Hello,
serialize_profile_from_old_profiles() calls store_list_var() with an
empty hasher. This fails for "+=" because in this case store_list_var()
expects a non-empty hasher with the variable already defined, and raises
an exception because of the empty hasher.
This patch sets "correct = False" if a "+=" operation appears, which
means the variable will be written in "clean" mode instead.
Adding proper support for "add to variable" needs big changes (like
storing a variable's "history" - where it was initially defined and what
got added where).
I propose this patch for trunk and 2.9.
[ 35-fix-serialize_profile_from_old_profiles-variable-add.diff ]
=== modified file utils/apparmor/aa.py
--- utils/apparmor/aa.py 2015-04-08 22:31:08.899387134 +0200
+++ utils/apparmor/aa.py 2015-04-08 22:54:51.961744989 +0200
@@ -4049,7 +4050,11 @@
var_operation = matches[1]
value = strip_quotes(matches[2])
var_set = hasher()
- if profile:
+ if var_operation == '+=':
+ correct = False # adding proper support for "add to
variable" needs big changes
+ # (like storing a variable's "history" - where it was
initially defined and what got added where)
+ # so just skip any comparison and assume a non-match
+ elif profile:
store_list_var(var_set, list_var, value, var_operation,
prof_filename)
if not var_set[list_var] ==
write_prof_data['lvar'].get(list_var, False):
correct = False
Regards,
Christian Boltz
--
Oh, ich hatte einen ";)))" vergessen. Ich liebe die Community! Denn die
bringt mir bei der Konferenz Kaffee! [Lars Müller in opensuse-de]
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
