diff options
Diffstat (limited to 'todo')
-rw-r--r-- | todo | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -250,10 +250,14 @@ References | |||
250 | 250 | ||
251 | 23. AppArmor | 251 | 23. AppArmor |
252 | 252 | ||
253 | $ sudo apt-get install apparmor apparmor-profiles apparmor-utils apparmor-notify | ||
254 | |||
253 | $ sudo perl -pi -e 's,GRUB_CMDLINE_LINUX="(.*)"$,GRUB_CMDLINE_LINUX="$1 apparmor=1 security=apparmor",' /etc/default/grub | 255 | $ sudo perl -pi -e 's,GRUB_CMDLINE_LINUX="(.*)"$,GRUB_CMDLINE_LINUX="$1 apparmor=1 security=apparmor",' /etc/default/grub |
254 | $ sudo update-grub | 256 | $ sudo update-grub |
255 | $ sudo reboot | 257 | $ sudo reboot |
256 | 258 | ||
257 | $ ps auxZ | grep -v '^unconfined' | 259 | If you are using auditd, start aa-notify to get notification whenever a program causes a DENIED message. |
260 | $ sudo aa-notify -p -f /var/log/audit/audit.log | ||
261 | |||
258 | 262 | ||
259 | 263 | ||