[apparmor] [PATCH] update man page for recent mount rule additions
Steve Beattie
steve at nxnw.org
Wed Apr 11 16:32:34 UTC 2012
On Wed, Apr 11, 2012 at 11:22:20AM -0500, Jamie Strandboge wrote:
> On Wed, 2012-04-11 at 07:50 -0700, Steve Beattie wrote:
> > On Tue, Apr 10, 2012 at 05:06:59PM -0500, Jamie Strandboge wrote:
>
> > > +=item B<mount options=ro, mount options=atime /dev/foo,>
> >
> > Doesn't the first part need to be 'mount options=ro /dev/foo,' in order
> > for it to allow the mount of only /dev/foo anywhere?
>
> I'd like for John to comment here, but based on the wiki[1], no. Eg:
>
> "When both = and in conditional operators are used the options within
> each condition type can be combined and split interchangeably.
>
> mount options=(ro, acl) options in (nodev, user)"
Right, except your example has two rules, no?
mount options=ro,
mount options=atime /dev/foo,
if it were
mount options=ro options=atime /dev/foo,
then it would do what you want, I think. At least, based on my
understanding of how the rules work.
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120411/6986052a/attachment-0001.pgp>
More information about the AppArmor
mailing list