[apparmor] [patch] Add RlimitRule and RlimitRuleset classes
Christian Boltz
apparmor at cboltz.de
Fri Jun 5 13:25:32 UTC 2015
Hello,
Am Donnerstag, 4. Juni 2015 schrieb Steve Beattie:
> On Fri, Jun 05, 2015 at 01:31:27AM +0200, Christian Boltz wrote:
...
> > I just tested a bit - the whitespace around the arrow is optional,
> > and the parser accepts "set rlimit nice<=0,". So the final of the
> > regex would be:
> >
> > +RE_PROFILE_RLIMIT =
> > re.compile('^\s*set\s+rlimit\s+(?P<rlimit>[a-z]+)\s*<=\s*(?P<value>
> > [^ ]+)' + RE_COMMA_EOL)>
> >
> > So should I change the patch to use the updated regex, or do you
> > want a separate patch for that?
>
> Changing the patch is fine, to the last regex. (I hadn't realized that
> the whitespace around <= was entirely optional.)
I just noticed that this change would break aa.py - it still uses
numbered matches, so I'll commit the regex with ...(<=)... instead of
...<=... to avoid breakage.
Oh, and I'll send a patch to switch aa.py to RlimitRule{,set} in a
minute ;-) (This patch will also change ...(<=)... to ...<=...)
Regards,
Christian Boltz
--
[wMware/VirtualBox] It's even better with KVM, all inside the kernel :-)
at least now we can have new kind of war, emacs versus vim start to be
outdated :D [Bruno Friedmann in opensuse-factory]
More information about the AppArmor
mailing list