The bitflags for the other mount options are defined in `include/uapi/linux/mount.h` of the Linux source tree, and there is no such definitions for 'nofail', so I don't think adding kernel mappings of this form (e.g. MS_RDONLY) is the solution. These options are supported by 'mount' using userspace option mappings of the form MNT_MS_NOFAIL (see: https://github.com/util-linux/util- linux/blob/master/libmount/src/optmap.c). Perhaps a similar approach could be used by apparmor to validate fs-independent userspace mount options such as nofail?
Note, however, that the 'lazytime' option does have a kernel option mapping: `#define MS_LAZYTIME (1<<25)` (in `include/uapi/linux/mount.h`). There is no option mapping for (1<<25) in `parser/mount.h`. Was this option deliberately excluded, or can it be added? If it can be added, then 'nolazytime' is simply a matter of clearing the 'lazytime' bit. There already exists a mapping for 'strictatime', so it should be simple enough for me to add a mapping for `nostrictatime` which sets 0 and clears MS_STRICTATIME. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2012563 Title: unsupported mount options: 'nofail', 'nostrictatime', 'lazytime', and 'nolazytime' Status in apparmor package in Ubuntu: New Bug description: The following mount options are unsupported: 'nofail', 'nostrictatime', 'lazytime', and 'nolazytime'. Other mount options have mappings from options to bitflags in `parser/mount.cc`, and the bitflags themselves are defined in `parser/mount.h`. Should the aforementioned mount options be included as well, or is there a reason why they are excluded? snapd currently assumes that they are supported, resulting in an error from the apparmor parser when a snap is connected with those options. I'd be happy to file a PR to add these mappings if I knew what the new bitflags should be defined as, and if/how they should be used elsewhere. For completeness: 1) This is a question/bug regarding the source code from the 'ubuntu/devel' branch (and presumably other branches), not a particular release. 2) Same as 1). 3) I expected the apparmor parser to recognize the 'nofail', 'nostrictatime', 'laztime', and 'nolazytime' mount options. 4) The apparmor parser threw an error with message "unsupported mount options" (from within `parser/mount.cc`). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2012563/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
