apparmor: Fix passt abstraction
Commitb686afa2
introduced the invalid apparmor rule `mount options=(rw, runbindable) /,` since runbindable mount rules cannot have a source. Therefore running aa-logprof/aa-genprof will trigger errors (see https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2065685) $ sudo aa-logprof ERROR: Operation {'runbindable'} cannot have a source. Source = AARE('/') This patch fixes it to the intended behavior. Link: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2065685 Fixes:b686afa23e
("apparmor: Explicitly pass options we use while remounting root filesystem") Signed-off-by: Maxime Bélair <maxime.belair@canonical.com> Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
6cdc9fd51b
commit
3ff3a8a467
1 changed files with 1 additions and 1 deletions
|
@ -26,7 +26,7 @@
|
||||||
capability sys_ptrace,
|
capability sys_ptrace,
|
||||||
|
|
||||||
/ r, # isolate_prefork(), isolation.c
|
/ r, # isolate_prefork(), isolation.c
|
||||||
mount options=(rw, runbindable) /,
|
mount options=(rw, runbindable) -> /,
|
||||||
mount "" -> "/",
|
mount "" -> "/",
|
||||||
mount "" -> "/tmp/",
|
mount "" -> "/tmp/",
|
||||||
pivot_root "/tmp/" -> "/tmp/",
|
pivot_root "/tmp/" -> "/tmp/",
|
||||||
|
|
Loading…
Reference in a new issue