Comment 7 for bug 331534

The patch looks good. I uploaded it to hardy-proposed also uploaded a patched package for Intrepid using the patch I used in Jaunty.

IMPACT: aa-genprof cannot be used to generate new profiles when profiles are in force-complain mode (hardy and intrepid) or disabled (intrepid)

DEV RELEASE: it is fixed in the Jaunty with the attached patch

TEST CASE (hardy):
1. ln -s /etc/apparmor.d/usr.sbin.cupsd /etc/apparmor.d/force-complain
2. sudo aa-genprof /usr/bin/yes

TEST CASE (intrepid):
1. ln -s /etc/apparmor.d/usr.sbin.cupsd /etc/apparmor.d/force-complain
2. sudo aa-genprof /usr/bin/yes
3. rm -f /etc/apparmor.d/force-complain/usr.sbin.cupsd
4. /etc/apparmor.d/usr.sbin.cupsd /etc/apparmor.d/disable
5. sudo aa-genprof /usr/bin/yes

REGRESSION POTENTIAL: considered to be low due to a very minimal patch to ignore more directories in /etc/apparmor.d. The patched file is used by all the apparmor helper functions, but a regression should not cause a problem with apparmor protections or profile manipulation via apparmor_parser.