Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- sudo apt-get install apparmor-utils
- #view the current status of apparmor
- sudo apparmor_status
- sudo aa-status
- #AppArmor profiles
- /etc/apparmor.d/
- #clear the profiles cache
- /etc/init.d/apparmor stop
- #unload the profile
- /etc/init.d/apparmor teardown
- #enable complain mode for dhclient
- sudo aa-complain /sbin/dhclient
- sudo aa-enforce /sbin/dhclient
- sudo aa-status
- sudo docker run --rm -i --security-opt apparmor=unconfined debian:jessie bash -i &
- $ ps -ef | grep bash
- root 25643 25628 0 11:11 ? 00:00:00 bash -i
- #indicates the process (pid 25643)
- $ cat /proc/25643/attr/current
- unconfined
- sudo docker run --rm -i --security-opt apparmor=docker-default debian:jessie bash -i &
- $ ps -ef | grep bash
- #indicates the process (pid 5138)
- $ cat /proc/5138/attr/current
- docker run --rm -it --security-opt apparmor=docker-default hello-world
- #Run without the default seccomp profile
- docker run --rm -it --security-opt seccomp=unconfined debian:jessie \
- unshare --map-root-user --user sh -c whoami
Add Comment
Please, Sign In to add comment