The mount rules have issues with variables
In the syslog I have the following message:
kernel: audit: type=1400 audit(1594561626.900:22289): apparmor="ALLOWED" operation="mount" \
info="failed mntpnt match" error=-13 profile="app" name="/home/morfik/app/" pid=1266543 \
comm="fuseiso" fstype="fuse.fuseiso" srcname="fuseiso" flags="rw, nosuid, nodev"
One would think that the following rule would do the job and make the log message disappear:
mount -> @{HOME}/*/,
But it looks like that it doesn't work.
When I used the regular path instead of the @{HOME}
variable, then it worked:
mount -> /home/*/*/,
So it looks like the mount
rules have issues with interpreting/resolving variables.
AppArmor v.2.13.4-3 (Debian Sid)