From 7ae1344363c42b9ef2a03a5b1dba60d7322d5d082db245f59d801b57ea4b7965 Mon Sep 17 00:00:00 2001
From: Christian Boltz <suse-beta@cboltz.de>
Date: Fri, 24 Jul 2015 11:34:14 +0000
Subject: [PATCH] Accepting request 318424 from home:cboltz

- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript
  output (boo#862170)

OBS-URL: https://build.opensuse.org/request/show/318424
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=137
---
 apparmor.changes                   |  6 ++++
 apparmor.spec                      |  5 ++++
 fix-initscript-aa_log_end_msg.diff | 47 ++++++++++++++++++++++++++++++
 3 files changed, 58 insertions(+)
 create mode 100644 fix-initscript-aa_log_end_msg.diff

diff --git a/apparmor.changes b/apparmor.changes
index 4060af6..b0e21d5 100644
--- a/apparmor.changes
+++ b/apparmor.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jul 23 22:16:35 UTC 2015 - opensuse@cboltz.de
+
+- add fix-initscript-aa_log_end_msg.diff - fixes ugly initscript
+  output (boo#862170)
+
 -------------------------------------------------------------------
 Thu Jul 16 20:51:00 UTC 2015 - opensuse@cboltz.de
 
diff --git a/apparmor.spec b/apparmor.spec
index bf7adaf..2134efb 100644
--- a/apparmor.spec
+++ b/apparmor.spec
@@ -92,6 +92,9 @@ Patch6:         apparmor-abstractions-no-multiline.diff
 # bug 906858 - confine lessopen.sh (submitted upstream 2014-12-21)
 Patch7:         apparmor-lessopen-profile.patch
 
+# boo#862170 - fix ugly initscript output (commited upstream trunk r3208)
+Patch8:         fix-initscript-aa_log_end_msg.diff
+
 Url:            https://launchpad.net/apparmor
 PreReq:         sed
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
@@ -436,6 +439,8 @@ SubDomain.
 
 %patch6
 %patch7 -p1
+%patch8
+
 # search for left-over multiline rules
 test -z "$(grep -r '^\s*\(unix\|dbus\)[^,]\(([^)]*)\)*[^,]*$' profiles/apparmor.d/)"
 
diff --git a/fix-initscript-aa_log_end_msg.diff b/fix-initscript-aa_log_end_msg.diff
new file mode 100644
index 0000000..3b73ebe
--- /dev/null
+++ b/fix-initscript-aa_log_end_msg.diff
@@ -0,0 +1,47 @@
+Fix aa_log_end_msg() in rc.apparmor.suse
+
+"rcapparmor kill" results in a funny error message:
+    /lib/apparmor/rc.apparmor.functions: line 441: return: -v: invalid option
+    return: usage: return [n]
+
+SLE12 includes a patch that prevents this error message, but also
+prevents that $? is handed over correctly to rc_status. This means that
+"rcapparmor kill" will happily display "done" even with a compiled-in
+apparmor module that can't be unloaded.
+
+This patch is the improved version - it adds a small helper function to
+set $? (as handed over to aa_log_end_msg()) and then calls rc_status -v.
+This means that "rcapparmor kill" now shows "failed" because it's
+impossible to unload something that is compiled directly into the
+kernel.
+
+References: https://bugzilla.opensuse.org/show_bug.cgi?id=862170 (non-public)
+
+
+Acked-by: Seth Arnold <seth.arnold@canonical.com> for 2.9 and trunk
+
+
+Commited to trunk revision 3208.
+=== modified file 'parser/rc.apparmor.suse'
+--- parser/rc.apparmor.suse	2011-09-15 18:20:23 +0000
++++ parser/rc.apparmor.suse	2015-07-22 19:23:28 +0000
+@@ -94,12 +94,13 @@
+ 	echo -e	"$rc_skipped"
+ }
+ 
++_set_status() {
++	return $1
++}
++
+ aa_log_end_msg() {
+-	v="-v"
+-	if [ "$1" != '0' ]; then
+-		rc="-v$1"
+-	fi
+-	rc_status $v
++	_set_status $1
++	rc_status -v
+ }
+ 
+ usage() {
+