Comment 5 for bug 1045081

The apparmor userspace does not currently properly support grand children profiles and sibling transitions
  px is a namespace relative transition
  cx is a child transition

  a sibling transition can be currently be done manually by providing the fully quallified profile path, for the bug example that would require being reworked as

  /tmp/foo {
      /tmp/bar Cx -> bar, # works

      profile bar {
          /tmp/baz Px -> /tmp/foo//baz, # does not work
      }
      profile baz {
      }
  }

this example failed because Px -> baz was trying to transition to a sibling of /tmp/foo (namespace relative) not a sibling of profile bar. Changing the Px to use /tmp/foo//baz clarifies that baz is a child of /tmp/foo

The compiler should be warning when transitions to non-existent profiles are used.

Marking this a wish list bug because it is going to require extension to support siblings transitions, grand children, and interprofile analysis none of which are currently supported. Note: the language has been speced to support these but the user space tools do not yet.

The failure to log the failed transition is covered by Bug #1045074