From 44ca6942f0b92d778ccf5643f6536f99b0f602cc Mon Sep 17 00:00:00 2001
From: Christian Boltz <apparmor@cboltz.de>
Date: Sun, 18 Nov 2018 20:09:21 +0100
Subject: [PATCH] Fix viewing a local inactive profile in aa-genprof

aa-genprof checks if one of the profiles in the extra profile dir
matches the binary, and proposes to use that profile as a starting
point.

Since 4d722f18397dd35b208548d4c841b955c41ac7ce the "(V)iew profile"
option to display the proposed profile was broken.

The easiest fix is to remember the filename in the extras directory, and
display the file from there.

Sidenote: when choosing to use the extra profile, it gets written to
disk without any problems, so this bug really only affected "(V)iew
profile" to preview the proposed extra profile.

PR: https://gitlab.com/apparmor/apparmor/merge_requests/268
(cherry picked from commit 8b4e76a7d5d87cafb964faa87368dd2b6842f4b8)
Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 utils/apparmor/aa.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/utils/apparmor/aa.py b/utils/apparmor/aa.py
index 904396151..5adf1dd17 100644
--- a/utils/apparmor/aa.py
+++ b/utils/apparmor/aa.py
@@ -518,6 +518,7 @@ def get_profile(prof_name):
     if inactive_profile:
         uname = 'Inactive local profile for %s' % prof_name
         inactive_profile[prof_name][prof_name]['flags'] = 'complain'
+        orig_filename = inactive_profile[prof_name][prof_name]['filename']  # needed for CMD_VIEW_PROFILE
         inactive_profile[prof_name][prof_name]['filename'] = ''
         profile_hash[uname]['username'] = uname
         profile_hash[uname]['profile_type'] = 'INACTIVE_LOCAL'
@@ -559,11 +560,7 @@ def get_profile(prof_name):
         q.selected = options.index(options[arg])
         if ans == 'CMD_VIEW_PROFILE':
             pager = get_pager()
-            proc = subprocess.Popen(pager, stdin=subprocess.PIPE)
-            #    proc.communicate('Profile submitted by %s:\n\n%s\n\n' %
-            #                     (options[arg], p['profile']))
-            proc.communicate(p['profile'].encode())
-            proc.kill()
+            subprocess.call([pager, orig_filename])
         elif ans == 'CMD_USE_PROFILE':
             if p['profile_type'] == 'INACTIVE_LOCAL':
                 profile_data = p['profile_data']