[apparmor] [PATCH 09/10] update apparmor.d man page to file rule pattern
John Johansen
john.johansen at canonical.com
Fri Mar 20 12:02:33 UTC 2015
Update the file rule pattern to show it is possible to specify a bare
file rule. Eg.
file,
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
parser/apparmor.d.pod | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/parser/apparmor.d.pod b/parser/apparmor.d.pod
index 1cfbe72..03537ae 100644
--- a/parser/apparmor.d.pod
+++ b/parser/apparmor.d.pod
@@ -195,9 +195,9 @@ B<UNIX ATTR COND> 'attr' '=' ( I<AARE> | '(' '"' I<AARE> '"' | I<AARE> ')' )
B<UNIX OPT COND> 'opt' '=' ( I<AARE> | '(' '"' I<AARE> '"' | I<AARE> ')' )
-B<FILE RULE> = I<FILE QUALIFIERS> ( ( '"' I<FILEGLOB> '"' | I<FILEGLOB> ) I<ACCESS> | [I<ACCESS> ( '"' I<FILEGLOB> '"' | I<FILEGLOB> ) ) [ -E<gt> <EXEC TARGET> ] ','
+B<FILE RULE> = I<FILE QUALIFIERS> [ [ 'file' ] ( ( '"' I<FILEGLOB> '"' | I<FILEGLOB> ) I<ACCESS> | [I<ACCESS> ( '"' I<FILEGLOB> '"' | I<FILEGLOB> ) ) [ -E<gt> <EXEC TARGET> ] ] ','
-B<FILE QUALIFIERS> = [ I<QUALIFIERS> ] [ 'owner' ] [ 'file' ]
+B<FILE QUALIFIERS> = [ I<QUALIFIERS> ] [ 'owner' ]
B<FILEGLOB> = (must start with '/' (after variable expansion), B<AARE> have special meanings; see below. May include I<VARIABLE>. Rules with embedded spaces or tabs must be quoted. Rules must end with '/' to apply to directories.)
--
2.1.4
More information about the AppArmor
mailing list