[apparmor] When DAC fails/invokes Apparmor Hooks with example
Murali Selvaraj
murali.selvaraj2003 at gmail.com
Mon Jun 14 22:45:43 UTC 2021
Hi All,
In general, Apparmor hooks will be called after DAC check/validation.
I would like to understand the theory by writing into a sample script
as follows.
Created an empty profile for this demo.sh in complain mode to understand what
the operation has been done as part of the script.
However, I could not see any apparmor logs (complaint mode logs
ALLOWED) for this script profile.
Can you please suggest what changes need to be done in the script in
order to reach Apparmor hooks
to get the Apparmor logs.
Also, pls advise me on how to find when DAC would be failed/DAC given
details to Apparmor hooks.
Pls share any easy reference code or sample code for understanding.
#!/bin/bash
while [ 1 ] ; do
echo -n "How Apparmor called after DAC"
cat /proc/self/attr/current
kill -11 1
iptables --list
ping 8.8.8.8
sleep 60
done
Thanks
Murali.S
More information about the AppArmor
mailing list