← Back to team overview

touch-packages team mailing list archive

[Bug 1298678] Re: Python utils lack support for pivot_root rules

 

** Changed in: apparmor
    Milestone: None => 2.9.0

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1298678

Title:
  Python utils lack support for pivot_root rules

Status in AppArmor Linux application security framework:
  In Progress
Status in “apparmor” package in Ubuntu:
  Fix Released

Bug description:
  aa.py doesn't support pivot_root rules and emits a traceback when
  encountering them:

  $ mkdir /tmp/profs
  $ printf "profile pr {\n pivot_root /other,\n }" > /tmp/profs/pr
  $ sudo aa-enforce -d /tmp/profs /tmp/profs/pr
  Traceback (most recent call last):
    File "/usr/sbin/aa-enforce", line 30, in <module>
      tool.cmd_enforce()
    File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 153, in cmd_enforce
      apparmor.read_profiles()
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2564, in read_profiles
      read_profile(profile_dir + '/' + file, True)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2590, in read_profile
      profile_data = parse_profile_data(data, file, 0)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3063, in parse_profile_data
      raise AppArmorException(_('Syntax Error: Unknown line found in file: %s line: %s') % (file, lineno + 1))
  apparmor.common.AppArmorException: 'Syntax Error: Unknown line found in file: /tmp/profs/pr line: 2'
  Error in sys.excepthook:
  Traceback (most recent call last):
    File "/usr/lib/python3/dist-packages/apport_python_hook.py", line 103, in apport_excepthook
      pr.add_proc_info(extraenv=['PYTHONPATH', 'PYTHONHOME'])
    File "/usr/lib/python3/dist-packages/apport/report.py", line 546, in add_proc_info
      ret = self.get_logind_session(pid)
    File "/usr/lib/python3/dist-packages/apport/report.py", line 1593, in get_logind_session
      if len(my_cgroup) < 2:
  UnboundLocalError: local variable 'my_cgroup' referenced before assignment

  Original exception was:
  Traceback (most recent call last):
    File "/usr/sbin/aa-enforce", line 30, in <module>
      tool.cmd_enforce()
    File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 153, in cmd_enforce
      apparmor.read_profiles()
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2564, in read_profiles
      read_profile(profile_dir + '/' + file, True)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2590, in read_profile
      profile_data = parse_profile_data(data, file, 0)
    File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3063, in parse_profile_data
      raise AppArmorException(_('Syntax Error: Unknown line found in file: %s line: %s') % (file, lineno + 1))
  apparmor.common.AppArmorException: 'Syntax Error: Unknown line found in file: /tmp/profs/pr line: 2'

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1298678/+subscriptions