def is_app_armor_enabled(): """ Returns a True/False if AppArmor is enabled. """ try: import LibAppArmor except ImportError: # If Python bindings for AppArmor are not installed (if we're # running on Jessie where we can't build python3-apparmor package) # we resort to calling aa-status executable. try: from sh import aa_status except ImportError: return False # Return codes (as per aa-status(8)): # 0 if apparmor is enabled and policy is loaded. # 1 if apparmor is not enabled/loaded. # 2 if apparmor is enabled but no policy is loaded. # 3 if the apparmor control files aren't available under /sys/kernel/security/. # 4 if the user running the script doesn't have enough privileges to read the apparmor # control files. return aa_status(['--enabled'], _ok_code=[0, 1, 2, 3, 4]).exit_code in [0, 2] else: return LibAppArmor.aa_is_enabled() == 1
def is_app_armor_enabled(): """ Returns a True/False if AppArmor is enabled. """ try: from sh import aa_status except ImportError: return False # Returns 0 if enabled and 1 if disable get_aa_status = aa_status(['--enabled'], _ok_code=[0, 1]).exit_code if get_aa_status == 1: return False return True