mirror of
				https://passt.top/passt
				synced 2025-10-26 00:59:13 +02:00 
			
		
		
		
	apparmor: Add mount rule with explicit, empty source in passt abstraction
For the policy to work as expected across either AppArmor commit
9d3f8c6cc05d ("parser: fix parsing of source as mount point for
propagation type flags") and commit 300889c3a4b7 ("parser: fix option
flag processing for single conditional rules"), we need one mount
rule with matching mount options as "source" (that is, without
source), and one without mount options and an explicit, empty source.
Link: https://github.com/containers/buildah/issues/5440
Link: https://bugzilla.suse.com/show_bug.cgi?id=1221840
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
	
	
This commit is contained in:
		
					parent
					
						
							
								bbea2752f6
							
						
					
				
			
			
				commit
				
					
						dc7b7f28b7
					
				
			
		
					 1 changed files with 1 additions and 0 deletions
				
			
		|  | @ -27,6 +27,7 @@ | ||||||
| 
 | 
 | ||||||
|   /					r,	# isolate_prefork(), isolation.c |   /					r,	# isolate_prefork(), isolation.c | ||||||
|   mount options=(rw, runbindable) /, |   mount options=(rw, runbindable) /, | ||||||
|  |   mount		""	-> "/", | ||||||
|   mount		""	-> "/tmp/", |   mount		""	-> "/tmp/", | ||||||
|   pivot_root	"/tmp/" -> "/tmp/", |   pivot_root	"/tmp/" -> "/tmp/", | ||||||
|   umount	"/", |   umount	"/", | ||||||
|  |  | ||||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue
	
	 Stefano Brivio
				Stefano Brivio