From 13f67d45d0cd4503cb4fd1c81b78a88add86d683 Mon Sep 17 00:00:00 2001
From: Christian Boltz <apparmor@cboltz.de>
Date: Fri, 3 May 2019 22:50:33 +0200
Subject: [PATCH] ask_addhat: print warning only if we have change_hat events

Printing the warning whenever a child profile exists is pointless. It
only makes sense if there are change_hat events inside the child profile.
---
 utils/apparmor/aa.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/utils/apparmor/aa.py b/utils/apparmor/aa.py
index bc7deca22..9e5e5e5db 100644
--- a/utils/apparmor/aa.py
+++ b/utils/apparmor/aa.py
@@ -907,7 +907,7 @@ def ask_addhat(hashlog):
 
     for aamode in hashlog:
         for profile in hashlog[aamode]:
-            if '//' in profile:
+            if '//' in profile and hashlog[aamode][profile]['change_hat'].keys():
                 aaui.UI_Important('Ignoring change_hat event for %s, nested profiles are not supported yet.' % profile)
                 continue