So I have good and bad news. Let me start with the bad news:
profile_data / write_prof_data (in serialize_profile_from_old_profile()) contain only one profile with its hats. This will explode if a file contains multiple profiles, as reported in this bug. Fixing this needs lots of write_prof_data[hat] -> write_prof_data[profile][hat] changes (and of course also a change in the calling code) or, better option, a full rewrite of serialize_profile_from_old_profile(). Unfortunately I don't have the time to do the rewrite at the moment (I have other things on my TODO list), and doing the write_prof_data[hat] -> write_prof_data[profile][hat] is something that might introduce more breakage, so I'm not too keen to do that. The good news - at least I have a way to avoid the crash ;-) I'll wrap the serialize_profile_from_old_profile() in try/except. If it fails, the diff will include an error message and recommend to use 'View Changes b/w (C)lean profiles' instead, which is known to work even with the testcase in this bug. === modified file ./utils/apparmor/aa.py --- utils/apparmor/aa.py 2015-12-21 00:13:57.215799543 +0100 +++ utils/apparmor/aa.py 2015-12-21 23:55:01.858211661 +0100 @@ -2368,7 +2368,12 @@ oldprofile = aa[which][which]['filename'] else: oldprofile = get_profile_filename(which) - newprofile = serialize_profile_from_old_profile(aa[which], which, '') + + try: + newprofile = serialize_profile_from_old_profile(aa[which], which, '') + except AttributeError: + # see https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1528139 + newprofile = "###\n###\n### Internal error while generating diff, please use '%s' instead\n###\n###\n" % _('View Changes b/w (C)lean profiles') display_changes_with_comments(oldprofile, newprofile) Sorry that this isn't a perfect solution, but I'm not too keen to spent lots of time on a function that needs to be rewritten anyway. For the records: this bug causes a crash in 2.10 and bzr trunk. 2.9.x "only" displays a wrong diff. ** Also affects: apparmor Importance: Undecided Status: New ** Also affects: apparmor/2.10 Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1528139 Title: serialize_profile_from_old_profile() crash if file contains multiple profiles Status in AppArmor: New Status in AppArmor 2.10 series: New Status in apparmor package in Ubuntu: New Bug description: = Changed Local Profiles = The following local profiles were changed. Would you like to save them? [1 - /sbin/dhclient] 2 - /usr/sbin/nmbd 3 - /usr/bin/snx 4 - /usr/sbin/dnsmasq 5 - /{usr/,}bin/ping 6 - /usr/sbin/smbd 7 - /usr/lib/telepathy/mission-control-5 (S)ave Changes / Save Selec(t)ed Profile / [(V)iew Changes] / View Changes b/w (C)lean profiles / Abo(r)t Traceback (most recent call last): File "/usr/sbin/aa-logprof", line 50, in <module> apparmor.do_logprof_pass(logmark) File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2197, in do_logprof_pass save_profiles() File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2277, in save_profiles newprofile = serialize_profile_from_old_profile(aa[which], which, '') File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3961, in serialize_profile_from_old_profile if write_prof_data[hat]['network'].is_covered(network_obj, True, True): AttributeError: 'collections.defaultdict' object has no attribute 'is_covered' An unexpected error occoured! For details, see /tmp/apparmor-bugreport-v7wx9fu9.txt Please consider reporting a bug at https://bugs.launchpad.net/apparmor/ and attach this file. When I pressed V button aa-logprof exits with error. ProblemType: Bug DistroRelease: Ubuntu 15.10 Package: apparmor 2.10-0ubuntu6 ProcVersionSignature: Ubuntu 4.2.0-21.25-generic 4.2.6 Uname: Linux 4.2.0-21-generic x86_64 ApportVersion: 2.19.1-0ubuntu5 Architecture: amd64 Date: Mon Dec 21 09:54:51 2015 InstallationDate: Installed on 2014-04-19 (611 days ago) InstallationMedia: Ubuntu-Server 14.04 LTS "Trusty Tahr" - Release amd64 (20140416.2) ProcKernelCmdline: BOOT_IMAGE=/vmlinuz-4.2.0-21-generic root=/dev/mapper/ubuntu-root ro splash elevator=cfq nomdmonddf nomdmonisw crashkernel=384M-:128M SourcePackage: apparmor Syslog: UpgradeStatus: Upgraded to wily on 2015-11-14 (36 days ago) To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1528139/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp