[apparmor] [patch] Make sure aa-cleanprof de-duplicates capability rules

[Christian Boltz]

Hello,

CleanProf.remove_duplicate_rules() didn't call
  $profile['capability'].delete_duplicates()
because aa-cleanprof sets same_file=True.

Fix this by calling delete_duplicates(None) so that it
only checks the profile against itsself.



[ 43-cleanprof-do-in-profile-run.diff ]

=== modified file 'utils/apparmor/cleanprofile.py'
--- utils/apparmor/cleanprofile.py      2014-12-16 22:13:25 +0000
+++ utils/apparmor/cleanprofile.py      2015-04-11 22:35:00 +0000
@@ -67,6 +67,8 @@
             #Clean the duplicates of caps in other profile
             if not self.same_file:
                 deleted += self.other.aa[program][hat]['capability'].delete_duplicates(self.profile.aa[program][hat]['capability'])
+            else:
+                deleted += self.other.aa[program][hat]['capability'].delete_duplicates(None)
 
             #Clean the duplicates of path in other profile
             deleted += delete_path_duplicates(self.profile.aa[program][hat], self.other.aa[program][hat], 'allow', self.same_file)



Regards,

Christian Boltz
-- 
sigmonster ist gassi...