LinuxCommandLibrary

aa-cleanprof

Clean AppArmor profiles by removing redundant rules

TLDR

Clean a profile to remove unused rules

$ sudo aa-cleanprof [profile_name]
copy
Clean multiple profiles at once
$ sudo aa-cleanprof [profile1] [profile2]
copy
Specify the directory containing profiles
$ sudo aa-cleanprof -d /path/to/profiles [profile_name]
copy
Run silently without prompts
$ sudo aa-cleanprof -s [profile_name]
copy
Prevent profile reload after cleaning
$ sudo aa-cleanprof --no-reload [profile_name]
copy

SYNOPSIS

aa-cleanprof executable [executable ...] [-d /path/to/profiles] [--no-reload] [-s]

DESCRIPTION

aa-cleanprof removes superfluous rules from AppArmor security profiles, including rules that are already covered by an include directive or another rule. The utility also reorders rules to group similar ones together and removes all comments from the profile file.

PARAMETERS

-d, --dir /path/to/profiles

Specifies the directory containing AppArmor profiles; defaults to /etc/apparmor.d
--no-reload
Prevents the profile from being reloaded after modifications
-s, --silent
Automatically overwrites the profile without prompting the user
-h, --help
Display help information

CAVEATS

This utility removes all comments from profile files, which may eliminate useful documentation or notes within the profiles.

HISTORY

Part of the AppArmor utilities package for managing application security profiles on Linux systems.

SEE ALSO

aa-enforce(8), aa-complain(8), aa-disable(8), aa-genprof(8), apparmor(7)

> TERMINAL_GEAR

Curated for the Linux community

Copied to clipboard

> TERMINAL_GEAR

Curated for the Linux community