Linux command
apparmor_parser 命令
安全
权限或系统影响较大,执行前请核对目标。
常用示例
Load
sudo apparmor_parser -a [profile_file]
Replace
sudo apparmor_parser -r [profile_file]
Remove
sudo apparmor_parser -R [profile_name]
Example
sudo apparmor_parser -C -r [path/to/profile]
Preprocess
apparmor_parser -p -o [path/to/output.cache] -Q [path/to/profile]
Example
sudo apparmor_parser -r -T [path/to/profile]
说明
apparmor_parser is used to load, compile, and manage AppArmor security profiles. It parses profiles from text format and loads them into the kernel. The parser also handles profile caching for faster subsequent loads.
参数
- -a, --add
- Add/load a profile into the kernel
- -r, --replace
- Replace an existing profile in the kernel
- -R, --remove
- Remove a profile from the kernel
- -C, --complain
- Load profile in complain mode (logs but doesn't block)
- -p, --preprocess
- Preprocess the profile (resolve includes)
- -o, --ofile file
- Write binary output to file
- -S, --stdout
- Print binary profile to stdout
- -Q, --skip-kernel-load
- Don't load profile into kernel
- -T, --skip-read-cache
- Skip reading from cache
- -W, --write-cache
- Write profile to cache
- -L, --cache-loc dir
- Specify cache directory location
- -v, --verbose
- Verbose output
- -d, --debug
- Enable debug output
FAQ
What is the apparmor_parser command used for?
apparmor_parser is used to load, compile, and manage AppArmor security profiles. It parses profiles from text format and loads them into the kernel. The parser also handles profile caching for faster subsequent loads.
How do I run a basic apparmor_parser example?
Run `sudo apparmor_parser -a [profile_file]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does -a, --add do in apparmor_parser?
Add/load a profile into the kernel