Merge Avoid aa-notify crash on log events without operation=

Some STATUS log events trigger a crash in aa-notify because the log
line doesn't have operation=. Examples are:

    type=AVC msg=audit(1630913351.586:4): apparmor="STATUS" info="AppArmor Filesystem Enabled" pid=1 comm="swapper/0"

    type=AVC msg=audit(1630913352.610:6): apparmor="STATUS" info="AppArmor sha1 policy hashing enabled" pid=1 comm="swapper/0"

Fix this by not looking at log events without operation=

Also add one of the example events as libapparmor testcase.

Fixes: https://gitlab.com/apparmor/apparmor/-/issues/194
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/797
Acked-by: John Johansen <john.johansen@canonical.com>
(cherry picked from commit c37586cd11)
Signed-off-by: John Johansen <john.johansen@canonical.com>

libraries/libapparmor/testsuite/test_multi/status-filesystem-enabled.in

@@ -0,0 +1 @@
+audit.log:type=AVC msg=audit(1630913351.586:4): apparmor="STATUS" info="AppArmor Filesystem Enabled" pid=1 comm="swapper/0"

libraries/libapparmor/testsuite/test_multi/status-filesystem-enabled.out

@@ -0,0 +1,3 @@
+START
+File: status-filesystem-enabled.in
+Event type: AA_RECORD_INVALID

utils/aa-notify

@@ -324,7 +324,7 @@ def parse_logdata(logsource):
             event = LibAppArmor.parse_record(entry)
             # Only show actual events of contained programs and ignore among
             # others AppArmor profile reloads
-            if event.operation[0:8] != 'profile_':
+            if event.operation and event.operation[0:8] != 'profile_':
                 yield event