Сравнение постов
Различия между постами
#156239 (12.12.2020 14:55)
и
#176139 (25.04.2021 07:22).
1 | miko@ubu:~$ sudo aa-genprof free | |
2 | ||
3 | Before you begin, you may wish to check if a profile already exists for the application you wish to confine. See the following wiki page for more information: | |
4 | https://gitlab.com/apparmor/apparmor/wikis/Profiles | |
5 | ||
6 | Profiling: /usr/bin/free | |
7 | ||
8 | Please start the application to be profiled in another window and exercise its functionality now. | |
9 | ||
10 | Once completed, select the "Scan" option below in order to scan the system logs for AppArmor events. | |
11 | ||
12 | For each AppArmor event, you will be given the opportunity to choose whether the access should be | |
13 | allowed or denied. | |
14 | ||
15 | [(S)can system log for AppArmor events] / (F)inish | |
16 | Reading log entries from /var/log/syslog. | |
17 | Updating AppArmor profiles in /etc/apparmor.d. | |
18 | Complain-mode changes: | |
19 | ||
20 | Profile: /usr/bin/free | |
21 | Path: /proc/sys/kernel/osrelease | |
22 | New Mode: r | |
23 | Severity: 6 | |
24 | ||
25 | [1 - /proc/sys/kernel/osrelease r,] | |
26 | (A)llow / [(D)eny] / (I)gnore / (G)lob / Glob with (E)xtension / (N)ew / Audi(t) / Abo(r)t / (F)inish | |
27 | Adding /proc/sys/kernel/osrelease r, to profile. | |
28 | ||
29 | = Changed Local Profiles = | |
30 | ||
31 | The following local profiles were changed. Would you like to save them? | |
32 | ||
33 | [1 - /usr/bin/free] | |
34 | (S)ave Changes / Save Selec(t)ed Profile / [(V)iew Changes] / View Changes b/w (C)lean profiles / Abo(r)t | |
35 | ||
36 | = Changed Local Profiles = | |
37 | ||
38 | The following local profiles were changed. Would you like to save them? | |
39 | ||
40 | [1 - /usr/bin/free] | |
41 | (S)ave Changes / Save Selec(t)ed Profile / [(V)iew Changes] / View Changes b/w (C)lean profiles / Abo(r)t | |
42 | Writing updated profile for /usr/bin/free. | |
43 | ||
44 | Profiling: /usr/bin/free | |
45 | ||
46 | Please start the application to be profiled in another window and exercise its functionality now. | |
47 | Once completed, select the "Scan" option below in order to scan the system logs for AppArmor events. | |
48 | ||
49 | For each AppArmor event, you will be given the opportunity to choose whether the access should be | |
50 | allowed or denied. | |
51 | ||
52 | [(S)can system log for AppArmor events] / (F)inish | |
53 | ||
54 | Reloaded AppArmor profiles in enforce mode. | |
55 | ||
56 | Please consider contributing your new profile! | |
57 | See the following wiki page for more information: | |
58 | https://gitlab.com/apparmor/apparmor/wikis/Profiles | |
59 |