In-Reply-To: <[email protected]> >> The problem occurs in the mnt_rule::gen_policy_re method in parser/mount.cc. >> When handling rules that specify options=(remount, bind), *two* rules are >> added to the policy: one to permit calls with MS_REMOUNT | MS_BIND and >> another that permits all calls to MS_BIND, with all other options masked >> out! The second rule is almost certainly unintentional. The quickest fixes >> would be to add a clause to make the if-statements mutually exclusive again, >> or to convert all of the ifs to a chain of if-elses, if the intention is, in >> fact, for only one of them to ever apply. >> > I need to look into this one more, I'll get back to you
Was this issue ever resolved? -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
