forked from cheat/cheatsheets
-
Notifications
You must be signed in to change notification settings - Fork 0
/
apparmor
18 lines (14 loc) · 614 Bytes
/
apparmor
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
# apparmor will protect a system by confining programs to a limited set of resources.
# To activate a profile:
sudo aa-enforce usr.bin.firefox
# or
export _PROFILE_='usr.bin.firefox' sudo $(rm /etc/apparmor.d/disable/$_PROFILE_ ; cat /etc/apparmor.d/$_PROFILE_ | apparmor_parser -a )
# To disable a profile:
sudo aa-disable usr.bin.firefox
# or
export _PROFILE_='usr.bin.firefox' sudo $(ln -s /etc/apparmor.d/$_PROFILE_ /etc/apparmor.d/disable/ && apparmor_parser -R /etc/apparmor.d/$_PROFILE_)
# To list profiles loaded:
sudo aa-status
# or
sudo apparmor_status
# List of available profiles: /etc/apparmor.d/