[apparmor] [PATCH] update man page for recent mount rule additions
Jamie Strandboge
jamie at canonical.com
Wed Apr 11 17:36:44 UTC 2012
On Wed, 2012-04-11 at 12:26 -0500, Jamie Strandboge wrote:
> On Wed, 2012-04-11 at 10:09 -0700, Steve Beattie wrote:
> > On Wed, Apr 11, 2012 at 09:56:58AM -0700, John Johansen wrote:
> > > So for the
> > > >> "When both = and in conditional operators are used the options within
> > > >> each condition type can be combined and split interchangeably."
> > >
> > > is for within a single rule
> > >
> > > that is to say
> > >
> > > mount options=ro options=atime /dev/foo,
> > >
> > > is equivalent to
> > > mount options=(ro, atime) /dev/foo,
> > >
> > > not
> > > mount options=ro /dev/foo,
> > > mount options=atime /dev/foo,
> > >
> > > though now thinking about it, this last interpretation might be better.
> > > It is not to late to change this, so I would like opions
> >
> > For the record, what I was hoping/exoecting the 'in' syntax would
> > accomplish was eliminating the need to write stuff like the latter;
> > i.e. that
> >
> > mount options in (ro, atime) /dev/foo,
> >
> > would be equivalent to
> >
> > mount options=ro /dev/foo,
> > mount options=atime /dev/foo,
> >
> > and not
> >
> > mount options=ro /dev/foo,
> > mount options=rw /dev/foo,
> > mount options=atime /dev/foo,
> > mount options=noatime /dev/foo,
> >
> 'in' does more than that. Ie:
>
> mount options=ro /dev/foo,
> mount options=atime /dev/foo,
>
> Means these match:
> $ mount -o ro /dev/foo ...
> $ mount -o atime /dev/foo ...
>
> But this doesn't:
> $ mount -o ro,atime /dev/foo
>
> We can already do 'mount options=(ro,atime)' which does the above. What
> makes 'in' useful is the combinations it affords:
>
Err, that isn't right.
mount options=(ro,atime)
matches:
$ mount -o ro,atime /dev/foo
This:
mount options=ro mount options=atime /dev/foo,
should match:
$ mount -o ro /dev/foo ...
$ mount -o atime /dev/foo ...
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120411/119e8f10/attachment.pgp>
More information about the AppArmor
mailing list