=== ebarretto_ is now known as ebarretto
=== ebarretto_ is now known as 074AAA7KQ
=== 074AAA7KQ is now known as ebarretto
=== kajiya_ is now known as kajiya
=== chris14_ is now known as chris14
=== JanC_ is now known as JanC
Guest66I would like to know more about apparmor. For example, when considering server hardening, should apparmor left alone (ie. at defaults) or should applications be actively managed , or should applications unknown to apparmor be actively managed by creating profiles for them? Is there a list of profiles contained in the apparmor-profiles package13:54
Guest66(which is not installed by default) somewhere?13:54
rbasakGuest66: https://packages.ubuntu.com/jammy/all/apparmor-profiles/filelist14:19
rbasakYou might find the output of "sudo aa-status" helpful. Compare that with the services you run.14:20
sdeziel`ps fauxZ` is also handy to ID which profiles cover which processes14:22
Guest66thanks. I see that aa-status reports the currently loaded profiles which is handy. It doesn't tell me what's in that apparmor-profiles package though.14:42
Guest66ps fauxZ - not seem that one before. It shows a list of everything unconfined. Also useful. I guess between the two one can determine whether an app is managed by apparmor or not.14:44
Guest66I like that is also shows which user owns the running process. Thnx14:47
Guest66actually ps -ef does that as well...14:48
Guest66ios the an apparmor specific project, or irc channel?14:55
JanCGuest66: there is #apparmor on OFTC14:59
Guest66I guess that's why I didn't find that channel on Libera :-)15:06
=== JanC_ is now known as JanC
=== sdeziel_ is now known as sdeziel
=== JanC is now known as Guest340
=== JanC_ is now known as JanC
=== Serge is now known as hallyn

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!