AA-EXEC(1) | AppArmor | AA-EXEC(1) |
aa-exec - confine a program with the specified AppArmor profile
aa-exec [options] [--] [<command> ...]
aa-exec is used to launch a program confined by the specified profile and or namespace. If both a profile and namespace are specified command will be confined by profile in the new policy namespace. If only a namespace is specified, the profile name of the current confinement will be used. If neither a profile or namespace is specified command will be run using standard profile attachment (ie. as if run without the aa-exec command).
If the arguments are to be pasted to the <command>
being invoked by aa-exec then -- should be used to separate aa-exec
arguments from the command.
aa-exec -p profile1 -- ls -l
If you find any bugs, please report them at <https://gitlab.com/apparmor/apparmor/-/issues>
aa-stack(8), aa-namespace(8), apparmor(7), apparmor.d(5), aa_change_profile(3), aa_change_onexec(3) and <https://wiki.apparmor.net>.
2023-02-14 | AppArmor 3.0.8 |