On 6/14/2021 3:45 PM, Murali Selvaraj wrote: > Hi All, > > In general, Apparmor hooks will be called after DAC check/validation. > I would like to understand the theory by writing into a sample script > as follows. > > Created an empty profile for this demo.sh in complain mode to understand what > the operation has been done as part of the script. > > However, I could not see any apparmor logs (complaint mode logs > ALLOWED) for this script profile. > Can you please suggest what changes need to be done in the script in > order to reach Apparmor hooks > to get the Apparmor logs. > > Also, pls advise me on how to find when DAC would be failed/DAC given > details to Apparmor hooks. > Pls share any easy reference code or sample code for understanding. > > #!/bin/bash > while [ 1 ] ; do > echo -n "How Apparmor called after DAC" > cat /proc/self/attr/current > kill -11 1 > iptables --list > ping 8.8.8.8 > sleep 60 > done
What do you expect this script to do? > > Thanks > Murali.S > -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
