API tools faq
paste
Guest User

Untitled

a guest
Jun 21st, 2018
49
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.98 KB | None | 0 0
raw download clone embed print report
  1. sudo apt-get install apparmor-utils
  2.  
  3. #view the current status of apparmor
  4. sudo apparmor_status
  5. sudo aa-status
  6.  
  7. #AppArmor profiles
  8. /etc/apparmor.d/
  9. #clear the profiles cache
  10. /etc/init.d/apparmor stop
  11. #unload the profile
  12. /etc/init.d/apparmor teardown
  13.  
  14. #enable complain mode for dhclient
  15. sudo aa-complain /sbin/dhclient
  16. sudo aa-enforce /sbin/dhclient
  17. sudo aa-status
  18.  
  19.  
  20. sudo docker run --rm -i --security-opt apparmor=unconfined debian:jessie bash -i &
  21. $ ps -ef | grep bash
  22. root 25643 25628 0 11:11 ? 00:00:00 bash -i
  23. #indicates the process (pid 25643)
  24. $ cat /proc/25643/attr/current
  25. unconfined
  26.  
  27. sudo docker run --rm -i --security-opt apparmor=docker-default debian:jessie bash -i &
  28. $ ps -ef | grep bash
  29. #indicates the process (pid 5138)
  30. $ cat /proc/5138/attr/current
  31.  
  32. docker run --rm -it --security-opt apparmor=docker-default hello-world
  33. #Run without the default seccomp profile
  34. docker run --rm -it --security-opt seccomp=unconfined debian:jessie \
  35. unshare --map-root-user --user sh -c whoami
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!