If you like BoxMatrix then please contribute Supportdata, Supportdata2, Firmware and/or Hardware (get in touch).
My metamonk@yahoo.com is not reachable by me since years. Please use hippie2000@webnmail.de instead.

0
U

Property:apparmor (lincmd)

From BoxMatrix


BoxMatrix >> Shell-Commands >> apparmor (lincmd) @ BoxMatrix   -   IRC-Chat   -   Translate: de es fr it nl pl
News Selectors Models Accessories Components Environment Config Commands System Webif Software Develop Lexicon Community Project Media

Startup-Scr Hotplug-Scr BusyBox-Cmds Bash-Cmds AVM-Cmds Chipset-Cmds Linux-Cmds Shared-Libs Kernel-Mods Research

Info
  
Name-Collision - multiple objects in this wiki use the name apparmor!
apparmor (initscr) TODO
apparmor (lincmd) Kernel enhancement to confine programs to a limited set of resources.

Linux-Command

Goto:   GPL-Browser  -  Dependencies   -   Model-Matrix   -   Symbols   -   SMW-Browser

Details

apparmor is a Kernel enhancement to confine programs to a limited set of resources.

See also the Wikipedia page and the AppArmor homepage.

Fw 7.39 help:

root@fritz0:/var/mod/root# apparmor

usage: apparmor [option]
    -s        Show audit status
    -l        Dump audit status + backlog + summary to stdout
    -w        Watch audit logs (they are not printed to kmesg while this is running)
    -f        Dump apparmor features to /tmp/apparmor_features
    -b <num>  Sets audit backlog_limit to <num>

apparmor is loaded via the apparmor (initscr) init script which is launched by supervisor service apparmor.service.
Simplified from the fw 7.39 init script:

for PROFILE in /lib/apparmor.d/* ; do
    dd if=$PROFILE of=/sys/kernel/security/apparmor/.load bs=1M
done

In fw 7.39 there is only one profile, for the nqcs SMB daemon:

root@fritz0:/var/mod/root# ls -l /lib/apparmor.d/

-rw-r--r--    1 root     root          9273 Oct  6  2022 sbin.nqcs.bin

Everything is done in the Kernel, the apparmor executable is only used to acquire status info.

From the fw 7.39 supportdata plugin basis_apparmor:

root@fritz0:/var/mod/root# cat /sys/kernel/security/apparmor/profiles

/sbin/nqcs (enforce)

Also from the fw 7.39 supportdata plugin basis_apparmor without attached profile:

root@fritz0:/var/mod/root# apparmor -l

status: [enabled=1 failure_action=1 rate_limit=0 backlog_limit=64 lost=0]
log_summary: [attached_successful=1 num=0]

And from the fw 7.50 supportdata plugin basis_apparmor with attached profile:

root@fritz1:/var/media/ftp# apparmor -l

status: [enabled=1 failure_action=1 rate_limit=0 backlog_limit=64 lost=0]
audit(19.715:2): apparmor="STATUS" operation="profile_load" name="/sbin/nqcs" pid=851 comm="dd"
log_summary: [attached_successful=1 num=1]

GPL-Browser

Daily updated index of all apparmor code findings on the GPL-Browser. Last update: 2024-03-19 05:08 GMT.
The Browse column points to the Path containing the respective source code on the gpl.boxmatrix.info service.
The SoC column lists the Chip-Codenames, the Model column lists the nicks of the Box-Models.
The Diff column links the comparison of the AVM Kernel to the pristine original from Kernel.org.
The Download column links the full tarball the respective directory content is extracted from.
The presence of the source does not mean it fits the respective model and architecture. See the Model-Matrix where it's used.

Dependencies

Daily updated index of all dependencies of this command. Last update: 2024-03-19 07:32 GMT.
A * in the Mod column marks info from Supportdata-Probes, which will always stay incomplete.

Relation Typ Object Mod Firmware Info Origin
0 dependencies for this command

Model-Matrix

Daily updated index of the presence, path and size of this command for each model. Last update: 2024-03-19 06:01 GMT.
Showing all models using this command. Click any column header (click-wait-click) to sort the list by the respective data.
The (main/scrpn/boot/arm/prx/atom) label in the Model column shows which CPU is meant for models with multiple Linux instances.
Note that this list is merged from Firmware-Probes of all known AVM firmware for a model, including Recovery.exe and Labor-Files.

