> So what are the AppArmor guidelines for these merge/separate usr exactly?
If I got Simon's explanation right: use alternations like /{usr/,}bin/xyz for stuff that's typically shipped in /bin or /lib (in order to support merged-/usr), and don't bother about stuff that's typically shipped in /usr already.
> So what are the AppArmor guidelines for these merge/separate usr exactly?
If I got Simon's explanation right: use alternations like /{usr/,}bin/xyz for stuff that's typically shipped in /bin or /lib (in order to support merged-/usr), and don't bother about stuff that's typically shipped in /usr already.