diff --git a/parser/parser_variable.c b/parser/parser_variable.c
index e1f6543f2..ac334dcde 100644
--- a/parser/parser_variable.c
+++ b/parser/parser_variable.c
@@ -254,6 +254,11 @@ static int process_variables_in_entries(struct cod_entry *entry_list)
 		error = expand_entry_variables(&entry->name);
 		if (error)
 			return error;
+		if (entry->link_name) {
+			error = expand_entry_variables(&entry->link_name);
+			if (error)
+				return error;
+		}
 	}
 
 	return 0;
diff --git a/parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd b/parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd
new file mode 100644
index 000000000..e806a2057
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  audit deny link @{var} -> @{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var1_ok_deny_link.sd b/parser/tst/simple_tests/file/var1_ok_deny_link.sd
new file mode 100644
index 000000000..8074a4e77
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_ok_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  deny link @{var} -> @{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var1_ok_link_1.sd b/parser/tst/simple_tests/file/var1_ok_link_1.sd
new file mode 100644
index 000000000..9ea1db037
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_ok_link_1.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  @{var} rl,
+  /gamma/* rwl,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_ok_link_2.sd b/parser/tst/simple_tests/file/var1_ok_link_2.sd
new file mode 100644
index 000000000..fae61f69b
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_ok_link_2.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link @{var} -> @{var},
+  @{var} r,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_ok_link_3.sd b/parser/tst/simple_tests/file/var1_ok_link_3.sd
new file mode 100644
index 000000000..3dccf987b
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_ok_link_3.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link subset @{var} -> @{var},
+  @{var} r,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd b/parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd
new file mode 100644
index 000000000..03f26009c
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  audit deny link @{var} -> /tmp/**,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_src_ok_deny_link.sd b/parser/tst/simple_tests/file/var1_src_ok_deny_link.sd
new file mode 100644
index 000000000..063c6eddd
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_src_ok_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  deny link @{var} -> /tmp/**,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_src_ok_link_1.sd b/parser/tst/simple_tests/file/var1_src_ok_link_1.sd
new file mode 100644
index 000000000..9ea1db037
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_src_ok_link_1.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  @{var} rl,
+  /gamma/* rwl,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_src_ok_link_2.sd b/parser/tst/simple_tests/file/var1_src_ok_link_2.sd
new file mode 100644
index 000000000..d02822c90
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_src_ok_link_2.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link @{var} -> /tmp/**,
+  /tmp/** r,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_src_ok_link_3.sd b/parser/tst/simple_tests/file/var1_src_ok_link_3.sd
new file mode 100644
index 000000000..c48af606a
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_src_ok_link_3.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link subset @{var} -> /tmp/**,
+  /tmp/** r,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_target_ok_audit_deny_link.sd b/parser/tst/simple_tests/file/var1_target_ok_audit_deny_link.sd
new file mode 100644
index 000000000..9c5a08c1e
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_target_ok_audit_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  audit deny link /alpha/beta -> @{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var1_target_ok_deny_link.sd b/parser/tst/simple_tests/file/var1_target_ok_deny_link.sd
new file mode 100644
index 000000000..03c4bb648
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_target_ok_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  deny link /alpha/beta -> @{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var1_target_ok_link_1.sd b/parser/tst/simple_tests/file/var1_target_ok_link_1.sd
new file mode 100644
index 000000000..7841cb342
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_target_ok_link_1.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  /alpha/beta rl,
+  /gamma/* rwl,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_target_ok_link_2.sd b/parser/tst/simple_tests/file/var1_target_ok_link_2.sd
new file mode 100644
index 000000000..219a56ee2
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_target_ok_link_2.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link /alpha/beta -> @{var},
+  @{var} r,
+}
+
diff --git a/parser/tst/simple_tests/file/var1_target_ok_link_3.sd b/parser/tst/simple_tests/file/var1_target_ok_link_3.sd
new file mode 100644
index 000000000..aecf731b8
--- /dev/null
