AA-STATUS(8) AppArmor AA-STATUS(8)NAME
aa-status - display various information about the current AppArmor policy.
SYNOPSIS
aa-status [option]
DESCRIPTION
aa-status will report various aspects of the current state of AppArmor confinement. By default, it displays the same information as if the
--verbose argument were given. A sample of what this looks like is:
apparmor module is loaded.
110 profiles are loaded.
102 profiles are in enforce mode.
8 profiles are in complain mode.
Out of 129 processes running:
13 processes have profiles defined.
8 processes have profiles in enforce mode.
5 processes have profiles in complain mode.
Other argument options are provided to report individual aspects, to support being used in scripts.
OPTIONS
aa-status accepts only one argument at a time out of:
--enabled
returns error code if AppArmor is not enabled.
--profiled
displays the number of loaded AppArmor policies.
--enforced
displays the number of loaded enforcing AppArmor policies.
--complaining
displays the number of loaded non-enforcing AppArmor policies.
--verbose
displays multiple data points about loaded AppArmor policy set (the default action if no arguments are given).
--help
displays a short usage statement.
BUGS
aa-status must be run as root to read the state of the loaded policy from the apparmor module. It uses the /proc filesystem to determine
which processes are confined and so is susceptible to race conditions.
Upon exiting, aa-status will set its return value to the following values:
0 if apparmor is enabled and policy is loaded.
1 if apparmor is not enabled/loaded.
2 if apparmor is enabled but no policy is loaded.
3 if the apparmor control files aren't available under /sys/kernel/security/.
4 if the user running the script doesn't have enough privileges to read the apparmor control files.
If you find any additional bugs, please report them at <http://https://bugs.launchpad.net/apparmor/+filebug>.
SEE ALSO apparmor(7), apparmor.d(5), and <http://wiki.apparmor.net>.
AppArmor 2.7.0~beta1 2010-12-20 AA-STATUS(8)
Check Out this Related Man Page
AA-UNCONFINED(8) AppArmor AA-UNCONFINED(8)NAME
aa-unconfined - output a list of processes with tcp or udp ports that do not have AppArmor profiles loaded
SYNOPSIS
aa-unconfined
DESCRIPTION
aa-unconfined will use netstat(8) to determine which processes have open network sockets and do not have AppArmor profiles loaded into the
kernel.
BUGS
aa-unconfined must be run as root to retrieve the process executable link from the /proc filesystem. This program is susceptible to race
conditions of several flavours: an unlinked executable will be mishandled; an executable started before a AppArmor profile is loaded will
not appear in the output, despite running without confinement; a process that dies between the netstat(8) and further checks will be
mishandled. This program only lists processes using TCP and UDP. In short, this program is unsuitable for forensics use and is provided
only as an aid to profiling all network-accessible processes in the lab.
If you find any bugs, please report them at <http://https://bugs.launchpad.net/apparmor/+filebug>.
SEE ALSO netstat(8), apparmor(7), apparmor.d(5), aa_change_hat(2), and <http://wiki.apparmor.net>.
AppArmor 2.7.103 2012-06-28 AA-UNCONFINED(8)
i am writing a utility that displays information about all the running processes in the /proc directory.
I do not know how to get the following information for each of the processes in the /proc directory:
-effective user id
-effective user name
-effective group id
-effective group name... (3 Replies)
Hi,
I would like to copy a file from one location to another. But that particular file is not fully loaded. I like to copy a file once it's fully loaded or complete file. How to ensure whether file is fully loaded or complete file?.
-Thambi (5 Replies)
I need to write a script which checks for files loaded into a folder (files are loaded by ftp from other server) and process the file only if the file is loaded completely.
if the file is not complete in the current run, it must be processed in the next run.
Any suggestions would be welcome... (2 Replies)
I have a script that displays whether a user is online or not and if they are it displays how long and if not it displays the last time they were logged on.
Now I am trying to make it so if a user is not recognized it simply says the user has never been online.
this is what I have so far
... (1 Reply)
Hello everyone, I may sound stupid for asking this but I have files that need to be loaded onto every system at work. When loaded the files are for example....
5peasw.sim
the end result needs to be
5PEASW.sim
this is for over 50 files in the directory they go to.
I am trying to... (5 Replies)