Hello, serialize_profile_from_old_profiles() calls store_list_var() with an empty hasher. This fails for "+=" because in this case store_list_var() expects a non-empty hasher with the variable already defined, and raises an exception because of the empty hasher.
This patch sets "correct = False" if a "+=" operation appears, which means the variable will be written in "clean" mode instead. Adding proper support for "add to variable" needs big changes (like storing a variable's "history" - where it was initially defined and what got added where). I propose this patch for trunk and 2.9. [ 35-fix-serialize_profile_from_old_profiles-variable-add.diff ] === modified file utils/apparmor/aa.py --- utils/apparmor/aa.py 2015-04-08 22:31:08.899387134 +0200 +++ utils/apparmor/aa.py 2015-04-08 22:54:51.961744989 +0200 @@ -4049,7 +4050,11 @@ var_operation = matches[1] value = strip_quotes(matches[2]) var_set = hasher() - if profile: + if var_operation == '+=': + correct = False # adding proper support for "add to variable" needs big changes + # (like storing a variable's "history" - where it was initially defined and what got added where) + # so just skip any comparison and assume a non-match + elif profile: store_list_var(var_set, list_var, value, var_operation, prof_filename) if not var_set[list_var] == write_prof_data['lvar'].get(list_var, False): correct = False Regards, Christian Boltz -- Oh, ich hatte einen ";)))" vergessen. Ich liebe die Community! Denn die bringt mir bei der Konferenz Kaffee! [Lars Müller in opensuse-de] -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor