aa-remove-unknown: abort on parser failure (!836) · Merge requests · AppArmor / apparmor

Christian Boltz requested to merge cboltz/apparmor:cboltz-remove-unknown-failsafe into master Feb 11, 2022

If apparmor_parser -N (in profiles_names_list()) fails, aa-remove-unknown possibly gets an incomplete list of profiles in /etc/apparmor.d/ and therefore might remove more profiles than it should.

Replace the profiles_names_list() call with a direct apparmor_parser call, and abort aa-remove-unknown if it exits with $? != 0

Before:

aa-remove-unknown -n
AppArmor parser error for /etc/apparmor.d/broken in profile /etc/apparmor.d/broken at line 1: syntax error, unexpected TOK_ID, expecting TOK_OPEN
Would remove 'delete_me'

After:

./aa-remove-unknown -n
AppArmor parser error for /etc/apparmor.d in profile /etc/apparmor.d/zbroken at line 1: syntax error, unexpected TOK_ID, expecting TOK_OPEN
apparmor_parser exited with failure, aborting.

And of course, after fixing the broken profile:

./aa-remove-unknown -n
Would remove 'delete_me'

Also drop the now-unused profiles_names_list() from rc.apparmor.functions - the only user was aa-remove-unknown.

aa-remove-unknown: abort on parser failure

Merge request reports