[pkg-apparmor] Bug#972634: apparmor- profile can not define message queue name or directory

[Bossler Daniela]

Package: apparmor
Version: 2.12-4ubuntu5.1

We want to open a posix message queue in a user defined function under mysqld.
Mysqld has a apparmor-profile without any queue access rigths (/dev/mqueue).
We added /dev/mqueue/** rw  to the profile but mysqld can not open any queue with mq_open().
Next we tried to add the queue name to the profil (/sp-example-server w,), but the problem/bug? is that the profile entries must begin with a "/" and the queue names are passed by mq_open to apparmor without the slash. So it's not possible to allow access to the posix-queue.

Is there a workaround?

Richard Wolf GmbH, Pforzheimer Strasse 32, 75438 Knittlingen
Managing Directors: Juergen Pfab, Juergen Steinbeck. Trade Register: Mannheim HRB 510031

Richard Wolf GmbH routinely monitors the content of e-mail sent and received via its network for the purposes of ensuring compliance with its policies and procedures. Richard Wolf GmbH is not responsible for any changes made to the message after it has been sent. Where opinions are expressed, they are not necessarily those of Richard Wolf GmbH. This e-mail and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you are not the intended addressee, or the person responsible for delivering it to them, you may not copy, forward, disclose, or otherwise use it or any part of it in any way. To do so may be unlawful. If you receive this e-mail by mistake, please advise the sender immediately.

Privacy Statement<https://www.richard-wolf.com/en/privacy-statement/>  |  Legal Information<https://www.richard-wolf.com/en/legal-information/>  |  Terms & Conditions<https://www.richard-wolf.com/en/terms-conditions/>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/pkg-apparmor-team/attachments/20201021/df30af5a/attachment.html>