Accepting request 662541 from home:cboltz

- add profile_filename_cornercase.diff: drop check that lets aa-logprof
  error out in a corner-case (log event for a non-existing profile while
  a profile file with the default filename for that non-existing profile
  exists) (boo#1120472)

OBS-URL: https://build.opensuse.org/request/show/662541
OBS-URL: https://build.opensuse.org/package/show/security:apparmor/apparmor?expand=0&rev=227

apparmor.changes

@@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Wed Jan  2 19:11:16 UTC 2019 - Christian Boltz <suse-beta@cboltz.de>
+
+- add profile_filename_cornercase.diff: drop check that lets aa-logprof
+  error out in a corner-case (log event for a non-existing profile while
+  a profile file with the default filename for that non-existing profile
+  exists) (boo#1120472)
+
 -------------------------------------------------------------------
 Fri Dec 21 13:41:32 UTC 2018 - mt@suse.de
 

apparmor.spec

@@ -1,8 +1,8 @@
 #
 # spec file for package apparmor
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
-# Copyright (c) 2011-2018 Christian Boltz
+# Copyright (c) 2011-2019 Christian Boltz
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -65,6 +65,10 @@ Patch7:         apparmor-lessopen-profile.patch
 # fate#325872 netconfig: write resolv.conf to /run with link to /etc - submitted upstream 2018-12-22 https://gitlab.com/apparmor/apparmor/merge_requests/294
 Patch8:         apparmor-nameservice-resolv-conf-link.patch
 
+# drop check that lets aa-logprof error out in a corner-case (log event for a non-existing profile while a profile file with the default filename for that non-existing profile exists) - boo#1120472
+# submitted upstream 2019-01-02 - https://gitlab.com/apparmor/apparmor/merge_requests/296 (master + 2.13) and https://gitlab.com/apparmor/apparmor/merge_requests/297 (2.12)
+Patch9:         profile_filename_cornercase.diff
+
 PreReq:         sed
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 %define apparmor_bin_prefix /lib/apparmor
@@ -353,6 +357,7 @@ SubDomain.
 %patch5 -p1
 %patch7
 %patch8 -p1
+%patch9 -p1
 
 %build
 export SUSE_ASNEEDED=0

libapparmor.spec

@@ -1,8 +1,8 @@
 #
 # spec file for package libapparmor
 #
-# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
-# Copyright (c) 2011-2017 Christian Boltz
+# Copyright (c) 2011-2019 Christian Boltz
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed

profile_filename_cornercase.diff

@@ -0,0 +1,28 @@
+diff --git a/utils/apparmor/logparser.py b/utils/apparmor/logparser.py
+index f0961d93..50e842b2 100644
+--- a/utils/apparmor/logparser.py
++++ b/utils/apparmor/logparser.py
+@@ -13,7 +13,6 @@
+ #
+ # ----------------------------------------------------------------------
+ import ctypes
+-import os
+ import re
+ import sys
+ import time
+@@ -449,14 +448,7 @@ class ReadLog:
+         # Check cache of profiles
+         if self.active_profiles.filename_from_profile_name(program):
+             return True
+-        # Check the disk for profile
+-        prof_path = self.get_profile_filename(program)
+-        #print(prof_path)
+-        if os.path.isfile(prof_path):
+-            # Add to cache of profile
+-            raise AppArmorBug('This should never happen, please open a bugreport!')
+-            # self.active_profiles[program] = prof_path
+-            # return True
++
+         return False
+ 
+     def get_profile_filename(self, profile):