← Back to team overview

touch-packages team mailing list archive

[Bug 1294797] Re: aa-genprof traceback with apparmor 2.8.95

 

** Changed in: apparmor (Ubuntu)
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1294797

Title:
  aa-genprof traceback with apparmor 2.8.95

Status in AppArmor:
  Fix Released
Status in apparmor package in Ubuntu:
  Fix Released
Status in apparmor source package in Trusty:
  Fix Released

Bug description:
  [impact]

  This bug makes it difficult for trusty users to use the apparmor
  policy utilities.

  [steps to reproduce]

  See below

  [regression potential]

  This issue is being addressed by updating the python utilities to the
  version in apparmor 2.9.2 as tracked in bug 1449769. This represents
  are large change which would normally be risky; however, these changes
  are isolated to the python utils (so no changes to the policy
  parser/loader or enforcement), there are a large number of bugs that
  exist in the trusty version that make using the tools difficult, so it
  would be difficult to regress further, and the updated version
  includes many new unit tests to try to prevent from regressions from
  occurring.

  [additional info]

  The python utils testsuite is run as part of the test-apparmor.py test
  script in lp:qa-regression-testing. The test-apparmor.py also has
  additional basic usage tests to ensure that basic functionality is
  maintained. These tests are run as part of the process fro each kernel
  update.

  [original description]

  In a terminal, I run:

  $ sudo aa-genprof /usr/bin/empathy
  ...
  [(S)can system log for AppArmor events] / (F)inish

  At this point, I start empathy, then stop it.

  Now I go back to the terminal:
  <press S>
  Reading log entries from /var/log/syslog.
  Updating AppArmor profiles in /etc/apparmor.d.
  Traceback (most recent call last):
    File "/usr/sbin/aa-genprof", line 150, in <module>
      lp_ret = apparmor.do_logprof_pass(logmark, passno)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2240, in do_logprof_pass
      read_profiles()
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2558, in read_profiles
      read_profile(profile_dir + '/' + file, True)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2584, in read_profile
      profile_data = parse_profile_data(data, file, 0)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2689, in parse_profile_data
      filelist[file]['profiles'][profile][hat] = True
  TypeError: 'bool' object does not support item assignment

  If I run it again, I get a different traceback:
  Traceback (most recent call last):
    File "/usr/sbin/aa-genprof", line 150, in <module>
      lp_ret = apparmor.do_logprof_pass(logmark, passno)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2240, in do_logprof_pass
      read_profiles()
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2558, in read_profiles
      read_profile(profile_dir + '/' + file, True)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2584, in read_profile
      profile_data = parse_profile_data(data, file, 0)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3031, in parse_profile_data
      raise AppArmorException(_('Syntax Error: Unknown line found in file: %s line: %s') % (file, lineno + 1))
  apparmor.common.AppArmorException: 'Syntax Error: Unknown line found in file: /etc/apparmor.d/zz-unconfined line: 3'

  /etc/apparmor.d/zz-unconfined contains:
  # v2 compatible wildly permissive profile
  profile "zz_unconfined" {
    capability,
    network,
    /** rwlkm,
    /** pix,

    # TODO: when dbus hits:
    dbus,
  }

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1294797/+subscriptions