link source -> target doesn't work as I expect
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
apparmor (Ubuntu) |
New
|
Undecided
|
Unassigned |
Bug Description
The following lines in my profile didn't allow a link operation to work as I expected:
link subset @{PROJECTS}/** -> @{PROJECTS}
link subset @{PROJECTS}/** -> @{PROJECTS}/** ,
link @{PROJECTS}/** -> @{PROJECTS}/** ,
All three of these rules (tried one at a time) lead to the following DENIED messages:
type=AVC msg=audit(
type=SYSCALL msg=audit(
Linux hunt 4.4.0-57-generic #78-Ubuntu SMP Fri Dec 9 23:50:32 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
#include <tunables/global>
@{PROJECTS}
profile rust /home/sarnold/
#include <abstractions/base>
#include <abstractions/
/dev/tty rw,
@{HOME}/.cargo/ rw,
@{HOME}
@{HOME}/.cargo/** rw,
@{HOME}
link subset @{HOME}/.cargo/** -> @{HOME}/.cargo/** ,
@{HOME}/.rustup/ r,
@{HOME}
@{HOME}
@{HOME}
/tmp/
/tmp/
@{PROJECTS}/**/ rw,
@{PROJECTS}/** rwmix,
link subset @{PROJECTS}/** -> @{PROJECTS}
@{HOME}
/usr/bin/hg Cx,
profile /usr/bin/hg {
#include <abstractions/base>
/usr/bin/hg rmix,
/usr/
/usr/
/usr/
/etc/
/etc/
/etc/
/etc/
}
/usr/bin/gcc-5 Cx,
profile /usr/bin/gcc-5 {
#include <abstractions/base>
/usr/bin/gcc-5 rmix,
/usr/lib/gcc/** rmix,
/usr/
/tmp/
/tmp/????????.c rw,
/tmp/????????.o rw,
/tmp/
/tmp/
@{PROJECTS}/**/ rw,
@{PROJECTS}/** rw,
@{HOME}
}
}
ProblemType: Bug
DistroRelease: Ubuntu 16.04
Package: apparmor 2.10.95-0ubuntu2.5
ProcVersionSign
Uname: Linux 4.4.0-57-generic x86_64
NonfreeKernelMo
ApportVersion: 2.20.1-0ubuntu2.5
Architecture: amd64
CurrentDesktop: Unity
Date: Wed Feb 8 00:20:46 2017
InstallationDate: Installed on 2012-10-18 (1574 days ago)
InstallationMedia: Ubuntu 12.04.1 LTS "Precise Pangolin" - Release amd64 (20120823.1)
KernLog:
Feb 7 21:32:35 hunt NetworkManager[
Feb 7 21:32:35 hunt NetworkManager[
ProcKernelCmdline: BOOT_IMAGE=
SourcePackage: apparmor
Syslog:
UpgradeStatus: Upgraded to xenial on 2016-04-30 (284 days ago)
modified.
mtime.conffile.