[apparmor] [patch] load_include(): avoid loading directory includes multiple times

[Christian Boltz]

Hello,

the "already loaded?" check in load_include() was done at the beginning
of the function, before entering the loop and before the individual
files of directory includes were added to the filelist. This resulted in
a (wrong) "Conflicting profiles" error for directory includes.

This patch moves the "alreay loaded?" check inside the loop, so that 
it's executed for all files, including those of directory includes.

The conflict check is in trunk only, therefore I don't see a need to
apply this patch to 2.9 (besides saving some CPU cycles).


BTW: This bug was uncovered by minitools_test.py, which isn't part of
make check yet. Maybe we should rename it to test-minitools.py to enable
it?


[ 88-avoid-duplicate-read-in-load_include.diff ]

--- utils/apparmor/aa.py        2015-09-13 16:22:42.590115689 +0200
+++ utils/apparmor/aa.py        2015-09-13 18:05:52.220501252 +0200
@@ -4153,11 +4153,11 @@
 
 def load_include(incname):
     load_includeslist = [incname]
-    if include.get(incname, {}).get(incname, False):
-        return 0
     while load_includeslist:
         incfile = load_includeslist.pop(0)
+        if include.get(incfile, {}).get(incfile, False):
+            pass  # already read, do nothing
-        if os.path.isfile(profile_dir + '/' + incfile):
+        elif os.path.isfile(profile_dir + '/' + incfile):
             data = get_include_data(incfile)
             incdata = parse_profile_data(data, incfile, True)
             attach_profile_data(include, incdata)


Regards,

Christian Boltz
-- 
> ich habe keine ahnung von vi oder sonstigem. mir diese ganzen
> tastenkombinationen etc. zu merken, ist mir persönlich zu doof.
Dann hast Du unter einem UNIX kaum was verloren. Naja, Du nutzt ja
auch SuSE Windows....  [> maX Bauer und Axel Gruner in suse-linux]