← Back to team overview

touch-packages team mailing list archive

[Bug 1371765] [NEW] apparmor_parser should be able to recompile policy on bad cache

 

Public bug reported:

Right now, if given --cache-loc the parser will see if there is a cache
file. If there isn't and --write-cache is used, the parser will compile
the policy and put the binary cache in --cache-loc (fine). If there is a
cache file, it will load the cache file (also fine). If the cache file
is corrupt, the policy is not loaded into the kernel.

Not loading the policy into the kernel may be fine for certain
environments, but there should be an option on if the cache file is
corrupt, to delete it, recompile the policy and write out a new cache
file. This would be very worthwhile for Ubuntu's cache loading since
there is no way to recover from a bad cache file without user
intervention.

Setting to 'High' with tags to indicate that we want to include this on
shipping devices but that it can be delivered as OTA.

** Affects: apparmor (Ubuntu)
     Importance: High
         Status: Triaged


** Tags: ota-1 rtm14

** Changed in: apparmor (Ubuntu)
   Importance: Undecided => High

** Changed in: apparmor (Ubuntu)
       Status: New => Triaged

** Tags added: ota-1 rtm14

** Description changed:

  Right now, if given --cache-loc the parser will see if there is a cache
  file. If there isn't and --write-cache is used, the parser will compile
  the policy and put the binary cache in --cache-loc (fine). If there is a
  cache file, it will load the cache file (also fine). If the cache file
  is corrupt, the policy is not loaded into the kernel.
  
  Not loading the policy into the kernel may be fine for certain
  environments, but there should be an option on if the cache file is
  corrupt, to delete it, recompile the policy and write out a new cache
  file. This would be very worthwhile for Ubuntu's cache loading since
  there is no way to recover from a bad cache file without user
  intervention.
+ 
+ Setting to 'High' with tags to indicate that we want to include this on
+ shipping devices but that it can be delivered as OTA.

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1371765

Title:
  apparmor_parser should be able to recompile policy on bad cache

Status in “apparmor” package in Ubuntu:
  Triaged

Bug description:
  Right now, if given --cache-loc the parser will see if there is a
  cache file. If there isn't and --write-cache is used, the parser will
  compile the policy and put the binary cache in --cache-loc (fine). If
  there is a cache file, it will load the cache file (also fine). If the
  cache file is corrupt, the policy is not loaded into the kernel.

  Not loading the policy into the kernel may be fine for certain
  environments, but there should be an option on if the cache file is
  corrupt, to delete it, recompile the policy and write out a new cache
  file. This would be very worthwhile for Ubuntu's cache loading since
  there is no way to recover from a bad cache file without user
  intervention.

  Setting to 'High' with tags to indicate that we want to include this
  on shipping devices but that it can be delivered as OTA.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1371765/+subscriptions


Follow ups

References