https://bugzilla.novell.com/show_bug.cgi?id=496204 https://bugzilla.novell.com/show_bug.cgi?id=496204#c3 --- Comment #3 from Jeff Mahoney <jeffm@novell.com> 2011-01-24 19:17:25 UTC --- Created an attachment (id=409891) --> (http://bugzilla.novell.com/attachment.cgi?id=409891) apparmor-utils: Inherit flags in sub-profiles when generating profiles When creating profiles with cx subprofiles, genprof will set the sub-profile in enforce mode. When genprof cycles multiple times, it prohibits the sub-profile from working correctly. e.g. # Last Modified: Mon Jan 24 13:52:26 2011 #include <tunables/global> /home/jeffm/mycat flags=(complain) { #include <abstractions/base> #include <abstractions/bash> #include <abstractions/consoles> /bin/bash ix, /bin/cat cx, /home/jeffm/mycat r, profile /bin/cat { #include <abstractions/base> /bin/cat r, /home/jeffm/mycat r, } } This patch allows sub-profiles to inherit the flags from the parent profile, which allows it to be created in complain mode (if appropriate). The temporary complain flags are cleaned up at genprof completion as expected. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.