2010-12-20 13:47:09 -06:00
|
|
|
# This publication is intellectual property of Novell Inc. and Canonical
|
|
|
|
|
# Ltd. Its contents can be duplicated, either in part or in whole, provided
|
|
|
|
|
# that a copyright label is visibly located on each copy.
|
|
|
|
|
#
|
2006-04-11 21:52:54 +00:00
|
|
|
# All information found in this book has been compiled with utmost
|
|
|
|
|
# attention to detail. However, this does not guarantee complete accuracy.
|
2010-12-20 13:47:09 -06:00
|
|
|
# Neither SUSE LINUX GmbH, Canonical Ltd, the authors, nor the translators
|
|
|
|
|
# shall be held liable for possible errors or the consequences thereof.
|
|
|
|
|
#
|
2006-04-11 21:52:54 +00:00
|
|
|
# Many of the software and hardware descriptions cited in this book
|
|
|
|
|
# are registered trademarks. All trade names are subject to copyright
|
|
|
|
|
# restrictions and may be registered trade marks. SUSE LINUX GmbH
|
2010-12-20 13:47:09 -06:00
|
|
|
# and Canonical Ltd. essentially adhere to the manufacturer's spelling.
|
|
|
|
|
#
|
2006-04-11 21:52:54 +00:00
|
|
|
# Names of products and trademarks appearing in this book (with or without
|
|
|
|
|
# specific notation) are likewise subject to trademark and trade protection
|
|
|
|
|
# laws and may thus fall under copyright restrictions.
|
2010-12-20 13:47:09 -06:00
|
|
|
#
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
=pod
|
|
|
|
|
|
|
|
|
|
=head1 NAME
|
|
|
|
|
|
2008-06-11 20:19:36 +00:00
|
|
|
aa-unconfined - output a list of processes with tcp or udp ports that do
|
2006-04-11 21:52:54 +00:00
|
|
|
not have AppArmor profiles loaded
|
|
|
|
|
|
|
|
|
|
=head1 SYNOPSIS
|
|
|
|
|
|
2008-06-11 20:19:36 +00:00
|
|
|
B<aa-unconfined>
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
=head1 DESCRIPTION
|
|
|
|
|
|
2008-06-11 20:19:36 +00:00
|
|
|
B<aa-unconfined> will use netstat(8) to determine which processes have open
|
2006-04-11 21:52:54 +00:00
|
|
|
network sockets and do not have AppArmor profiles loaded into the kernel.
|
|
|
|
|
|
|
|
|
|
=head1 BUGS
|
|
|
|
|
|
2008-06-11 20:19:36 +00:00
|
|
|
B<aa-unconfined> must be run as root to retrieve the process executable
|
2006-04-11 21:52:54 +00:00
|
|
|
link from the F</proc> filesystem. This program is susceptible to race
|
|
|
|
|
conditions of several flavours: an unlinked executable will be mishandled;
|
|
|
|
|
an executable started before a AppArmor profile is loaded will not
|
|
|
|
|
appear in the output, despite running without confinement; a process that dies
|
|
|
|
|
between the netstat(8) and further checks will be mishandled. This
|
|
|
|
|
program only lists processes using TCP and UDP. In short, this
|
|
|
|
|
program is unsuitable for forensics use and is provided only as an aid
|
|
|
|
|
to profiling all network-accessible processes in the lab.
|
|
|
|
|
|
2010-12-20 13:47:09 -06:00
|
|
|
If you find any bugs, please report them at
|
2013-09-19 21:21:43 +02:00
|
|
|
L<https://bugs.launchpad.net/apparmor/+filebug>.
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
=head1 SEE ALSO
|
|
|
|
|
|
2010-12-20 13:47:09 -06:00
|
|
|
netstat(8), apparmor(7), apparmor.d(5), aa_change_hat(2), and
|
|
|
|
|
L<http://wiki.apparmor.net>.
|
2006-04-11 21:52:54 +00:00
|
|
|
|
|
|
|
|
=cut
|