Model Firmware Path Size
FRITZ!Box 3490 (main) 7.27 - 7.30 /usr/bin 14.4k
FRITZ!Box 4020 7.39 /usr/bin 17.4k
FRITZ!Box 4040 7.24 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 4060 7.26 - 7.57 /usr/bin 13.2k - 17.4k
FRITZ!Box 5490 (main) 7.27 - 7.29 /usr/bin 14.4k
FRITZ!Box 5491 (main) 7.27 - 7.29 /usr/bin 14.4k
FRITZ!Box 5530 Fiber (main) 7.39 /usr/bin 17.4k
FRITZ!Box 5590 Fiber (arm) 7.27 - 7.80 /usr/bin 13.2k - 17.4k
FRITZ!Box 6430 Cable (arm) 7.29 - 7.57 /usr/bin 13.2k - 17.4k
FRITZ!Box 6430 Cable (atom) 7.29 /usr/bin 13.2k
FRITZ!Box 6490 Cable (arm) 7.19 - 7.57 /usr/bin 13.2k - 17.4k
FRITZ!Box 6490 Cable (atom) 7.19 - 7.51 /usr/bin 13.2k
FRITZ!Box 6590 Cable (arm) 7.19 - 7.57 /usr/bin 13.2k - 17.4k
FRITZ!Box 6590 Cable (atom) 7.19 - 7.51 /usr/bin 13.2k
FRITZ!Box 6591 Cable (arm) 7.19 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 6591 Cable (atom) 7.19 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 6660 Cable (arm) 7.19 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 6660 Cable (atom) 7.19 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 6690 Cable (arm) 7.28 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 6690 Cable (atom) 7.28 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 6820 LTE v1 7.39 /usr/bin 17.4k
FRITZ!Box 6820 LTE v2 7.39 /usr/bin 17.4k
FRITZ!Box 6840 LTE 7.39 /usr/bin 17.4k
FRITZ!Box 6850 LTE 7.21 - 7.51 /usr/bin 13.3k - 17.4k
FRITZ!Box 6850 5G 7.24 - 7.51 /usr/bin 13.3k - 17.4k
FRITZ!Box 6890 LTE 7.21 - 7.51 /usr/bin 14.1k - 17.4k
FRITZ!Box 6890 LTE v1 7.21 - 7.51 /usr/bin 14.1k - 17.4k
FRITZ!Box 6890 LTE v2 7.21 - 7.51 /usr/bin 14.1k - 17.4k
FRITZ!Box 7272 7.39 /usr/bin 17.4k
FRITZ!Box 7430 7.21 - 7.39 /usr/bin 14.4k - 17.4k
FRITZ!Box 7490 (main) 7.19 - 7.57 /usr/bin 14.4k - 17.4k
FRITZ!Box 7510 7.30 - 7.57 /usr/bin 13.3k
FRITZ!Box 7520 7.21 - 7.51 /usr/bin 13.3k - 17.4k
FRITZ!Box 7520 v2 (arm) 7.30 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Box 7530 7.19 - 7.56 /usr/bin 13.3k - 17.4k
FRITZ!Box 7530 AX 7.20 - 7.90 /usr/bin 13.4k - 17.4k
FRITZ!Box 7560 7.24 - 7.39 /usr/bin 14.1k - 17.4k
FRITZ!Box 7580 7.21 - 7.30 /usr/bin 14.1k
FRITZ!Box 7583 7.21 - 7.57 /usr/bin 14.1k - 14.2k
FRITZ!Box 7583 VDSL 7.19 - 7.31 /usr/bin 14.1k
FRITZ!Box 7590 7.19 - 7.90 /usr/bin 14.1k - 17.4k
FRITZ!Box 7590 AX 7.19 - 7.90 /usr/bin 14.1k - 17.4k
FRITZ!Repeater 600 7.39 /usr/bin 17.4k
FRITZ!Repeater 1200 7.19 - 7.58 /usr/bin 13.3k - 17.4k
FRITZ!Repeater 1200 AX 7.27 - 7.31 /usr/bin 13.3k
FRITZ!WLAN Repeater 1750E 7.39 /usr/bin 17.4k
FRITZ!Repeater 2400 7.39 /usr/bin 17.4k
FRITZ!Repeater 3000 7.19 - 7.58 /usr/bin 13.3k - 17.4k
FRITZ!Repeater 3000 AX 7.39 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Repeater 6000 7.26 - 7.57 /usr/bin 13.2k - 13.3k
FRITZ!Powerline 1260E 7.21 - 7.57 /usr/bin 13.3k - 17.4k
FRITZ!Powerline 1260 7.27 - 7.57 /usr/bin 13.3k - 13.4k
52 models use this command

Symbols

Daily updated index of all symbols of this command. Last update: 2024-03-19 07:32 GMT.

Firmware Symbol
7.19 - 7.90 main
7.39 - 7.90 reallocarray
2 symbols for this command

SMW-Browser

Information is currently being retrieved from the backend.