Comment 14 for bug 271252

SRU Request to fix bug 271252 and bug 292580

Impact: aa-logprof is completely unusable on intrepid, due to changes with kernel 2.6.27. Also, users of resolvconf will have problems with applications that are protected by apparmor and doing name service lookups.

See https://forgesvn1.novell.com/viewsvn/apparmor?view=rev&revision=1310 for explanation of how the bug 271252 was addressed. Basically, the parser is adjusted for the type field move, and non-matching profile output is no longer sent to stdout. To fix bug 292580, this path was added to abstractions/nameservice:
/etc/resolvconf/run/resolv.conf r,

Attached is a debdiff fixing this bug and bug #292580. The debdiff also adds test cases for the testsuite.

TEST CASE
$ sudo aa-logprof (assuming there are audit messages in /var/log/kern.log)

This will fail as in the reporter's description. Patch fixes the problem, and restores aa-logprof functionality.

The regression potential for the fix for bug #292580 is negligible, as the nameservice abstraction is made more permissive. The regression potential is considered low for #271252, because aa-logprof is totally unusable right now. Running the testsuite showed no regressions with this patch.

Steve, as the person who signed off on the upstream patch, can you comment on the regression potential?