+++ b/parser/tst/simple_tests/file/var1_target_ok_link_3.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link subset /alpha/beta -> @{var},
+  @{var} r,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd b/parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd
new file mode 100644
index 000000000..3f7211bdf
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  audit deny link /foo@{var} -> /foo@{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var2_ok_deny_link.sd b/parser/tst/simple_tests/file/var2_ok_deny_link.sd
new file mode 100644
index 000000000..eed94b94b
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_ok_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  deny link /foo@{var} -> /foo@{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var2_ok_link_1.sd b/parser/tst/simple_tests/file/var2_ok_link_1.sd
new file mode 100644
index 000000000..fe1b2dcf8
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_ok_link_1.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  /foo@{var} rl,
+  /gamma/* rwl,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_ok_link_2.sd b/parser/tst/simple_tests/file/var2_ok_link_2.sd
new file mode 100644
index 000000000..7d496b9c2
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_ok_link_2.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link /foo@{var} -> /foo@{var},
+  /foo@{var} r,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_ok_link_3.sd b/parser/tst/simple_tests/file/var2_ok_link_3.sd
new file mode 100644
index 000000000..026b8aa87
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_ok_link_3.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link subset /foo@{var} -> /foo@{var},
+  /foo@{var} r,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd b/parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd
new file mode 100644
index 000000000..2d880b19c
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  audit deny link /foo@{var} -> /tmp/**,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_src_ok_deny_link.sd b/parser/tst/simple_tests/file/var2_src_ok_deny_link.sd
new file mode 100644
index 000000000..a6c4bace6
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_src_ok_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  deny link /foo@{var} -> /tmp/**,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_src_ok_link_1.sd b/parser/tst/simple_tests/file/var2_src_ok_link_1.sd
new file mode 100644
index 000000000..fe1b2dcf8
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_src_ok_link_1.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  /foo@{var} rl,
+  /gamma/* rwl,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_src_ok_link_2.sd b/parser/tst/simple_tests/file/var2_src_ok_link_2.sd
new file mode 100644
index 000000000..5bc6ef81c
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_src_ok_link_2.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link /foo@{var} -> /tmp/**,
+  /tmp/** r,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_src_ok_link_3.sd b/parser/tst/simple_tests/file/var2_src_ok_link_3.sd
new file mode 100644
index 000000000..0bdd95fc4
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_src_ok_link_3.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link subset /foo@{var} -> /tmp/**,
+  /tmp/** r,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_target_ok_audit_deny_link.sd b/parser/tst/simple_tests/file/var2_target_ok_audit_deny_link.sd
new file mode 100644
index 000000000..675c3e85b
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_target_ok_audit_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  audit deny link /alpha/beta -> /foo@{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var2_target_ok_deny_link.sd b/parser/tst/simple_tests/file/var2_target_ok_deny_link.sd
new file mode 100644
index 000000000..83321243f
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_target_ok_deny_link.sd
@@ -0,0 +1,10 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  deny link /alpha/beta -> /foo@{var},
+}
+
diff --git a/parser/tst/simple_tests/file/var2_target_ok_link_1.sd b/parser/tst/simple_tests/file/var2_target_ok_link_1.sd
new file mode 100644
index 000000000..7841cb342
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_target_ok_link_1.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  /alpha/beta rl,
+  /gamma/* rwl,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_target_ok_link_2.sd b/parser/tst/simple_tests/file/var2_target_ok_link_2.sd
new file mode 100644
index 000000000..5ca93a7d2
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_target_ok_link_2.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link /alpha/beta -> /foo@{var},
+  /foo@{var} r,
+}
+
diff --git a/parser/tst/simple_tests/file/var2_target_ok_link_3.sd b/parser/tst/simple_tests/file/var2_target_ok_link_3.sd
new file mode 100644
index 000000000..db366003f
--- /dev/null
+++ b/parser/tst/simple_tests/file/var2_target_ok_link_3.sd
@@ -0,0 +1,11 @@
+#
+#=DESCRIPTION simple link access test
+#=EXRESULT PASS
+#
+
+@{var}=/test
+profile test {
+  link subset /alpha/beta -> /foo@{var},
+  /foo@{var} r,
+}
+