aa-genprof should display a clear error message instead of a stack trace if it doesn't have write permissions to the profile directory
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| AppArmor |
New
|
Undecided
|
Unassigned | ||
| apparmor (Ubuntu) |
Confirmed
|
Wishlist
|
Unassigned | ||
Bug Description
When attempting to run aa-genprof, I received the following stack trace:
user@user-
Writing updated profile for /home/user/
Traceback (most recent call last):
File "/usr/sbin/
apparmor.
File "/usr/lib/
write_
File "/usr/lib/
write_
File "/usr/lib/
newprof = tempfile.
File "/usr/lib/
(fd, name) = _mkstemp_inner(dir, prefix, suffix, flags)
File "/usr/lib/
fd = _os.open(file, flags, 0o600)
PermissionError: [Errno 13] Permission denied: '/etc/apparmor.
Practically, this was caused by accidentally not running aa-genprof as root. But it would be much more useful for a user if AppArmor instead displayed a helpful error message, like: "Unable to create file in profile directory(%s). Try running aa-genprof as root." % profile_dir
| tags: | added: aa-tools |
| Launchpad Janitor (janitor) wrote | #1 |
| Changed in apparmor (Ubuntu): | |
| status: | New → Confirmed |
| Changed in apparmor (Ubuntu): | |
| importance: | Undecided → Wishlist |
Status changed to 'Confirmed' because the bug affects multiple users.