Comment 2 for bug 1576118

Thanks for the report!

I can reproduce it with this (faked) log event:

python3 aa-logprof -d ../profiles/apparmor.d -f <(echo 'Apr 5 19:30:56 precise-amd64 kernel: [153073.826757] type=1400 audit(1308766940.698:3704): apparmor="DENIED" operation="sendmsg" parent=24737 profile="firefox//sanitized_helper" pid=24743 comm="firefox" laddr=192.168.66.150 lport=765 faddr=192.168.66.200 fport=2049 family="netlink" sock_type="raw" protocol=6')

and a test profile based on the firefox profile (saved locally as usr.bin.firefox.apparmor.lp1576118 - but I'd guess any profile including abstractions/ubuntu-helpers can be used to reproduce this bug).

The problem is that the sanitized_helper subprofile is defined in an abstraction, but aa-logprof tries to store your changes in a subprofile of firefox. (By including abstractions/ubuntu-helpers (which contains sanitized_helper), it becomes a child profile of the firefox profile - but aa-logprof doesn't understand this and internally stores the content of include files at a different location.)

Getting this bug fixed will be interesting[tm] because aa-logprof would have to modify the abstraction - but that would also change it for other profiles using sanitized_helper, so we'll need to discuss/decide how to handle this.

For now, please choose "(I)gnore" when aa-logprof asks to add something to the sanitized_helper subprofile to avoid the crash, and edit sanitized_helper manually.