Mastering Linux Administration by Alexandru Calcatinge Julian Balog

Author:Alexandru Calcatinge, Julian Balog
Language: eng
Format: epub
Publisher: Packt Publishing Limited
Published: 2021-05-20T00:00:00+00:00

Figure 9.38 – Remnants of the iterative process

They will all be named according to the path of or our application (/home/packt/appackt). We can clean up these entries with the following command:

sudo aa-remove-unknown

We can now verify that our app is indeed guarded with AppArmor:

sudo aa-status

The relevant excerpt from the output is as follows:

Figure 9.39 – appackt in complain mode

Our application (/home/packt/appackt) is shown, as expected, in complain mode. The other two are system application-related and are not relevant for us.

Next, we need to validate that our app complies with the security policies enforced by AppArmor. Let's edit the appackt script and change the LOG_FILE path in line 6 to the following:

LOG_FILE="./logs/appackt"

We have changed the output directory from log to logs. Let's create the logs directory and run our app:

mkdir logs

./appackt

The preceding output suggests that appackt is attempting to access a path outside the permitted boundaries by AppArmor, thus validating our profile:

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.