On Wed, Dec 03, 2014 at 11:56:51PM +0100, Christian Boltz wrote: > Some more testing showed that aa-cleanprof deletes some capability > rules that are not covered by any abstraction. > > Please apply the following patch on top of the patchset to fix this.
Acked-by: Steve Beattie <st...@nxnw.org> > diff -u -p -r v5-utils-sbeattie/apparmor/cleanprofile.py > utils/apparmor/cleanprofile.py > --- v5-utils-sbeattie/apparmor/cleanprofile.py 2014-12-03 20:24:23.377470648 > +0100 > +++ utils/apparmor/cleanprofile.py 2014-12-03 23:28:52.117687706 +0100 > @@ -65,7 +65,7 @@ class CleanProf(object): > deleted += > apparmor.aa.delete_duplicates(self.other.aa[program][hat], inc) > > #Clean the duplicates of caps in other profile > - if self.same_file: > + if not self.same_file: > deleted += > self.other.aa[program][hat]['capability'].delete_duplicates(self.profile.aa[program][hat]['capability']) > > #Clean the duplicates of path in other profile -- Steve Beattie <sbeat...@ubuntu.com> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
