[Bug 1319829] Re: aa-genprof will crash when select scan on Ubuntu 14.04 server

Sun, 18 May 2014 18:11:34 -0700 

Interesting news - I'm able to reproduce this now. The trick is to
create a new profile:

rm /etc/apparmor.d/usr.bin.true
aa-genprof true
press "s"

I added the print command I proposed, and it fails at the newly created profile 
- print output:
    /etc/apparmor.d/usr.bin.true /usr/bin/true /usr/bin/true

The autodep code fills "filename" with a wrong structure with a level missing.
For comparison see the (heavily formatted) output of   print(filelist)

'/etc/apparmor.d/usr.bin.true': defaultdict (
    <function hasher at 0x7f32630b8d08>, {'profiles': defaultdict (
        <function hasher at 0x7f32630b8d08>, {'/usr/bin/true': True}
    ), 'include': defaultdict (
        <function hasher at 0x7f32630b8d08>, {'tunables/global': True}
    )}
),

'/etc/apparmor.d/usr.lib.dovecot.dict': defaultdict (
    <function hasher at 0x7f32630b8d08>, {'profiles': defaultdict (
        <function hasher at 0x7f32630b8d08>, {'/usr/lib/dovecot/dict': 
defaultdict (
            <function hasher at 0x7f32630b8d08>, {'/usr/lib/dovecot/dict': True}
        )}
    ), 'include': defaultdict (
        <function hasher at 0x7f32630b8d08>, {'tunables/global': True}
    )}
),

(we really need to document the internal structure of our more
interesting[tm] variables ;-)


Now that we know what is wrong, fixing it (in aa.py / autodep) is easy - even 
at 3 am ;-)

Can you please test the following patch?

=== modified file 'utils/apparmor/aa.py'
--- utils/apparmor/aa.py        2014-04-26 11:05:55 +0000
+++ utils/apparmor/aa.py        2014-05-19 00:51:04 +0000
@@ -583,7 +583,8 @@
         if not filelist.get(file, False):
             filelist[file] = hasher()
         filelist[file]['include']['tunables/global'] = True
-        filelist[file]['profiles'][pname] = True
+        filelist[file]['profiles'][pname] = hasher()
+        filelist[file]['profiles'][pname][pname] = True
     write_profile_ui_feedback(pname)
 
 def get_profile_flags(filename, program):


Funnily I added the line to blame myself - but without it, autodep was even 
more buggy ;-)  (bzr log -r2396 if you are interested in details)

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1319829

Title:
  aa-genprof will crash when select scan on Ubuntu 14.04 server

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1319829/+subscriptions

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to