@Christian Thank you for pointing this out. After investigation, I found that this bug stems from the following restriction not being implemented consistently in aa-* and apparmor_parser.
> $ man 2 mount > > If mountflags includes one of MS_SHARED, MS_PRIVATE, MS_SLAVE, or > MS_UNBINDABLE [...] The source, and filesystemtype [...] arguments are > ignored. - In aa-* : source must be empty, or it will trigger an error (cf. this bug). - In apparmor_parser : source and destination cannot be set simultaneously (leading to the behavior you described). Also setting the source or the destination is equivalent. That means that `mount options=(unbindable) /a,` and `mount options=(unbindable) -> /a,` are equivalent This bug should be fixed by https://gitlab.com/apparmor/apparmor/-/merge_requests/1236, which aligns the behavior of aa-* to apparmor_parser, since this the latter is more permissive. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2065685 Title: aa-logprof fails with 'runbindable' error To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2065685/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs