** Description changed:
+ [impact]
+
+ This bug makes it difficult for trusty users to use the apparmor policy
+ utilities.
+
+ [steps to reproduce]
+
+ See below
+
+ [regression potential]
+
+ This issue is being addressed by updating the python utilities to the
+ version in apparmor 2.9.2 as tracked in bug 1449769. This represents are
+ large change which would normally be risky; however, these changes are
+ isolated to the python utils (so no changes to the policy parser/loader
+ or enforcement), there are a large number of bugs that exist in the
+ trusty version that make using the tools difficult, so it would be
+ difficult to regress further, and the updated version includes many new
+ unit tests to try to prevent from regressions from occurring.
+
+ [additional info]
+
+ The python utils testsuite is run as part of the test-apparmor.py test
+ script in lp:qa-regression-testing. The test-apparmor.py also has
+ additional basic usage tests to ensure that basic functionality is
+ maintained. These tests are run as part of the process fro each kernel
+ update.
+
+ [original description]
+
In a terminal, I run:
$ sudo aa-genprof /usr/bin/empathy
...
[(S)can system log for AppArmor events] / (F)inish
-
At this point, I start empathy, then stop it.
Now I go back to the terminal:
<press S>
Reading log entries from /var/log/syslog.
Updating AppArmor profiles in /etc/apparmor.d.
Traceback (most recent call last):
- File "/usr/sbin/aa-genprof", line 150, in <module>
- lp_ret = apparmor.do_logprof_pass(logmark, passno)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2240, in
do_logprof_pass
- read_profiles()
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2558, in
read_profiles
- read_profile(profile_dir + '/' + file, True)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2584, in
read_profile
- profile_data = parse_profile_data(data, file, 0)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2689, in
parse_profile_data
- filelist[file]['profiles'][profile][hat] = True
+ File "/usr/sbin/aa-genprof", line 150, in <module>
+ lp_ret = apparmor.do_logprof_pass(logmark, passno)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2240, in
do_logprof_pass
+ read_profiles()
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2558, in
read_profiles
+ read_profile(profile_dir + '/' + file, True)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2584, in
read_profile
+ profile_data = parse_profile_data(data, file, 0)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2689, in
parse_profile_data
+ filelist[file]['profiles'][profile][hat] = True
TypeError: 'bool' object does not support item assignment
-
If I run it again, I get a different traceback:
Traceback (most recent call last):
- File "/usr/sbin/aa-genprof", line 150, in <module>
- lp_ret = apparmor.do_logprof_pass(logmark, passno)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2240, in
do_logprof_pass
- read_profiles()
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2558, in
read_profiles
- read_profile(profile_dir + '/' + file, True)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2584, in
read_profile
- profile_data = parse_profile_data(data, file, 0)
- File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3031, in
parse_profile_data
- raise AppArmorException(_('Syntax Error: Unknown line found in file: %s
line: %s') % (file, lineno + 1))
+ File "/usr/sbin/aa-genprof", line 150, in <module>
+ lp_ret = apparmor.do_logprof_pass(logmark, passno)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2240, in
do_logprof_pass
+ read_profiles()
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2558, in
read_profiles
+ read_profile(profile_dir + '/' + file, True)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2584, in
read_profile
+ profile_data = parse_profile_data(data, file, 0)
+ File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3031, in
parse_profile_data
+ raise AppArmorException(_('Syntax Error: Unknown line found in file: %s
line: %s') % (file, lineno + 1))
apparmor.common.AppArmorException: 'Syntax Error: Unknown line found in file:
/etc/apparmor.d/zz-unconfined line: 3'
-
/etc/apparmor.d/zz-unconfined contains:
# v2 compatible wildly permissive profile
profile "zz_unconfined" {
- capability,
- network,
- /** rwlkm,
- /** pix,
+ capability,
+ network,
+ /** rwlkm,
+ /** pix,
- # TODO: when dbus hits:
- dbus,
+ # TODO: when dbus hits:
+ dbus,
}
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1294797
Title:
aa-genprof traceback with apparmor 2.8.95
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1294797/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
