aa-status crashes with parenthesis in profile names

Bug #2024660 reported by doc-1
This bug affects 1 person
Affects Status Importance Assigned to Milestone

Bug Description

Running aa-status gives:

apparmor module is loaded.
Traceback (most recent call last):
  File "/usr/sbin/aa-status", line 261, in <module>
  File "/usr/sbin/aa-status", line 59, in cmd_verbose
    profiles = get_profiles()
  File "/usr/sbin/aa-status", line 152, in get_profiles
    profiles[match.group(1)] = match.group(2)
AttributeError: 'NoneType' object has no attribute 'group'

An unexpected error occoured!

For details, see /tmp/apparmor-bugreport-l0qxf37t.txt
Please consider reporting a bug at https://bugs.launchpad.net/apparmor/
and attach this file.


    cat /sys/kernel/security/apparmor/profiles > /tmp/aa_broken_profiles


nscd (complain)
virt-aa-helper (enforce)
libreoffice (in /usr/lib/libreoffice/program/**) (enforce)
libvirtd (enforce)
libvirtd//qemu_bridge_helper (enforce)
/usr/bin/{autokey,autokey-gtk,autokey-run,autokey-shell} (enforce)
mdnsd (complain)

The problem is, in aa-status the regex ^([^\(]+)\s+\((\w+)\)$ doesn't match `libreoffice (in /usr/lib/libreoffice/program/**) (enforce)`
I tried it at:

An earlier bug report that led me here:

Revision history for this message
John Johansen (jjohansen) wrote :

can you please attach information about your distro, which release, and which version of apparmor

  uname -a


  apparmor_parser -V

should provide that information

Revision history for this message
doc-1 (speedgamer1) wrote :

Ubuntu 20.04 LTS

~ uname -a
Linux NN 5.15.0-75-generic #82~20.04.1-Ubuntu SMP Wed Jun 7 19:37:37 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

~ apparmor_parser -V
AppArmor parser version 2.13.3
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2018 Canonical Ltd.

Revision history for this message
Georgia Garcia (georgiag) wrote (last edit ):

This issue was fixed upstream in https://gitlab.com/apparmor/apparmor/-/merge_requests/415, it needs to be backported to the apparmor package in focal.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.