My apologies, I neglected to include this bug report in the changelog for my apparmor trusty SRU. It has ben accepted into trusty-proposed and is available at https://launchpad.net/ubuntu/+source/apparmor/2.8.95~2430-0ubuntu5.2 as well as from the trusty-proposed repository. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed.
The relevant part of the SRU for this bug report is the update to the upstream apparmor 2.9.2 version of the python utils. This is being tracked in bug 1449769; please leave feedback on this update in that bug report. Thanks for your patience! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1378095 Title: aa-complain traceback when marking multiple profiles Status in AppArmor Linux application security framework: Fix Released Status in AppArmor 2.9 series: Fix Released Status in AppArmor master series: Fix Released Status in apparmor package in Ubuntu: Fix Released Status in apparmor source package in Trusty: Fix Committed Bug description: [SRU justification] [Impact] $ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File "/usr/sbin/aa-complain", line 30, in <module> tool.cmd_complain() File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 171, in cmd_complain apparmor.read_profiles() File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq' $ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r, Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations. [Test Case] sudo aa-enforce /etc/apparmor.d/* got error [Regression Potential] [Other Info] To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1378095/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
