From 83977cf7f4c2775f031e05ee413fb358d95fe7d2 Mon Sep 17 00:00:00 2001 From: Christian Boltz Date: Fri, 12 Feb 2016 22:09:16 +0100 Subject: [PATCH] Fix aa-mergeprof crash with files containing multiple profiles If a profile file contains multiple profiles, aa-mergeprof crashes on saving in write_profile() because the second profile in the file is not listed in 'changed'. (This happens only if the second profile didn't change.) This patch first checks if 'changed' contains the profile before pop()ing it. Reproducer: copy utils/test/cleanprof_test.in to your profile directory and run aa-mergeprof utils/test/cleanprof_test.out. Then just press 's' to save the profile. Acked-by: Kshitij Gupta for trunk, 2.10 and 2.9 --- utils/apparmor/aa.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/utils/apparmor/aa.py b/utils/apparmor/aa.py index 39c9a9f8e..ede9e5498 100644 --- a/utils/apparmor/aa.py +++ b/utils/apparmor/aa.py @@ -4070,7 +4070,11 @@ def write_profile(profile): os.rename(newprof.name, prof_filename) - changed.pop(profile) + if profile in changed: + changed.pop(profile) + else: + debug_logger.info("Unchanged profile written: %s (not listed in 'changed' list)" % profile) + original_aa[profile] = deepcopy(aa[profile]) def matchliteral(aa_regexp, literal):