parser: fix parsing of source as mount point for propagation type flags (!1048) · Merge requests · AppArmor / apparmor

Georgia Garcia requested to merge georgiag/apparmor:fix-lp2023025 into master Jun 07, 2023

Before 300889c3, mount rules would compile policy when using source as mount point for rules that contain propagation type flags, such as unbindable, runbindable, private, rprivate, slave, rslave, shared, and rshared. Even though it compiled, the rule generated would not work as expected.

This commit fixes both issues. It allows the usage of source as mount point for the specified flags, albeit with a deprecation warning, and it correctly generates the mount rule.

The policy fails to load when both source and mount point are specified, keeping the original behavior (reference parser/tst/simple_tests/mount/bad_opt_10.sd for example).

Fixes: https://bugs.launchpad.net/bugs/1648245 Fixes: https://bugs.launchpad.net/bugs/2023025

It should be backported to versions 2.13, 3.0, 3.1.

parser: fix parsing of source as mount point for propagation type flags

Merge request reports