Comment 0 for bug 654841

Binary package hint: apparmor

# lsb_release -rd
Description: Ubuntu 10.04.1 LTS
Release: 10.04

# apt-cache policy apparmor apparmor-utils
apparmor:
  Installed: 2.5-0ubuntu3
  Candidate: 2.5-0ubuntu3
[...]
apparmor-utils:
  Installed: 2.5-0ubuntu3
  Candidate: 2.5-0ubuntu3

Expected Results:
  Running "/etc/init.d/apparmor status" after stopping apparmor should have a non-zero exit status to indicate that apparmor is not enabled.

Actual Results:
  Running "/etc/init.d/apparmor status" always result in an exit code of 0, even after running "/etc/init.d/apparmor stop".

Looks like this is caused by a simple error in /etc/init.d/apparmor. The status function looks for the existence of /usr/bin/aa-status. However, aa-status is in /usr/sbin, not /usr/bin. So the status function falls back to displaying the contents of /sys/kernel/sercurity/apparmor/profiles and uses the exit status of the cat command as its exit status.

If the init script correctly calls aa-status, the status function has a more useful exit status.