$ sudo aa-complain /etc/apparmor.d/usr.lib.postfix.* Setting /etc/apparmor.d/usr.lib.postfix.anvil to complain mode. Traceback (most recent call last): File "/usr/sbin/aa-complain", line 30, in <module> tool.cmd_complain() File "/usr/lib/python3/dist-packages/apparmor/tools.py", line 171, in cmd_complain apparmor.read_profiles() File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2573, in read_profiles read_profile(profile_dir + '/' + file, True) File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2599, in read_profile profile_data = parse_profile_data(data, file, 0) File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 2853, in parse_profile_data store_list_var(filelist[file]['lvar'], list_var, value, var_operation, file) File "/usr/lib/python3/dist-packages/apparmor/aa.py", line 3277, in store_list_var raise AppArmorException(_('Redefining existing variable %s: %s in %s') % (list_var, value, filename)) apparmor.common.AppArmorException: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor.d/usr.sbin.dnsmasq'
$ sudo grep -R TFTP_DIR /etc/apparmor.d/ /etc/apparmor.d/usr.sbin.dnsmasq:@{TFTP_DIR}=/var/tftp /srv/tftpboot /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/ r, /etc/apparmor.d/usr.sbin.dnsmasq: @{TFTP_DIR}/** r,
Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations.
$ sudo aa-complain /etc/apparmor. d/usr.lib. postfix. * d/usr.lib. postfix. anvil to complain mode. aa-complain" , line 30, in <module> cmd_complain( ) python3/ dist-packages/ apparmor/ tools.py" , line 171, in cmd_complain read_profiles( ) python3/ dist-packages/ apparmor/ aa.py", line 2573, in read_profiles profile( profile_ dir + '/' + file, True) python3/ dist-packages/ apparmor/ aa.py", line 2599, in read_profile data(data, file, 0) python3/ dist-packages/ apparmor/ aa.py", line 2853, in parse_profile_data list_var( filelist[ file][' lvar'], list_var, value, var_operation, file) python3/ dist-packages/ apparmor/ aa.py", line 3277, in store_list_var on(_('Redefinin g existing variable %s: %s in %s') % (list_var, value, filename)) common. AppArmorExcepti on: 'Redefining existing variable @{TFTP_DIR}: /var/tftp /srv/tftpboot in /etc/apparmor. d/usr.sbin. dnsmasq'
Setting /etc/apparmor.
Traceback (most recent call last):
File "/usr/sbin/
tool.
File "/usr/lib/
apparmor.
File "/usr/lib/
read_
File "/usr/lib/
profile_data = parse_profile_
File "/usr/lib/
store_
File "/usr/lib/
raise AppArmorExcepti
apparmor.
$ sudo grep -R TFTP_DIR /etc/apparmor.d/ d/usr.sbin. dnsmasq: @{TFTP_ DIR}=/var/ tftp /srv/tftpboot d/usr.sbin. dnsmasq: @{TFTP_DIR}/ r, d/usr.sbin. dnsmasq: @{TFTP_DIR}/** r,
/etc/apparmor.
/etc/apparmor.
/etc/apparmor.
Looks like the tools are re-parsing everything, but not resetting whatever is storing the variable declarations.