mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 14:25:52 +00:00
Code Issues Releases Wiki Activity

Initialize hats that don't exist in the /etc/apparmor.d profile yet

Browse Source 
If a hat only exists in the to-be-merged profile, it needs to be
initialized in the /etc/apparmor.d/ profile. This patch does exactly
that to avoid an aa-mergeprof crash.

This bug only exists in the 2.10 branch. Newer branches already got it
"accidently fixed" during merging ask_the_questions() into aa.py and the
ProfileStorage implementation.
This commit is contained in:
Christian Boltz
2018-10-11 21:37:41 +02:00
parent e769a0f21f
commit 0acc6f8c93
1 changed files with 4 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
utils/aa-mergeprof
View File

@@ -288,6 +288,10 @@ class Merge(object):
sev_db.load_variables(get_profile_filename(profile))
for hat in sorted(other.aa[profile].keys()):
if not aa[profile].get(hat):
# hat only exists in the to-be-merged profile, initialize it in 'aa'
aa[profile][hat] = apparmor.aa.profile_storage(profile, hat, 'Merge.ask_the_questions new hat')
#Add the includes from the other profile to the user profile
done = False