AppArmor is a Linux Kernel security module that implements mandatory access control (MAC) security with per-application profiles in Debian based systems. It's possible to confirm if AppArmor is enabled in your Debian or Ubuntu system and to also find out the mode it's running in.
AppArmor Status with aa-status Command
aa-status command will list the currently loaded AppArmor modules.
For instance, here's how it looks on a system where AppArmor is inactive (Debian 9 in my case):
root@debian9:~# aa-status apparmor module is loaded. apparmor filesystem is not mounted.
And here is how AppArmor status is reported on Debian 10 system where it's activated by default:
root@debian10:~# aa-status apparmor module is loaded. 20 profiles are loaded. 18 profiles are in enforce mode. /usr/bin/evince /usr/bin/evince-previewer /usr/bin/evince-previewer//sanitized_helper /usr/bin/evince-thumbnailer /usr/bin/evince//sanitized_helper /usr/bin/man /usr/lib/telepathy/mission-control-5 /usr/lib/telepathy/telepathy-* /usr/lib/telepathy/telepathy-*//pxgsettings /usr/lib/telepathy/telepathy-*//sanitized_helper /usr/lib/telepathy/telepathy-ofono libreoffice-senddoc libreoffice-soffice//gpg libreoffice-xpdfimport man_filter man_groff nvidia_modprobe nvidia_modprobe//kmod 2 profiles are in complain mode. libreoffice-oopslash libreoffice-soffice 0 processes have profiles defined. 0 processes are in enforce mode. 0 processes are in complain mode. 0 processes are unconfined but have a profile defined.
Leave a Reply