AppArmor

aa-status crashes with parenthesis in profile names

Bug #2024660 reported by doc-1 on 2023-06-22

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	AppArmor	New	Undecided	Unassigned

Bug Description

Running aa-status gives:

apparmor module is loaded.
Traceback (most recent call last):
  File "/usr/sbin/aa-status", line 261, in <module>
    commands[cmd]()
  File "/usr/sbin/aa-status", line 59, in cmd_verbose
    profiles = get_profiles()
  File "/usr/sbin/aa-status", line 152, in get_profiles
    profiles[match.group(1)] = match.group(2)
AttributeError: 'NoneType' object has no attribute 'group'

An unexpected error occoured!

For details, see /tmp/apparmor-bugreport-l0qxf37t.txt
Please consider reporting a bug at https://bugs.launchpad.net/apparmor/
and attach this file.

Runing

cat /sys/kernel/security/apparmor/profiles > /tmp/aa_broken_profiles

gives

...
nscd (complain)
virt-aa-helper (enforce)
libreoffice (in /usr/lib/libreoffice/program/**) (enforce)
libvirtd (enforce)
libvirtd//qemu_bridge_helper (enforce)
/usr/bin/{autokey,autokey-gtk,autokey-run,autokey-shell} (enforce)
mdnsd (complain)
...

The problem is, in aa-status the regex ^([^$]+)\s+\((\w+)$$ doesn't match `libreoffice (in /usr/lib/libreoffice/program/**) (enforce)`
I tried it at:
https://regex101.com/

An earlier bug report that led me here:
https://bugs.launchpad.net/apparmor/+bug/1691761

Revision history for this message

John Johansen (jjohansen) wrote on 2023-06-22:

can you please attach information about your distro, which release, and which version of apparmor

uname -a

and

apparmor_parser -V

should provide that information

Revision history for this message

doc-1 (speedgamer1) wrote on 2023-06-23:

Ubuntu 20.04 LTS

~ uname -a
Linux NN 5.15.0-75-generic #82~20.04.1-Ubuntu SMP Wed Jun 7 19:37:37 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux

~ apparmor_parser -V
AppArmor parser version 2.13.3
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2018 Canonical Ltd.

Revision history for this message

Georgia Garcia (georgiag) wrote on 2023-06-28 (last edit on 2023-06-28):

This issue was fixed upstream in https://gitlab.com/apparmor/apparmor/-/merge_requests/415, it needs to be backported to the apparmor package in focal.

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.