diff options
| author | Silvino Silva <silvino@bk.ru> | 2018-04-04 19:50:15 +0100 |
|---|---|---|
| committer | Silvino Silva <silvino@bk.ru> | 2018-04-04 19:50:15 +0100 |
| commit | 149a6db9c80f48a037425393e50e510a10bc8570 (patch) | |
| tree | fdd9c745940f2e443d95023690938daec68f9712 | |
| parent | b9154956f47175df5952695724f210e276e98676 (diff) | |
| download | doc-149a6db9c80f48a037425393e50e510a10bc8570.tar.gz | |
core apparmor parser
| -rw-r--r-- | core/apparmor.html | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/core/apparmor.html b/core/apparmor.html index cc5c3f4..e44acef 100644 --- a/core/apparmor.html +++ b/core/apparmor.html @@ -32,6 +32,69 @@ none /sys/kernel/security securityfs defaults 0 0 </pre> + <p>Check status;</p> + + <pre> + # apparmor_status + </pre> + + <p>Utilities;</p> + + <pre> + aa-audit aa-disable aa-genprof aa-status + aa-autodep aa-easyprof aa-logprof aa-unconfined + aa-cleanprof aa-enabled aa-mergeprof + aa-complain aa-enforce aa-notify + aa-decode aa-exec aa-remove-unknown + </pre> + + <p>apparmor_parser options;</p> + + <pre> + Usage: apparmor_parser [options] [profile] + + Options: + -------- + -a, --add Add apparmor definitions [default] + -r, --replace Replace apparmor definitions + -R, --remove Remove apparmor definitions + -C, --Complain Force the profile into complain mode + -B, --binary Input is precompiled profile + -N, --names Dump names of profiles in input. + -S, --stdout Dump compiled profile to stdout + -o n, --ofile n Write output to file n + -b n, --base n Set base dir and cwd + -I n, --Include n Add n to the search path + -f n, --subdomainfs n Set location of apparmor filesystem + -m n, --match-string n Use only features n + -M n, --features-file n Use only features in file n + -n n, --namespace n Set Namespace for the profile + -X, --readimpliesX Map profile read permissions to mr + -k, --show-cache Report cache hit/miss details + -K, --skip-cache Do not attempt to load or save cached profiles + -T, --skip-read-cache Do not attempt to load cached profiles + -W, --write-cache Save cached profile (force with -T) + --skip-bad-cache Don't clear cache if out of sync + --purge-cache Clear cache regardless of its state + --debug-cache Debug cache file checks + -L, --cache-loc n Set the location of the profile cache + -q, --quiet Don't emit warnings + -v, --verbose Show profile names as they load + -Q, --skip-kernel-load Do everything except loading into kernel + -V, --version Display version info and exit + -d [n], --debug Debug apparmor definitions OR [n] + -p, --preprocess Dump preprocessed profile + -D [n], --dump Dump internal info for debugging + -O [n], --Optimize Control dfa optimizations + -h [cmd], --help[=cmd] Display this text or info about cmd + -j n, --jobs n Set the number of compile threads + --max-jobs n Hard cap on --jobs. Default 8*cpus + --abort-on-error Abort processing of profiles on first error + --skip-bad-cache-rebuild Do not try rebuilding the cache if it is rejected by the kernel + --warn n Enable warnings (see --help=warn) + </pre> + # + <a href="index.html">Core OS Index</a> <p>This is part of the c9 Manual. Copyright (C) 2018 |