parse_profile_data(): Use BooleanRule

... and save rules at the right place (ProfileList) where they actually
get written when writing the profile.

This is also a bugfix - the previous code saved boolean variables at a
wrong place, and they were silently lost when writing the profile.

Extend cleanprof_test.{in,out} to ensure that this doesn't break again.

Also remove boolean_bad_[2-4] from the test-parser-simple-tests.py
exception_not_raised list because these test profiles now get correctly
detected as invalid.

utils/apparmor/aa.py

@@ -38,7 +38,7 @@ from apparmor.common import (AppArmorException, AppArmorBug, is_skippable_file,
 import apparmor.ui as aaui
 
 from apparmor.regex import (RE_PROFILE_START, RE_PROFILE_END,
-                            RE_PROFILE_BOOLEAN, RE_PROFILE_CONDITIONAL,
+                            RE_PROFILE_CONDITIONAL,
                             RE_PROFILE_CONDITIONAL_VARIABLE, RE_PROFILE_CONDITIONAL_BOOLEAN,
                             RE_PROFILE_CHANGE_HAT,
                             RE_PROFILE_HAT_DEF, RE_PROFILE_MOUNT,
@@ -54,6 +54,7 @@ import apparmor.rules as aarules
 
 from apparmor.rule.abi              import AbiRule
 from apparmor.rule.alias            import AliasRule
+from apparmor.rule.boolean          import BooleanRule
 from apparmor.rule.capability       import CapabilityRule
 from apparmor.rule.change_profile   import ChangeProfileRule
 from apparmor.rule.dbus             import DbusRule
@@ -1903,17 +1904,12 @@ def parse_profile_data(data, file, do_include):
 
             profile_data[profile][hat]['rlimit'].add(RlimitRule.parse(line))
 
-        elif RE_PROFILE_BOOLEAN.search(line):
+        elif BooleanRule.match(line):
-            matches = RE_PROFILE_BOOLEAN.search(line).groups()
-
             if profile and not do_include:
                 raise AppArmorException(_('Syntax Error: Unexpected boolean definition found inside profile in file: %(file)s line: %(line)s') % {
                         'file': file, 'line': lineno + 1 })
-
+            else:
-            bool_var = matches[0]
+                active_profiles.add_boolean(file, BooleanRule.parse(line))
-            value = matches[1]
-
-            profile_data[profile][hat]['lvar'][bool_var] = value
 
         elif VariableRule.match(line):
             if profile and not do_include:

utils/test/cleanprof_test.in

@@ -14,6 +14,10 @@
 
   @{asdf}       =   foo           ""
 
+$foo = false
+
+   $bar    =    true
+
 /usr/bin/a/simple/cleanprof/test/profile {
 	# Just for the heck of it, this comment won't see the day of light
 	#include <abstractions/base>

utils/test/cleanprof_test.out

@@ -8,6 +8,9 @@ include if exists <tunables/nothing>
 @{xy} = x y
 @{asdf} = "" foo
 
+$foo = false
+$bar = true
+
 # A simple test comment which will persist
 
 

utils/test/test-parser-simple-tests.py

@@ -176,9 +176,6 @@ exception_not_raised = [
     'unix/bad_attr_5.sd',
     'unix/bad_opt_5.sd',
     'unix/bad_shutdown_3.sd',
-    'vars/boolean/boolean_bad_2.sd',
-    'vars/boolean/boolean_bad_3.sd',
-    'vars/boolean/boolean_bad_4.sd',
     'vars/vars_bad_3.sd',
     'vars/vars_bad_4.sd',
     'vars/vars_bad_5.sd',