Mailinglist Archive: opensuse-factory (375 mails)

< Previous Next >
Re: [opensuse-factory] Update to AppArmor 2.13 results in a non-working aa-logprof [SOLVED]
Am 30.04.2018 um 07:34 schrieb Frank Krüger:
Am 30.04.2018 um 01:33 schrieb Christian Boltz:
Hello,

Am Sonntag, 29. April 2018, 19:36:08 CEST schrieb Frank Krüger:
Given Tumbleweed 20180424 with apparmor 2.13 the command "aa-logprof"
(as root)bhangs, with the error messages

File "/usr/sbin/aa-logprof", line 54, in <module>
apparmor.loadincludes()
File "/usr/lib/python3.6/site-packages/apparmor/aa.py", line 3569, in
loadincludes
load_include(fi)
File "/usr/lib/python3.6/site-packages/apparmor/aa.py", line 3532, in
load_include
incdata = parse_profile_data(data, incfile, True)
File "/usr/lib/python3.6/site-packages/apparmor/aa.py", line 2509, in
parse_profile_data
elif not RE_RULE_HAS_COMMA.search(line):

Is this a known issue?

No, that sounds new to me. (Also, aa-logprof shouldn't run for several
minutes, maybe except if you have a really big logfile > 100 MB, and
for sure it shouldn't spend minutes in load_include.)

That said - I was able to reproduce the problem, and wonder why it
didn't hit me before.

The biggest change in 2.13 [1] is support for shipping precompiled cache
and having multiple cache directories. This also comes with a new cache
directory layout, including a new symlink /etc/apparmor.d/cache.d
pointing to the real cache directory.

Exactly that symlink causes the problem you see, because aa-logprof
tries to parse all (binary) files in /etc/apparmor.d/cache.d/ :-(

@Patrick: If you are unable to reproduce this bug, your profiles probably
match exactly the upstream profiles, so /etc/apparmor.d/cache.d/
(symlink to /var/cache/apparmor/) is empty and only the precompiled
cache in /usr/share/apparmor/cache/ gets used. An additional condition
is that you don't have profiles installed by other packages (which don't
include precompiled cache yet).

Thank you for the speedy fix. Using python3-apparmor from the security
apparmor repo, it works as expected:

The issue is fixed with TW20180429.Thx.

Regards, Frank
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages