User Tools
модуль_apparmor
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
модуль_apparmor [2022/07/13 11:59] val [Включение/Выключение] |
модуль_apparmor [2024/09/07 15:38] (current) val [Определение наличия и правка профилей для служб] |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| * [[http://www.ibm.com/developerworks/ru/library/l-apparmor-1/index.html|Безопасный Linux : Часть первая. AppArmor – песочница для приложений]] | * [[http://www.ibm.com/developerworks/ru/library/l-apparmor-1/index.html|Безопасный Linux : Часть первая. AppArmor – песочница для приложений]] | ||
| - | ===== Установка ===== | ||
| - | |||
| - | ==== Включение/Выключение ==== | ||
| - | |||
| - | * В Debian 10 включен по умолчанию | ||
| * [[https://wiki.debian.org/AppArmor/HowToUse|debian AppArmor HowToUse]] | * [[https://wiki.debian.org/AppArmor/HowToUse|debian AppArmor HowToUse]] | ||
| * [[https://help.ubuntu.com/community/AppArmor|ubuntu AppArmor]] | * [[https://help.ubuntu.com/community/AppArmor|ubuntu AppArmor]] | ||
| + | ===== Включение/Выключение ===== | ||
| + | |||
| + | * В Debian/Ubuntu включен по умолчанию | ||
| + | |||
| + | <code> | ||
| + | # ###apt install apparmor | ||
| + | |||
| + | # aa-status | ||
| + | </code> | ||
| + | |||
| + | === Включение === | ||
| <code> | <code> | ||
| # mkdir /etc/default/grub.d | # mkdir /etc/default/grub.d | ||
| Line 19: | Line 25: | ||
| </code><code> | </code><code> | ||
| GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=1 security=apparmor" | GRUB_CMDLINE_LINUX_DEFAULT="$GRUB_CMDLINE_LINUX_DEFAULT apparmor=1 security=apparmor" | ||
| + | </code> | ||
| + | |||
| + | === Выключение === | ||
| + | <code> | ||
| + | # cat /etc/default/grub | ||
| + | </code><code> | ||
| + | ... | ||
| + | GRUB_CMDLINE_LINUX="... apparmor=0" | ||
| + | ... | ||
| </code><code> | </code><code> | ||
| # update-grub | # update-grub | ||
| Line 24: | Line 39: | ||
| # init 6 | # init 6 | ||
| </code> | </code> | ||
| - | ==== Debian/Ubuntu ==== | ||
| - | <code> | ||
| - | # apt install apparmor | ||
| - | # aa-status | ||
| - | </code> | ||
| ===== Определение наличия и правка профилей для служб ===== | ===== Определение наличия и правка профилей для служб ===== | ||
| + | |||
| + | * [[Сервис Clamav]] | ||
| + | |||
| <code> | <code> | ||
| - | # ps axZ # apt install clamav-daemon | + | # ps axZ #| grep [c]lam |
| # find /etc/apparmor.d/ | # find /etc/apparmor.d/ | ||
| Line 49: | Line 62: | ||
| # cat /etc/apparmor.d/local/usr.sbin.dhcpd | # cat /etc/apparmor.d/local/usr.sbin.dhcpd | ||
| </code><code> | </code><code> | ||
| - | /**/dhcp/ r, | + | /**/dhcpd.conf r, |
| - | /**/dhcp/** r, | + | </code> |
| + | или | ||
| + | <code> | ||
| + | # rm /etc/apparmor.d/usr.sbin.dhcpd | ||
| </code><code> | </code><code> | ||
| # init 6 | # init 6 | ||
модуль_apparmor.1657702788.txt.gz · Last modified: 2022/07/13 11:59 by val
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
