Mount rule parsing doesn't match mount rule documentation
Bug #1401619 reported by
Tyler Hicks
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Medium
|
Tyler Hicks |
Bug Description
The mount rule documentation, in the apparmor.d(5) man page, claims that the
way to allow a slave mount is to put the "slave" string in the options=()
conditional. However, the parser looks for the "make-slave" string:
static struct mnt_keyword_table mnt_opts_table[] = {
...
{"make-slave", MS_SLAVE, 0},
...
}
This is the case for other mount options, such as "shared". More investigation
is needed to determine all of the affected mount options.
We should make the parser look for both the existing option strings that it
searches for and the more sane, documented option strings.
Related branches
To post a comment you must log in.
Fix sent to the list:
https:/ /lists. ubuntu. com/archives/ apparmor/ 2014-December/ 006992. html