Thanks Daniel for explanation, I have added those to my draft AppArmor additions.
While running maximum mariadb-test-run in https://autopkgtest.ubuntu.com/results/autopkgtest-resolute-mysql-ubuntu-mariadb/resolute/amd64/m/mariadb/20260313_135410_5de3e@/log.gz I also saw these and working on having them allowed: 3223s The servers were restarted 2297 times 3223s Spent 8146.408 of 1763 seconds executing testcases 3223s Completed: Failed 164/7164 tests, 97.71% were successful. $ zcat 20260313_135410_5de3e.log.gz | grep -F 'profile="mariadbd"' | cut -d ' ' -f 11,12,13,14,16- | sort | uniq > operation="exec" class="file" profile="mariadbd" > name="/usr/bin/x86_64-linux-gnu-addr2line" comm="mariadbd" requested_mask="x" > denied_mask="x" fsuid=1000 ouid=0 > target="mariadbd//null-/usr/bin/x86_64-linux-gnu > -addr2line" > operation="file_mmap" class="file" profile="mariadbd" name="/" > comm="mariadbd" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 > operation="file_mmap" class="file" profile="mariadbd" > name="/usr/bin/x86_64-linux-gnu-addr2line" comm="addr2line" > requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 > operation="file_mmap" class="file" profile="mariadbd" > name="/usr/bin/x86_64-linux-gnu-addr2line" comm="addr2line" > requested_mask="rm" denied_mask="rm" fsuid=1000 ouid=0 > operation="file_perm" class="file" profile="mariadbd" name="/etc/gss/mech.d/" > comm="mariadbd" requested_mask="r" denied_mask="r" fsuid=985 ouid=0 > operation="file_perm" class="file" profile="mariadbd" > name="/etc/odbcinst.ini" comm="one_connection" requested_mask="r" > denied_mask="r" fsuid=1000 ouid=0 > operation="file_perm" class="file" profile="mariadbd" > name="/home/ubuntu/.odbc.ini" comm="one_connection" requested_mask="r" > denied_mask="r" fsuid=1000 ouid=1000 > operation="file_perm" class="file" profile="mariadbd" > name="/proc/243561/mounts" comm="one_connection" requested_mask="r" > denied_mask="r" fsuid=1000 ouid=1000 > operation="file_perm" class="file" profile="mariadbd" > name="/var/cache/cracklib/cracklib_dict.hwm" comm="one_connection" > requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 > operation="file_perm" class="file" profile="mariadbd" > name="/var/cache/cracklib/cracklib_dict.pwi" comm="one_connection" > requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 > operation="mknod" class="file" profile="mariadbd" > name="/home/ubuntu/.odbc.ini" comm="one_connection" requested_mask="c" > denied_mask="c" fsuid=1000 ouid=1000 > operation="open" class="file" profile="mariadbd" name="/etc/gss/mech.d/" > comm="mariadbd" requested_mask="r" denied_mask="r" fsuid=985 ouid=0 > operation="open" class="file" profile="mariadbd" name="/etc/odbc.ini" > comm="one_connection" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 > operation="open" class="file" profile="mariadbd" name="/etc/odbcinst.ini" > comm="one_connection" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 > operation="open" class="file" profile="mariadbd" > name="/home/ubuntu/.odbc.ini" comm="one_connection" requested_mask="ac" > denied_mask="ac" fsuid=1000 ouid=1000 > operation="open" class="file" profile="mariadbd" > name="/home/ubuntu/.odbc.ini" comm="one_connection" requested_mask="r" > denied_mask="r" fsuid=1000 ouid=1000 > operation="open" class="file" profile="mariadbd" name="/proc/243561/mounts" > comm="one_connection" requested_mask="r" denied_mask="r" fsuid=1000 ouid=1000 > operation="open" class="file" profile="mariadbd" > name="/var/cache/cracklib/cracklib_dict.hwm" comm="one_connection" > requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 > operation="open" class="file" profile="mariadbd" > name="/var/cache/cracklib/cracklib_dict.pwd" comm="one_connection" > requested_mask="r" denied_mask="r" fsuid=1000 ouid=0 > operation="open" class="file" profile="mariadbd" > name="/var/cache/cracklib/cracklib_dict.pwi" comm="one_connection" > requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
