Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

aa-status(8) [linux man page]

AA-STATUS(8)							     AppArmor							      AA-STATUS(8)

NAME
aa-status - display various information about the current AppArmor policy. SYNOPSIS
aa-status [option] DESCRIPTION
aa-status will report various aspects of the current state of AppArmor confinement. By default, it displays the same information as if the --verbose argument were given. A sample of what this looks like is: apparmor module is loaded. 110 profiles are loaded. 102 profiles are in enforce mode. 8 profiles are in complain mode. Out of 129 processes running: 13 processes have profiles defined. 8 processes have profiles in enforce mode. 5 processes have profiles in complain mode. Other argument options are provided to report individual aspects, to support being used in scripts. OPTIONS
aa-status accepts only one argument at a time out of: --enabled returns error code if AppArmor is not enabled. --profiled displays the number of loaded AppArmor policies. --enforced displays the number of loaded enforcing AppArmor policies. --complaining displays the number of loaded non-enforcing AppArmor policies. --verbose displays multiple data points about loaded AppArmor policy set (the default action if no arguments are given). --help displays a short usage statement. BUGS
aa-status must be run as root to read the state of the loaded policy from the apparmor module. It uses the /proc filesystem to determine which processes are confined and so is susceptible to race conditions. Upon exiting, aa-status will set its return value to the following values: 0 if apparmor is enabled and policy is loaded. 1 if apparmor is not enabled/loaded. 2 if apparmor is enabled but no policy is loaded. 3 if the apparmor control files aren't available under /sys/kernel/security/. 4 if the user running the script doesn't have enough privileges to read the apparmor control files. If you find any additional bugs, please report them at <http://https://bugs.launchpad.net/apparmor/+filebug>. SEE ALSO
apparmor(7), apparmor.d(5), and <http://wiki.apparmor.net>. AppArmor 2.7.0~beta1 2010-12-20 AA-STATUS(8)

Check Out this Related Man Page

AA-UNCONFINED(8)                                                     AppArmor                                                     AA-UNCONFINED(8)

NAME
aa-unconfined - output a list of processes with tcp or udp ports that do not have AppArmor profiles loaded SYNOPSIS
aa-unconfined DESCRIPTION
aa-unconfined will use netstat(8) to determine which processes have open network sockets and do not have AppArmor profiles loaded into the kernel. BUGS
aa-unconfined must be run as root to retrieve the process executable link from the /proc filesystem. This program is susceptible to race conditions of several flavours: an unlinked executable will be mishandled; an executable started before a AppArmor profile is loaded will not appear in the output, despite running without confinement; a process that dies between the netstat(8) and further checks will be mishandled. This program only lists processes using TCP and UDP. In short, this program is unsuitable for forensics use and is provided only as an aid to profiling all network-accessible processes in the lab. If you find any bugs, please report them at <http://https://bugs.launchpad.net/apparmor/+filebug>. SEE ALSO
netstat(8), apparmor(7), apparmor.d(5), aa_change_hat(2), and <http://wiki.apparmor.net>. AppArmor 2.7.103 2012-06-28 AA-UNCONFINED(8)
Man Page

7 More Discussions You Might Find Interesting

1. Programming

getting certain info for all processes currently running

i am writing a utility that displays information about all the running processes in the /proc directory. I do not know how to get the following information for each of the processes in the /proc directory: -effective user id -effective user name -effective group id -effective group name... (3 Replies)
Discussion started by: Yifan_Guo
3 Replies

2. IP Networking

how we can find whether net is enabled or not

how we can find whether net is enabled or not with out using ping is there anyway please guide me thanku ,in advance sree (1 Reply)
Discussion started by: phani_sree
1 Replies

3. UNIX for Dummies Questions & Answers

How to check the status of the processes running for the current user?

Hi All, I am new to unix. Can anyone tell me "How to check the status of the processes running for the current user?" Regards, Ravindaran S (1 Reply)
Discussion started by: ravind27
1 Replies

4. Shell Programming and Scripting

Ensure the file completion ?

Hi, I would like to copy a file from one location to another. But that particular file is not fully loaded. I like to copy a file once it's fully loaded or complete file. How to ensure whether file is fully loaded or complete file?. -Thambi (5 Replies)
Discussion started by: thambi
5 Replies

5. Shell Programming and Scripting

Check if file is loaded completely and then process the file

I need to write a script which checks for files loaded into a folder (files are loaded by ftp from other server) and process the file only if the file is loaded completely. if the file is not complete in the current run, it must be processed in the next run. Any suggestions would be welcome... (2 Replies)
Discussion started by: kalyan381
2 Replies

6. Shell Programming and Scripting

if else help in a script

I have a script that displays whether a user is online or not and if they are it displays how long and if not it displays the last time they were logged on. Now I am trying to make it so if a user is not recognized it simply says the user has never been online. this is what I have so far ... (1 Reply)
Discussion started by: subway69
1 Replies

7. UNIX for Dummies Questions & Answers

HELP, Need to capitalize all files in dir without capitalizing extensions

Hello everyone, I may sound stupid for asking this but I have files that need to be loaded onto every system at work. When loaded the files are for example.... 5peasw.sim the end result needs to be 5PEASW.sim this is for over 50 files in the directory they go to. I am trying to... (5 Replies)
Discussion started by: E404UserNotFoun
5 Replies