[apparmor] [patch] Fix regressions caused by init_aa()

Seth Arnold seth.arnold at canonical.com
Fri Mar 3 01:05:10 UTC 2017 

On Fri, Mar 03, 2017 at 12:52:02AM +0100, Christian Boltz wrote:
> Hello,
> 
> With the init_aa() patch series commited, minitools_test.py showed
> several test failures - which effectively means the -d option of
> aa-complain, aa-cleanprof etc. was broken.
> 
> These failures were caused by
> - calling init_aa() too late in tools.py - _after_ setting the
>   profiledir, which then got overwritten by init_aa()
> - calling init_aa() twice (because apparmor.aa gets imported in two
>   modules used by aa-cleanprof), which overwrote the manually set values
>   on the second run
> 
> This patch fixes the call order in tools.py and adds a check to
> init_aa() so that it can be run only once and ignores additional calls.
> 
> 
> [ 02-fix-init_aa-regressions.diff ]

Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks

> 
> === modified file ./utils/apparmor/aa.py
> --- utils/apparmor/aa.py        2017-03-03 00:10:55.506361000 +0100
> +++ utils/apparmor/aa.py        2017-03-03 00:37:47.283693765 +0100
> @@ -3779,6 +3781,9 @@
>      global extra_profile_dir
>      global parser
>  
> +    if CONFDIR:
> +        return  # config already initialized (and possibly changed afterwards), so don't overwrite the config variables
> +
>      CONFDIR = confdir
>      conf = apparmor.config.Config('ini', CONFDIR)
>      cfg = conf.read_config('logprof.conf')
> === modified file ./utils/apparmor/tools.py
> --- utils/apparmor/tools.py     2017-03-03 00:10:55.506361000 +0100
> +++ utils/apparmor/tools.py     2017-03-03 00:23:54.587304297 +0100
> @@ -24,6 +24,8 @@
>  
>  class aa_tools:
>      def __init__(self, tool_name, args):
> +        apparmor.init_aa()
> +
>          self.name = tool_name
>          self.profiledir = args.dir
>          self.profiling = args.program
> @@ -31,8 +33,6 @@
>          self.silent = None
>          self.do_reload = args.do_reload
>  
> -        apparmor.init_aa()
> -
>          if tool_name in ['audit']:
>              self.remove = args.remove
>          elif tool_name == 'autodep':
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20170302/20ff881e/attachment.pgp>

More information about the AppArmor mailing list