aa-logprof attempts to read program binary instead of profile
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Trusty |
Fix Released
|
Medium
|
Marc Deslauriers |
Bug Description
[impact]
This bug makes it difficult for trusty users to use the apparmor policy
utilities.
[steps to reproduce]
See below
[regression potential]
This issue is being addressed by updating the python utilities to the
version in apparmor 2.9.2 as tracked in bug 1449769. This represents are
large change which would normally be risky; however, these changes are
isolated to the python utils (so no changes to the policy parser/loader
or enforcement), there are a large number of bugs that exist in the
trusty version that make using the tools difficult, so it would be
difficult to regress further, and the updated version includes many new
unit tests to try to prevent from regressions from occurring.
[additional info]
The python utils testsuite is run as part of the test-apparmor.py test
script in lp:qa-regression-testing. The test-apparmor.py also has
additional basic usage tests to ensure that basic functionality is
maintained. These tests are run as part of the process fro each kernel
update.
[original description]
$ aa-logprof -f aadenylog
Reading log entries from aadenylog.
Updating AppArmor profiles in /etc/apparmor.d.
reading /usr/lib/
Traceback (most recent call last):
File "/usr/sbin/
apparmor.
File "/usr/lib/
handle_
File "/usr/lib/
sev_
File "/usr/lib/
for line in f_in:
File "/usr/lib/
return next(self.reader)
File "/usr/lib/
line = self.readline()
File "/usr/lib/
data = self.read(readsize, firstline=True)
File "/usr/lib/
newchars, decodedbytes = self.decode(data, self.errors)
UnicodeDecodeError: 'utf-8' codec can't decode byte 0xab in position 25: invalid start byte
The 'reading' output line is debug output added by me, printing prof_path just before line 180 (which is also why the line numbers may not match exactly). My assumption is that it is supposed to be reading '/etc/apparmor.
Related branches
Changed in apparmor (Ubuntu): | |
status: | Fix Committed → Fix Released |
Changed in apparmor (Ubuntu Trusty): | |
status: | New → Triaged |
importance: | Undecided → Medium |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
tags: | added: aa-tools |
description: | updated |
[19:11:34] <cboltz> MattJ: just a guess - line 1236 of aa.py should probably contain "aa[profile] [profile] " instead of just "profile" load_variables( get_profile_ filename( exec_target) ) seems to work
[19:11:57] <cboltz> (please test with a print command - I'm not exactly sure about the internal structure of aa[])
[19:33:32] <MattJ> sev_db.