[apparmor] variables in link rules
Simon Deziel
simon.deziel at gmail.com
Sat Sep 13 00:22:08 UTC 2014
Hi everyone,
I'm playing with a profile and noticed the parser doesn't seem to like
variables on the right hand side of link rules.
Here's an extract of the profile in question:
> @{GITOLITE_HOME}=/home/git
> /home/git/gitolite/src/gitolite-shell {
> ...
> # works:
> link /home/git/repositories/** -> /home/git/repositories/**,
> link @{GITOLITE_HOME}/repositories/** -> /home/git/repositories/**,
> # doesn't work:
> link @{GITOLITE_HOME}/repositories/** -> @{GITOLITE_HOME}/repositories/**,
> link /home/git/repositories/** -> @{GITOLITE_HOME}/repositories/**,
> ...
> }
When the variable is on the right hand side, I get this error:
# apparmor_parser -r -T -W /etc/apparmor.d/gitolite-shell && tail -f
/var/log/syslog
apparmor_parser: Regex grouping error: Invalid number of items between {}
apparmor_parser: Unable to parse input line
'@{GITOLITE_HOME}/repositories/**'
ERROR processing regexs for profile
/home/git/gitolite/src/gitolite-shell, failed to load
*** Error in `apparmor_parser': free(): invalid pointer:
0x00000000006d0720 ***
Aborted
Replacing the "->" by "to" doesn't help:
AppArmor parser error for gitolite-shell in gitolite-shell at line 25:
syntax error, unexpected TOK_ID, expecting TOK_ARROW
Am I missing something to please the parser?
Thanks,
Simon
More information about the AppArmor
mailing list