Make pt-summary check for apparmor
It would be nice that pt-summary checks if apparmor is used and it there is a profile used for mysqld
example:
# aa-status
apparmor module is loaded.
6 profiles are loaded.
6 profiles are in enforce mode.
/sbin/dhclient
/usr/
/usr/
/usr/sbin/mysqld
/usr/sbin/ntpd
/usr/
0 profiles are in complain mode.
2 processes have profiles defined.
2 processes are in enforce mode :
/usr/sbin/mysqld (12759)
/usr/sbin/ntpd (2460)
0 processes are in complain mode.
0 processes are unconfined but have a profile defined.
and/or
ps aux -Z | grep -v unconfined
LABEL USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
/usr/sbin/ntpd ntp 2460 0.0 0.0 30768 1188 ? Ss Aug23 5:56 /usr/sbin/ntpd -p /var/run/ntpd.pid -g -u 107:114
/usr/sbin/mysqld mysql 12759 792 66.5 67743360 65854128 ? Ssl Nov21 321183:32 /usr/sbin/mysqld
Blueprint information
- Status:
- Not started
- Approver:
- None
- Priority:
- Undefined
- Drafter:
- None
- Direction:
- Needs approval
- Assignee:
- None
- Definition:
- New
- Series goal:
- None
- Implementation:
- Unknown
- Milestone target:
- None
- Started by
- Completed by