https://bugzilla.novell.com/show_bug.cgi?id=255043 Summary: aa-genprof does not report problems reloading profiles Product: openSUSE 10.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: AppArmor AssignedTo: jmichael@novell.com ReportedBy: sbeattie@novell.com QAContact: dreynolds@novell.com CC: seth.arnold@novell.com If there's an apparmor profile that won't successfully parse, genprof will not inform you that manual intervention is required. For example, if you perform the following steps: # echo -e '#!/bin/sh\ncat /etc/resolv.conf' > /tmp/foo.sh # chmod +x /tmp/foo.sh # echo -e '/tmp/foo.sh {\n @{TESTFILE} r,\n /bin/cat rmix,\n}' > /etc/apparmor.d/tmp.foo.sh # genprof /tmp/foo.sh genprof will not tell you that its attempt to load the profile for /tmp/foo.sh failed, and that it's completely unconfined. Selecting finish wil also not give any indication that there's a problem the user needs to manually address. This problem combines *really badly* with bug #254319, where aa-genprof modifies an existing functional profile so that it no longer is loadable and then gives the user no indication that anything went wrong. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.