Apparmor denies access to custom tmp_dir on slave

:ghost: Brief Description

We're setting up both master and slave servers. We're overriding the tmpfile location to a volume with more storage. The slave is failing to access that storage because apparmor is not granting proper access to it.

:pancakes: Cookbook version

8.5.2

:woman_cook: Chef-Infra Version

13.12.14

:tophat: Platform details

Ubuntu 16.04 MySQL 5.7

Steps To Reproduce

Set up master and slave servers both overriding tmp_dir:

mysql_service 'companyname' do
...
tmp_dir "/mnt/vol1/tmp"
...
end

Set up slave server for replication

stop slave;
change master to
master_host='$MASTER_HOST',
master_user='repl',
master_password='$MYSQL_REPL_PASSWORD',
master_log_file='$MASTER_LOG_FILE',
master_log_pos=$MASTER_LOG_POS;
start slave;

Check slave status
```
show slave status\G
```
:police_car: Expected behavior:

Slave should be successfully replicating

:bug: Actual behavior:

Replication fails with error:

Last_SQL_Error: Unable to use slave's temporary directory /mnt/vol1/tmp - Can't read dir of '/mnt/vol1/tmp/' (Errcode: 13 - Permission denied)

:heavy_plus_sign: Additional context

The root cause is that apparmor configuration grants permissions to all files in the tmp dir, but not the tmp dir itself. MySQL checks for access to the directory and fails. /etc/apparmor.d/local/mysql/instancename looks like:

/etc/mysql-instancename/*.pem r,
/etc/mysql-instancename/conf.d/ r,
/etc/mysql-instancename/conf.d/* r,
/etc/mysql-instancename/my.cnf r,
/var/log/mysql-instancename/ r,
/var/log/mysql-instancename/* rw,
/var/lib/mysql/ r,
/var/lib/mysql/** rwk,
/run/mysql-instancename/** rw,
/var/run/mysqld/mysqld.pid rw,
/var/run/mysqld/mysqld.sock rw,
/tmp/mysql-instancename/ r,
/tmp/mysql-instancename/my.sql r,
/mnt/vol1/tmp/* rw,

Needs to add a line like

/mnt/vol1/tmp/ rw,

sous-chefs / mysql