[apparmor] Apparmor parser error ... syntax error, unexpected TOK_EQUALS, expecting TOK_MODE

[Robert Munteanu]

Hi,

I'm running apparmor 2.9.1, Kernel 3.16.7-24-default on openSUSE 13.2
x86_64. During my attempts to configure and enable apparmor I hit a
roadblock which I can't get out of. I created a
usr.sbin.httpd2-prefork profile to match the apache installation from
openSUSE. ( see diff at the end, I can find nothing relevant ).

Trying to put the module into enforce mode leads to an error parsing
/etc/apparmor.d/tunables/home:

# aa-enforce usr.sbin.httpd2-prefork
Setting /etc/apparmor.d/usr.sbin.httpd2-prefork to enforce mode.
Traceback (most recent call last):
 File "/usr/sbin/aa-enforce", line 30, in <module>
   tool.cmd_enforce()
 File "/usr/lib/python3.4/site-packages/apparmor/tools.py", line 166,
in cmd_enforce
   raise apparmor.AppArmorException(cmd_info[1])
apparmor.common.AppArmorException: 'AppArmor parser error for
/etc/apparmor.d/usr.sbin.httpd2-prefork in
/etc/apparmor.d/tunables/home at line 16: syntax error, unexpected
TOK_EQUALS, expecting TOK_MODE\n'

The tunables/home file is unchanged.

This looks a lot like
https://bugs.launchpad.net/ubuntu/+source/mysql-5.6/+bug/1487536 , but
I don't have an ubuntu machine to use apport for adding more
information.

How can I debug/fix this issue?

Thanks,

Robert

--- usr.sbin.apache2    2015-09-10 20:07:54.142476005 +0000
+++ usr.sbin.httpd2-prefork     2015-09-21 14:32:25.205495969 +0000
@@ -1,7 +1,8 @@
# Author: Marc Deslauriers <marc.deslauriers at ubuntu.com>
+# copied from usr.sbin.apache2

#include <tunables/global>
-/usr/sbin/apache2 {
+/usr/sbin/httpd2-prefork {

  # This profile is completely permissive.
  # It is designed to target specific applications using mod_apparmor,
@@ -103,7 +104,4 @@
  # package-specific apparmor files.

  #include <apache2.d>
-
-  # Site-specific additions and overrides. See local/README for details.
-  #include <local/usr.sbin.apache2>
}







-- 
http://robert.muntea.nu/