The patch looks good. I uploaded it to hardy-proposed also uploaded a
patched package for Intrepid using the patch I used in Jaunty.
IMPACT: aa-genprof cannot be used to generate new profiles when profiles
are in force-complain mode (hardy and intrepid) or disabled (intrepid)
DEV RELEASE: it is fixed in the Jaunty with the attached patch
TEST CASE (hardy):
1. ln -s /etc/apparmor.d/usr.sbin.cupsd /etc/apparmor.d/force-complain
2. sudo aa-genprof /usr/bin/yes
TEST CASE (intrepid):
1. ln -s /etc/apparmor.d/usr.sbin.cupsd /etc/apparmor.d/force-complain
2. sudo aa-genprof /usr/bin/yes
3. rm -f /etc/apparmor.d/force-complain/usr.sbin.cupsd
4. /etc/apparmor.d/usr.sbin.cupsd /etc/apparmor.d/disable
5. sudo aa-genprof /usr/bin/yes
REGRESSION POTENTIAL: considered to be low due to a very minimal patch
to ignore more directories in /etc/apparmor.d. The patched file is used
by all the apparmor helper functions, but a regression should not cause
a problem with apparmor protections or profile manipulation via
apparmor_parser.
** Changed in: apparmor (Ubuntu Intrepid)
Status: Confirmed => Fix Committed
** Changed in: apparmor (Ubuntu Intrepid)
Assignee: (unassigned) => Jamie Strandboge (jdstrand)
** Changed in: apparmor (Ubuntu Hardy)
Status: Confirmed => Fix Committed
--
"force-complain" and "disable" directories breaks aa-genprof
https://bugs.launchpad.net/bugs/331534
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
