[apparmor] [patch] Reset aa and original_aa in read_profiles()

[Christian Boltz]

Hello,

TL;DR: aa-genprof crashes with a wrong 'Conflicting profiles' error.

aa-genprof uses autodep() to create a basic profile, which is then
stored in aa and original_aa. After that, read_profiles() is called,
which reads all profiles (including the new one) from disk, causing a
(wrong) 'Conflicting profiles' error in attach_profile_data() because
the autodep()-generated profile is already there.

Therefore this patch resets aa and original_aa in read_profiles() to
avoid that problem.

The conflict check is in trunk only, therefore I don't see a need to
apply this patch to 2.9.



[ 87-reset-aa-in-read_profiles.diff ]

=== modified file ./utils/apparmor/aa.py
--- utils/apparmor/aa.py        2015-09-12 22:56:06.464529212 +0200
+++ utils/apparmor/aa.py        2015-09-13 11:13:56.910858177 +0200
@@ -2468,6 +2468,12 @@
     return False
 
 def read_profiles():
+    # we'll read all profiles from disk, so reset the storage first (autodep() might have created/stored
+    # a profile already, which would cause a 'Conflicting profile' error in attach_profile_data())
+    global aa, original_aa
+    aa = hasher()
+    original_aa = hasher()
+
     try:
         os.listdir(profile_dir)
     except:


Regards,

Christian Boltz
-- 
> AFAIK they are still working on it... But you know, there are also so
> called human beeings, who normally do not work the weekend ;-)
It rather seems to me that there are so many uncommented bugs that there
will be no weekends for some months...
[> Marcel Hilzinger and Eberhard Moenkeberg in opensuse]