title>Enabling the Yama Linux Security module</title><!-- can be changed via merge
+in the assembly -->
+    <!-- add author's e-mail -->
+    <meta name="maintainer" content="amrita.sakthivel@suse.com" its:translate="no"/>
+    <abstract><!-- can be changed via merge in the assembly -->
+      <para>
+  Using the Yama LSM is primarily an administrative task that involves interacting with the Linux kernel's sysctl interface. Since Yama is built into most modern kernels , you don't run it like a program; instead, you configure its <literal>ptrace_scope</literal> .
+      </para>
+    </abstract>
+  </info>
+ <procedure>
+  <title>Setting Yama security levels</title>
+  <step><para>Verify that your kernel was compiled with Yama support. check for the existence of the Yama configuration file:
+  </para>
+<screen>ls /proc/sys/kernel/yama/ptrace_scope</screen>
+<para>If this file exists, Yama is active. If you get a <literal>No such file or directory</literal> error, Yama is likely not compiled into your kernel or not enabled as a security module at boot.
+</para>
+</step>
+<step><para>To see which mode your system is currently using, read the value of the <literal>ptrace_scope</literal> file:
+</para>
+<screen>cat /proc/sys/kernel/yama/ptrace_scope</screen>
+<itemizedlist>
+<listitem><para>0: Classic permissions (Least secure).</para></listitem>
+<listitem><para>1: Restricted (Default on most systems; can only trace children).</para></listitem>
+<listitem><para>2: Admin-only (Requires root).</para></listitem>
+<listitem><para>3: Disabled (Highest security; cannot be changed without reboot).</para></listitem>
+</itemizedlist>
+</step>
+<step><para>You can change the security level temporarily to see how it affects your tools, for example, <literal>strace</literal>:</para>
+<screen>&prompt.sudo; sh -c 'echo 2  /proc/sys/kernel/yama/ptrace_scope'</screen>
+<para> If the level is already set to 3, you cannot lower it using this method. Level 3 is a lockdown mode that persists until the next system reboot.
+</para>
+<screen>sleep 100 &amp; </screen>
+<para>Note the PID.</para>
+<para>Open a separate terminal and try to attach to it; <literal>strace -p <replaceable>PID_NO</replaceable></literal>.
+If Yama level 1 is active, you will see: <literal>attach: ptrace: Operation not permitted</literal>.
+  </para>
+</step>
+<step><para> Edit the sysctl configuration to make the Yama level permanent: </para>
+<screen>&prompt.sudo; vi /etc/sysctl.d/10-ptrace.conf</screen>
+<para>If the file does not exist, you can create it or edit <filename>/etc/sysctl.conf</filename>.</para>
+<para>Add the following line and apply the change:</para>
+<screen>kernel.yama.ptrace_scope = 1</screen>
+<screen>&prompt.sudo; sysctl -p /etc/sysctl.d/10-ptrace.conf</screen></step>
+<step><para>Optional: If you want to ensure Yama is at level 3 (disabled) from the moment the system turns on, add <literal>yama.ptrace_scope=3 </literal> to your GRUB kernel boot parameters.</para></step>
+</procedure>
+
+</topic>
\ No newline at end of file
diff --git a/tasks/yama-troubleshooting.xml b/tasks/yama-troubleshooting.xml
new file mode 100644
index 000000000..c1071f698
--- /dev/null
+++ b/tasks/yama-troubleshooting.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- This file originates from the project https://github.com/openSUSE/doc-kit -->
+<!-- This file can be edited downstream. -->
+<?xml-stylesheet href="urn:x-suse:xslt:profiling:docbook51-profile.xsl"
+ type="text/xml"
+ title="Profiling step"?>
+<!DOCTYPE article
+[
+  <!ENTITY % entities SYSTEM "../common/generic-entities.ent">
+    %entities;
+]>
+<topic xml:id="yama-troubleshooting" xml:lang="en"
+ role="task"
+ xmlns="http://docbook.org/ns/docbook" version="5.1"
+ xmlns:its="http://www.w3.org/2005/11/its"
+ xmlns:xi="http://www.w3.org/2001/XInclude"
+ xmlns:xlink="http://www.w3.org/1999/xlink">
+  <info>
+    <meta name="maintainer" content="amrita.sakthivel@suse.com" its:translate="no"/>
+    <title>Troubleshooting Yama</title>
+</info>
+<para>
+  Troubleshooting Yama is essential because an overly restrictive <literal>ptrace_scope</literal> can silently break critical system operations, such as debugging with GDB or generating crash reports, directly impacting a developer's ability to diagnose software failures.
+  </para>
+<para> Common troubleshooting scenarios include:</para>
+  <variablelist>
+    <varlistentry>
+      <term><emphasis>xx</emphasis></term>
+      <listitem> <para>xx</para>
+</listitem>
+ </varlistentry>
+   </variablelist>
+</topic>
\ No newline at end of file