Comment 5 for bug 1499109

OK, a few questions about this bug.

Jamie, right now devices can start with "/dev/", "/sys/devices/", or "/sys/class/gpio/". AIUI the proposal is that in all cases the apparmor write path to add is "**" added to that prefix, correct?

For "hw-info" I need the full path to a device. Right now the code uses the apparmor rule to retrieve the full path to devices; is there another place this can be retrieved from?

Additionally the full device path is used to avoid duplicate entries. I can change the code to use the udev rule, but that only uses the device's basename. Is this enough? Or should we eschew the idea of detecting duplicates at this level?