Comment 6 for bug 2065685

@Christian Thank you for pointing this out. After investigation, I found that this bug stems from the following restriction not being implemented consistently in aa-* and apparmor_parser.

 > $ man 2 mount
 >
 > If mountflags includes one of MS_SHARED, MS_PRIVATE, MS_SLAVE, or MS_UNBINDABLE [...] The source, and filesystemtype [...] arguments are ignored.

- In aa-* : source must be empty, or it will trigger an error (cf. this bug).
- In apparmor_parser : source and destination cannot be set simultaneously (leading to the behavior you described). Also setting the source or the destination is equivalent. That means that `mount options=(unbindable) /a,` and `mount options=(unbindable) -> /a,` are equivalent

This bug should be fixed by https://gitlab.com/apparmor/apparmor/-/merge_requests/1236, which aligns the behavior of aa-* to apparmor_parser, since this the latter is more permissive.