Hi Robert, I submitted a PR to allow userspace and filesystem-specific mount options to be validated directly by snapd, since apparmor should only ever see kernel mount options. It should support `nofail` and the functionfs mount options as well as options for most other common filesystems.
https://github.com/snapcore/snapd/pull/12712 -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/2012563 Title: unsupported mount options: 'nofail', 'nostrictatime', 'lazytime', and 'nolazytime' Status in apparmor package in Ubuntu: New Bug description: The following mount options are unsupported: 'nofail', 'nostrictatime', 'lazytime', and 'nolazytime'. Other mount options have mappings from options to bitflags in `parser/mount.cc`, and the bitflags themselves are defined in `parser/mount.h`. Should the aforementioned mount options be included as well, or is there a reason why they are excluded? snapd currently assumes that they are supported, resulting in an error from the apparmor parser when a snap is connected with those options. I'd be happy to file a PR to add these mappings if I knew what the new bitflags should be defined as, and if/how they should be used elsewhere. For completeness: 1) This is a question/bug regarding the source code from the 'ubuntu/devel' branch (and presumably other branches), not a particular release. 2) Same as 1). 3) I expected the apparmor parser to recognize the 'nofail', 'nostrictatime', 'laztime', and 'nolazytime' mount options. 4) The apparmor parser threw an error with message "unsupported mount options" (from within `parser/mount.cc`). To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/2012563/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
