/var/run/resolvconf/resolv.conf:
The Nameservice abstraction configuration file
(/etc/apparmor.d/abstractions/nameservice) permits reads access to
(amongst other paths) /etc/resolv.conf.
However, on systems using resolvconf, this is a symbolic link to
/etc/resolvconf/run/resolv.conf -- where /etc/resolvconf/run itself
is a symlink to /var/run/resolvconf.
tunables/proc and modifies all users of /proc to use the variable instead.
I also converted some uses of /proc/*/ to /proc/[0-9]*/ to be a
little more restrictive, as well as removing some references to proc
files that are already covered by abstractions/base (the removals in
abstractions/bash seem justified as all uses of abstractions/bash are
immediately preceded by abstractions/base).
make the final install layout match the layout in the repository (at
long last :) -- now we can use a single 'make check' target to check the
profiles in the repository against both apparmor_parser and logprof.
