Last active
August 12, 2021 23:05
-
-
Save githubfoam/84e56bed1197d4cff7257c5e2d96a3f6 to your computer and use it in GitHub Desktop.
apparmor cheat sheet
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo apt-get install apparmor-utils | |
| #view the current status of apparmor | |
| sudo apparmor_status | |
| sudo aa-status | |
| #AppArmor profiles | |
| /etc/apparmor.d/ | |
| #clear the profiles cache | |
| /etc/init.d/apparmor stop | |
| #unload the profile | |
| /etc/init.d/apparmor teardown | |
| #enable complain mode for dhclient | |
| sudo aa-complain /sbin/dhclient | |
| sudo aa-enforce /sbin/dhclient | |
| sudo aa-status | |
| sudo docker run --rm -i --security-opt apparmor=unconfined debian:jessie bash -i & | |
| $ ps -ef | grep bash | |
| root 25643 25628 0 11:11 ? 00:00:00 bash -i | |
| #indicates the process (pid 25643) | |
| $ cat /proc/25643/attr/current | |
| unconfined | |
| sudo docker run --rm -i --security-opt apparmor=docker-default debian:jessie bash -i & | |
| $ ps -ef | grep bash | |
| #indicates the process (pid 5138) | |
| $ cat /proc/5138/attr/current | |
| docker run --rm -it --security-opt apparmor=docker-default hello-world | |
| #Run without the default seccomp profile | |
| docker run --rm -it --security-opt seccomp=unconfined debian:jessie \ | |
| unshare --map-root-user --user sh -c whoami |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment