[apparmor] [patch] Prevent crash caused by by serialize_profile_from_old_profile()

Hello, if a profile file contains multiple profiles and one of those profiles contains a rule managed by a *Ruleset class, serialize_profile_from_old_profile() crashes with an AttributeError. This happens because profile_data / write_prof_data contain only one profile with its hats, which explode

[apparmor] [patch] Improve __repr__() for *Ruleset

Hello, if a *Ruleset is empty, let __repr__() print/return instead of I propose this patch for trunk and 2.10. [ 42-improve-repr-empty-ruleset.diff ] === modified file ./utils/apparmor/rule/__init__.py --- utils/apparmor/rule/__init__.py 2015-12-21 00:42:28.521222690 +0100 +

[apparmor] [patch] Use list check in PtraceRule and SignalRule is_covered_localvars()

Hello, PtraceRule access and SignalRule access and signal can contain more than one value. Therefore adjust is_covered_localvars() in both to use the list (subset) instead of the plain (exactly equal) check. Also add a testcase for each to ensure the list/subset check works as expected. [ 41-pt

Re: [apparmor] AppArmor profile: requested_mask and denied_mask = "c", "x".

Hi John. Okay, now it is more understandable. I will try to modify my AppArmor profile and see what's going to happen etc. If I will have any problems or questions, I will write a message. You asked what I am trying to achieve with my policy. So, I just want to make a profile for a 'plugin-contai