--enabled

returns error code if AppArmor is not enabled.

--profiled

displays the number of loaded AppArmor policies.

--enforced

displays the number of loaded enforcing AppArmor policies.

--complaining

displays the number of loaded non-enforcing AppArmor policies.

--verbose

displays multiple data points about loaded AppArmor policy set (the default action if no arguments are given).

--json

displays multiple data points about loaded AppArmor policy set in a JSON format, fit for machine consumption.

--pretty-json

same as --json, formatted to be readable by humans as well as by machines.

--help

displays a short usage statement.EXIT STATUSUpon exiting, aa-status will set its exit status to the following values:0 if apparmor is enabled and policy is loaded.1 if apparmor is not enabled/loaded.2 if apparmor is enabled but no policy is loaded.3 if the apparmor control files aren't available under /sys/kernel/security/.4 if the user running the script doesn't have enough privileges to read the apparmor control files.BUGSaa-status must be run as root to read the state of the loaded policy from the apparmor module. It uses the /proc filesystem todetermine which processes are confined and so is susceptible to race conditions.If you find any additional bugs, please report them at <https://bugs.launchpad.net/apparmor/+filebug>.