touch-packages team mailing list archive
-
touch-packages team
-
Mailing list archive
-
Message #67742
[Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Description changed:
+ [SRU justification]
+
+ [Impact]
+
$ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.*
Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode.
Traceback (most recent call last):
- File "/usr/sbin/aa-complain", line 30, in <module>
- tool.cmd_complain()
- File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 171, in cmd_complain
- apparmor.read_profiles()
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2573, in read_profiles
- read_profile(profile_dir + '/' + file, True)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2599, in read_profile
- profile_data = parse_profile_data(data, file, 0)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2853, in parse_profile_data
- store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3277, in store_list_var
- raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename))
+ File "/usr/sbin/aa-complain", line 30, in <module>
+ tool.cmd_complain()
+ File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 171, in cmd_complain
+ apparmor.read_profiles()
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2573, in read_profiles
+ read_profile(profile_dir + '/' + file, True)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2599, in read_profile
+ profile_data = parse_profile_data(data, file, 0)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2853, in parse_profile_data
+ store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3277, in store_list_var
+ raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename))
apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq'
-
$ sudo grep -R TFTP_DIR /etc/apparmor.d/
/etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot
/etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r,
/etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r,
Looks like the tools are re-parsing everything, but not resetting
whatever is storing the variable declarations.
+
+ [Test Case]
+
+ sudo aa-enforce /etc/apparmor.d/*
+
+ got error
+
+ [Regression Potential]
+
+ [Other Info]
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1378095
Title:
aa-complain traceback when marking multiple profiles
Status in AppArmor Linux application security framework:
Fix Committed
Status in AppArmor 2.9 series:
Fix Committed
Status in AppArmor master series:
Fix Committed
Status in apparmor package in Ubuntu:
In Progress
Status in apparmor source package in Trusty:
In Progress
Bug description:
[SRU justification]
[Impact]
$ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.*
Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode.
Traceback (most recent call last):
File "/usr/sbin/aa-complain", line 30, in <module>
tool.cmd_complain()
File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 171, in cmd_complain
apparmor.read_profiles()
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2573, in read_profiles
read_profile(profile_dir + '/' + file, True)
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2599, in read_profile
profile_data = parse_profile_data(data, file, 0)
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2853, in parse_profile_data
store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file)
File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3277, in store_list_var
raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename))
apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq'
$ sudo grep -R TFTP_DIR /etc/apparmor.d/
/etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot
/etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r,
/etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r,
Looks like the tools are re-parsing everything, but not resetting
whatever is storing the variable declarations.
[Test Case]
sudo aa-enforce /etc/apparmor.d/*
got error
[Regression Potential]
[Other Info]
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions
