Hi Simon. Sorry for the difficulty you encountered. The specific
traceback issue you encountered with aa-complain has been addressed in
trusty in apparmor-utils and python3-apparmor 2.8.95~2430-0ubuntu5.2, so
I'm closing this bug (it was also fixed upstream in the 2.9.2 and 2.10
releases).
Yes, the use of c-style #include and shell style # prefix for comments
is a bit confusing. AppArmor 2.10 which will be in ubuntu 15.10 includes
support for just using the keyword 'include' instead of "#include'
(though the latter will still work).
The "dhcpd.d" include is assuming the base path to look for included
files and directories is /etc/apparmor.d/. In this case, the include
references the directory /etc/apparmor.d/dhcpd.d/ which tells apparmor
to include any files in that directory into the profile. However, the
aa-complain tool before 2.8.95~2430-0ubuntu5.2 did not support including
directories, which is why it crashed.
Thanks!
** Changed in: apparmor (Ubuntu)
Status: New => Fix Released
** Changed in: apparmor
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1453088
Title:
isc-dhcp-server apparmor include
Status in AppArmor:
Fix Released
Status in apparmor package in Ubuntu:
Fix Released
Bug description:
I tried to put isc-dhcp-server in to complain mode due to issues with
/run and /var/run PID flags.
It gave me an error
root@here:/etc/apparmor.d# aa-complain usr.sbin.dhcpd
Setting /etc/apparmor.d/usr.sbin.dhcpd to complain mode.
Traceback (most recent call last):
File "/usr/sbin/aa-complain", line 30, in <module>
tool.cmd_complain()
File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 184, in
cmd_complain
raise apparmor.AppArmorException(cmd_info[1])
apparmor.common.AppArmorException: "AppArmor parser error for
/etc/apparmor.d/usr.sbin.dhcpd in /etc/apparmor.d/usr.sbin.dhcpd at line 69:
Could not open 'dhcpd.d'\n"
due to #include <dhcpd.d> in usr.sbin.dhcpd
Two things confuse me. The use of '#' and '# ' to mean include and
for commenting respectively. Is this not going to make bug fixing
more difficult ?
and two should dhcpd.d include a full path ?
Why is app armour complain complaining with a standard file ?
Cheers
Simon
To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1453088/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
