http://bugzilla.opensuse.org/show_bug.cgi?id=1120472
http://bugzilla.opensuse.org/show_bug.cgi?id=1120472#c16
--- Comment #16 from lili zhao
IMHO there are two things that should be fixed:
a) in AppArmor: I'll either "downgrade" the error to a warning saying Ignoring log event for non-existing profile $name, even if the profile file exists (different profile name?) or simply silently ignore events for non-existing profiles since that is what happens for all non-existing profiles not matching this corner case.
b) in the openQA tests: unload the profile before you delete the profile file to ensure you have a clean test setup:
apparmor_parser -R /tmp/apparmor.d/usr.sbin.nscd rm /tmp/apparmor.d/usr.sbin.nscd cp -a /etc/apparmor.d/ /tmp/apparmor.d/ apparmor_parser -r /tmp/apparmor.d/ # reload profiles
nscd will run unconfined after that, but you are stopping it anyway. (And sadly, openQA will no longer cover that corner case it accidently covered ;-)
Thank you so much for the fixing suggestions for openQA tests, we have opened 2 poo to enhance our test cases. FYI: [sle][security][sle15sp1] apparmor aa_autodep & aa_genprof tests need doing cleanup (https://progress.opensuse.org/issues/45980) [sle][security][sle15sp1] apparmor aa_enforce test needs to be updated to match new behavior in Tumblewwed (https://progress.opensuse.org/issues/45635#change-178487) -- You are receiving this mail because: You are on the CC list for the bug.