diff --git a/apparmor.changes b/apparmor.changes index c27e23e..4600fc7 100644 --- a/apparmor.changes +++ b/apparmor.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Wed Jan 2 19:11:16 UTC 2019 - Christian Boltz + +- add profile_filename_cornercase.diff: drop check that lets aa-logprof + error out in a corner-case (log event for a non-existing profile while + a profile file with the default filename for that non-existing profile + exists) (boo#1120472) + ------------------------------------------------------------------- Fri Dec 21 13:41:32 UTC 2018 - mt@suse.de diff --git a/apparmor.spec b/apparmor.spec index 20e8219..d15b595 100644 --- a/apparmor.spec +++ b/apparmor.spec @@ -1,8 +1,8 @@ # # spec file for package apparmor # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. -# Copyright (c) 2011-2018 Christian Boltz +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2011-2019 Christian Boltz # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -65,6 +65,10 @@ Patch7: apparmor-lessopen-profile.patch # fate#325872 netconfig: write resolv.conf to /run with link to /etc - submitted upstream 2018-12-22 https://gitlab.com/apparmor/apparmor/merge_requests/294 Patch8: apparmor-nameservice-resolv-conf-link.patch +# drop check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) - boo#1120472 +# submitted upstream 2019-01-02 - https://gitlab.com/apparmor/apparmor/merge_requests/296 (master + 2.13) and https://gitlab.com/apparmor/apparmor/merge_requests/297 (2.12) +Patch9: profile_filename_cornercase.diff + PreReq: sed BuildRoot: %{_tmppath}/%{name}-%{version}-build %define apparmor_bin_prefix /lib/apparmor @@ -353,6 +357,7 @@ SubDomain. %patch5 -p1 %patch7 %patch8 -p1 +%patch9 -p1 %build export SUSE_ASNEEDED=0 diff --git a/libapparmor.spec b/libapparmor.spec index 1f8266d..66ef7dc 100644 --- a/libapparmor.spec +++ b/libapparmor.spec @@ -1,8 +1,8 @@ # # spec file for package libapparmor # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. -# Copyright (c) 2011-2017 Christian Boltz +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2011-2019 Christian Boltz # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed diff --git a/profile_filename_cornercase.diff b/profile_filename_cornercase.diff new file mode 100644 index 0000000..738b216 --- /dev/null +++ b/profile_filename_cornercase.diff @@ -0,0 +1,28 @@ +diff --git a/utils/apparmor/logparser.py b/utils/apparmor/logparser.py +index f0961d93..50e842b2 100644 +--- a/utils/apparmor/logparser.py ++++ b/utils/apparmor/logparser.py +@@ -13,7 +13,6 @@ + # + # ---------------------------------------------------------------------- + import ctypes +-import os + import re + import sys + import time +@@ -449,14 +448,7 @@ class ReadLog: + # Check cache of profiles + if self.active_profiles.filename_from_profile_name(program): + return True +- # Check the disk for profile +- prof_path = self.get_profile_filename(program) +- #print(prof_path) +- if os.path.isfile(prof_path): +- # Add to cache of profile +- raise AppArmorBug('This should never happen, please open a bugreport!') +- # self.active_profiles[program] = prof_path +- # return True ++ + return False + + def get_profile_filename(self, profile):