[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
This bug was fixed in the package apparmor - 2.8.95~2430-0ubuntu5.2 --- apparmor (2.8.95~2430-0ubuntu5.2) trusty-proposed; urgency=medium * debian/patches/php5-Zend_semaphore-lp1401084.patch: allow php5 abstraction access to Zend opcache files (LP: #1401084) * debian/patches/dnsmasq-lxc_networking-lp1403468.patch: update profile for lxc support (LP: #1403468) * debian/patches/profiles-texlive_font_generation-lp1010909.patch: allow generation of texlive fonts by sanitized-helpers (LP: #1010909) * debian/apport/source_apparmor.py: fix the apparmor apport hook so it does not raise an exception if a non-unicode character is found in /var/log/kern.log or in /var/log/syslog. This should work under python3 or python2.7 (LP: #1304447) * debian/patches/profiles-dovecot-updates-lp1296667.patch: update dovecot profiles to address several missing permissions. (LP: #1296667) * debian/patches/profiles-adjust_X_for_lightdm-lp1339727.patch: adjust X abstraction for LightDM xauthority location (LP: #1339727) * debian/patches/libapparmor-fix_memory_leaks-lp1340927.patch; fix memory leaks in log parsing component of libapparmor (LP: #1340927) * debian/patches/libapparmor-another_audit_format-lp1399027.patch: add support for another log format style (LP: #1399027) * debian/patches/tests-workaround_for_unix_socket_change-lp1425398.patch: work around apparmor kernel behavioral change in regression tests (LP: #1425398) * debian/control: add breaks on python3-apparmor against older apparmor-utils that used to be where python bits lived (LP: #1373259) * debian/patches/utils-update_to_2.9.2.patch: update the python utilities to the upstream 2.9.2 (LP: #1449769, incorporating a large number of fixes and improvements, including: - fix aa-genprof traceback with apparmor 2.8.95 (LP: #1294797) - fix aa-genprof crashing when selecting scan on Ubuntu 14.04 server (LP: #1319829) - make aa-logprof read profile instead of program binary (LP: #1317176, LP: #1324154) - aa-complain: don't traceback when marking multiple profiles (LP: #1378095) - make python tools able to parse mounts with UTF-8 non-ascii characters (LP: #1310598) -- Steve Beattie sbeat...@ubuntu.com Thu, 30 Apr 2015 12:18:08 -0700 ** Changed in: apparmor (Ubuntu Trusty) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Fix Released Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Branch linked: lp:ubuntu/apparmor ** Branch linked: lp:ubuntu/trusty-proposed/apparmor -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Fix Committed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
I have reproduced this issue with apparmor 2.8.95~2430-0ubuntu5.1 from trusty-updates, and have verified that apparmor 2.8.95~2430-0ubuntu5.2 fixes the issue. Marking verification-done. ** Tags added: verification-done -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Fix Committed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
This bug was fixed in the package apparmor - 2.9.2-0ubuntu1 --- apparmor (2.9.2-0ubuntu1) wily; urgency=medium * Update to apparmor 2.9.2 - Fix minitools to work with multiple profiles at once (LP: #1378095) - Parse mounts that have non-ascii UTF-8 chars (LP: #1310598) - Update dovecot profiles (LP: #1296667) - Allow ubuntu-helpers to build texlive fonts (LP: #1010909) * dropped patches incorporated upstream: add-mir-abstraction-lp1422521.patch, systemd-dev-log-lp1413232.patch parser-fix_modifier_compilation_+_tests.patch, tests-fix_systemd_breakage_in_pivot_root-lp1436109.patch, GDM_X_authority-lp1432126.patch, and debian/patches/easyprof-framework-policy.patch * Partial merge with debian apparmor package: - debian/rules: enable the bindnow hardening flag during build. - debian/upstream/signing-key.asc: add new upstream public signing key - debian/watch: fix watch file, add gpg signature checking - install libapparmor.so dev symlink under /usr not /lib - debian/patches/reproducible-pdf.patch: make techdoc.pdf reproducible even in face of timezone variations. - debian/control: sync fields - debian/debhelper/postrm-apparmor: remove /etc/apparmor.d/{disable,} on package purge - debian/libapache2-mod-apparmor.postrm: on package purge, delete /etc/apparmor.d/{,disable} if empty - debian/libapparmor1.symbols: Use Build-Depends-Package in the symbols file. - debian/copyright: sync -- Steve Beattie sbeat...@ubuntu.com Mon, 11 May 2015 22:03:04 -0700 ** Changed in: apparmor (Ubuntu) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Confirmed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
My apologies, I neglected to include this bug report in the changelog for my apparmor trusty SRU. It has ben accepted into trusty-proposed and is available at https://launchpad.net/ubuntu/+source/apparmor/2.8.95~2430-0ubuntu5.2 as well as from the trusty-proposed repository. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. The relevant part of the SRU for this bug report is the update to the upstream apparmor 2.9.2 version of the python utils. This is being tracked in bug 1449769; please leave feedback on this update in that bug report. Thanks for your patience! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Fix Committed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Changed in: apparmor (Ubuntu Trusty) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Fix Committed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
the fix has been uploaded to wily it seems https://launchpad.net/ubuntu/+source/apparmor/2.9.2-0ubuntu1 unsubscribing sponsors as well since previous comment suggested that the security team want to deal with the update and not have this particular fix sponsored on its own ** Changed in: apparmor (Ubuntu) Importance: Undecided = High ** Changed in: apparmor (Ubuntu) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Committed Status in apparmor source package in Trusty: Confirmed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
