[apparmor] [patch] Update change_profile highlighting in apparmor.vim

Seth Arnold seth.arnold at canonical.com
Thu May 26 18:40:48 UTC 2016


On Thu, May 26, 2016 at 12:49:18PM +0200, Christian Boltz wrote:
> Hallo,
> 
> this patch allows several details in change_profile highlighting:
> - audit and deny keywords
> - allow bare change_profile rules
> - allow change_profile rules without '-> ...' part
> - allow usage of the new 'safe' and 'unsafe' keywords
> - ensure the exec condition starts with / or @
> 
> 
> [ apparmor-vim-change_profile.diff ]

Acked-by: Seth Arnold <seth.arnold at canonical.com>

... obviously once the feature lands :)

Thanks

> === modified file 'utils/vim/apparmor.vim.in'
> --- utils/vim/apparmor.vim.in   2014-10-16 21:55:43 +0000
> +++ utils/vim/apparmor.vim.in   2016-05-26 10:30:27 +0000
> @@ -147,9 +147,9 @@
>  
>  
>  " Change Profile
> -" TODO: audit and deny support will be added (JJ, 2011-01-11)
> -syn match   sdEntryChangeProfile    /\v^\s*change_profile\s+-\>\s+\S+@@EOL@@/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
> -
> +syn match   sdEntryChangeProfile    /\v^\s*@@auditdeny@@change_profile\s+(safe\s+[/@]\S+|unsafe\s+[/@]\S+|[/@]\S+)?\s*(-\>\s*\S+)?@@EOL@@/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
> +" bare change_profile rule
> +syn match   sdEntryChangeProfile    /\v^\s*@@auditdeny@@change_profile@@EOL@@/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
>  
>  " rlimit
>  " TODO: audit and deny support will be added (JJ, 2011-01-11)
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20160526/a15d2e13/attachment.pgp>


More information about the AppArmor mailing list