LinuxCommandLibrary

aa-status

Report AppArmor profile and confinement status

TLDR

Check AppArmor status

$ sudo aa-status
copy
Display status in JSON format
$ sudo aa-status --json
copy
Display status in pretty JSON format
$ sudo aa-status --pretty-json
copy
Display the number of loaded policies
$ sudo aa-status --profiled
copy
Display the number of enforcing policies
$ sudo aa-status --enforced
copy
Display the number of complaining policies
$ sudo aa-status --complaining
copy
Display the number of policies in kill mode
$ sudo aa-status --kill
copy

SYNOPSIS

aa-status [option]

DESCRIPTION

aa-status reports the current state of AppArmor confinement on the system. By default, it displays a summary of loaded profiles grouped by enforcement mode (enforce, complain, kill, unconfined), the number of confined processes, and which profiles apply to them. Individual flags can query specific counters for use in scripts. The --json and --pretty-json flags provide machine-parseable output suitable for monitoring and automation pipelines.

PARAMETERS

--enabled

Returns error code if AppArmor is not active
--profiled
Shows count of loaded AppArmor policies
--enforced
Shows count of enforcing policies
--complaining
Shows count of non-enforcing policies
--kill
Shows count of enforcing policies that terminate tasks on violations
--special-unconfined
Shows count of unconfined mode policies
--process-mixed
Shows processes confined by stacked profiles in different modes
--verbose
Displays comprehensive AppArmor policy data (default behavior)
--json
Outputs policy data in JSON format for machine processing
--pretty-json
Provides human and machine-readable JSON output
--help
Displays usage information

CAVEATS

Exit codes indicate different states: 0 = enabled with policy, 1 = not enabled, 2 = enabled but no policy, 3 = control files unavailable, 4 = insufficient privileges.

HISTORY

Part of the AppArmor utilities package for managing application security profiles on Linux systems.

SEE ALSO

> TERMINAL_GEAR

Curated for the Linux community

Copied to clipboard

> TERMINAL_GEAR

Curated for the Linux community