Seyong Kim, the plan is to address this in trusty via the SRU for the apparmor utilities (and other things) described in bug 1449769. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Committed Status in apparmor source package in Trusty: Confirmed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Changed in: apparmor/2.9 Status: Fix Committed = Fix Released ** Changed in: apparmor/master Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Confirmed Status in apparmor source package in Trusty: Confirmed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
@tyhicks quiestion :) you are planning to adopt you mentioned for multiple release? trusty, utopic etc.. Thanks -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: Confirmed Status in apparmor source package in Trusty: Confirmed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
@tyhicks got it Thanks :) ** Changed in: apparmor (Ubuntu) Assignee: Seyeong Kim (xtrusia) = (unassigned) ** Changed in: apparmor (Ubuntu Trusty) Assignee: Seyeong Kim (xtrusia) = (unassigned) ** Changed in: apparmor (Ubuntu) Status: In Progress = Confirmed ** Changed in: apparmor (Ubuntu Trusty) Status: In Progress = Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: Confirmed Status in apparmor source package in Trusty: Confirmed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Changed in: apparmor (Ubuntu) Assignee: (unassigned) = Seyeong Kim (xtrusia) ** Changed in: apparmor (Ubuntu Trusty) Assignee: (unassigned) = Seyeong Kim (xtrusia) ** Changed in: apparmor (Ubuntu) Status: New = In Progress ** Changed in: apparmor (Ubuntu Trusty) Status: New = In Progress -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Patch added: tools-fix-multi-profile-trusty.debdiff https://bugs.launchpad.net/apparmor/+bug/1378095/+attachment/4364898/+files/tools-fix-multi-profile-trusty.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Patch added: tools-fix-multi-profile-vivid.debdiff https://bugs.launchpad.net/apparmor/+bug/1378095/+attachment/4364897/+files/tools-fix-multi-profile-vivid.debdiff -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Package changed: ubuntu = apparmor (Ubuntu) ** Also affects: apparmor (Ubuntu Trusty) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
** Description changed: + [SRU justification] + + [Impact] + $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): - File /usr/sbin/aa-complain, line 30, in module - tool.cmd_complain() - File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain - apparmor.read_profiles() - File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles - read_profile(profile_dir + '/' + file, True) - File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile - profile_data = parse_profile_data(data, file, 0) - File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data - store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) - File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var - raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) + File /usr/sbin/aa-complain, line 30, in module + tool.cmd_complain() + File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain + apparmor.read_profiles() + File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles + read_profile(profile_dir + '/' + file, True) + File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile + profile_data = parse_profile_data(data, file, 0) + File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data + store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) + File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var + raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' - $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. + + [Test Case] + + sudo aa-enforce /etc/apparmor.d/* + + got error + + [Regression Potential] + + [Other Info] -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
Hi Seyeong and Chris - The Ubuntu Security Team is planning on updating the AppArmor Python utilities by doing a full update of the code from one of our stable upstream releases. There are a number of bugs, outside of this one, in the Python utilities and it'll be best if we just fix them all at once. Would you mind holding off on this SRU? Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
I forgot to mention the reasoning. :) We're already planning on doing the packaging work to incorporate all of the new fixes from upstream so it would be a bit of a duplication of efforts to carry out this single SRU. This would allow you to focus on other SRUs that do not have anyone that is not planned by a team. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
[Touch-packages] [Bug 1378095] Re: aa-complain traceback when marking multiple profiles
@xtrusia, Can you use DEP-3 formatting for the SRU patches please: http://dep.debian.net/deps/dep3/ It would be very useful to know which revision this upstream patch comes from, etc. Thanks, -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Committed Status in AppArmor 2.9 series: Fix Committed Status in AppArmor master series: Fix Committed Status in apparmor package in Ubuntu: In Progress Status in apparmor source package in Trusty: In Progress Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File /usr/sbin/aa-complain, line 30, in module tool.cmd_complain() File /usr/lib/python3/dist-packages/apparmor/tools.py, line 171, in cmd_complain apparmor.read_profiles() File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File /usr/lib/python3/dist-packages/apparmor/aa.py, line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp