[apparmor] [patch] Fix 'alias' rule description in apparmor.d manpage

Wed Nov 16 18:45:03 UTC 2016

Hello,

The apparmor.d description about alias rules was broken in multiple
ways. The manpage
- didn't include the   alias   keyword
- listed alias rules in the "COMMA RULES" section - while that's correct
  for the comma requirement, it's also wrong because COMMA RULES is
  meant to be inside a profile
- didn't list alias rules in the PREAMBLE section

This patch fixes this.

It also moves the definition of VARIABLE, VARIABLE ASSIGNMENT (both
unchanged) and ALIAS RULE next to PREAMBLE.


I propose this patch for trunk and 2.10.

The patch doesn't apply cleanly on the 2.9 apparmor.d manpage, and
people still using 2.9 probably found out in the meantime how things
work ;-)


[ apparmor.d.pod-alias.diff ]

=== modified file 'parser/apparmor.d.pod'

--- parser/apparmor.d.pod       2016-10-14 18:32:48 +0000
+++ parser/apparmor.d.pod       2016-11-16 18:42:50 +0000
@@ -46,8 +46,14 @@
 
 B<PROFILE FILE> = ( [ I<PREAMBLE> ] [ I<PROFILE> ] )*
 
-B<PREAMBLE> = ( I<COMMENT> | I<VARIABLE ASSIGNMENT> | I<INCLUDE> )*
-  Variable assignment must come before the profile.
+B<PREAMBLE> = ( I<COMMENT> | I<VARIABLE ASSIGNMENT> | I<ALIAS RULE> | I<INCLUDE> )*
+  Variable assignment and alias rules must come before the profile.
+
+B<VARIABLE ASSIGNMENT> = I<VARIABLE> ('=' | '+=') (space separated values)
+
+B<VARIABLE> = '@{' I<ALPHA> [ ( I<ALPHANUMERIC> | '_' ) ... ] '}'
+
+B<ALIAS RULE> = 'alias' I<ABS PATH> '-E<gt>' I<REWRITTEN ABS PATH> ','
 
 B<INCLUDE> = '#include' ( I<ABS PATH> | I<MAGIC PATH> )
 
@@ -80,7 +86,7 @@
 
 B<LINE RULES> = ( I<COMMENT> | I<INCLUDE> ) [ '\r' ] '\n'
 
-B<COMMA RULES> = ( I<CAPABILITY RULE> | I<NETWORK RULE> | I<MOUNT RULE> | I<PIVOT ROOT RULE> | I<UNIX RULE> | I<FILE RULE> | I<LINK RULE> | I<CHANGE_PROFILE RULE> | I<RLIMIT RULE> | I<ALIAS RULE> | I<DBUS RULE> )
+B<COMMA RULES> = ( I<CAPABILITY RULE> | I<NETWORK RULE> | I<MOUNT RULE> | I<PIVOT ROOT RULE> | I<UNIX RULE> | I<FILE RULE> | I<LINK RULE> | I<CHANGE_PROFILE RULE> | I<RLIMIT RULE> | I<DBUS RULE> )
 
 B<BLOCK RULES> = ( I<SUBPROFILE> | I<HAT> | I<QUALIFIER BLOCK> )
 
@@ -267,12 +273,6 @@
 
 B<LINK RULE> = I<QUALIFIERS> [ 'owner' ] 'link' [ 'subset' ] I<FILEGLOB> ( 'to' | '-E<gt>' ) I<FILEGLOB>
 
-B<VARIABLE> = '@{' I<ALPHA> [ ( I<ALPHANUMERIC> | '_' ) ... ] '}'
-
-B<VARIABLE ASSIGNMENT> = I<VARIABLE> ('=' | '+=') (space separated values)
-
-B<ALIAS RULE> = I<ABS PATH> '-E<gt>' I<REWRITTEN ABS PATH>
-
 B<ALPHA> = ('a', 'b', 'c', ... 'z', 'A', 'B', ... 'Z')
 
 B<ALPHANUMERIC> = ('0', '1', '2', ... '9', 'a', 'b', 'c', ... 'z', 'A', 'B', ... 'Z')




Regards,

Christian Boltz
-- 
> I don't really know how nor why, but if a spellchecker is
> enabled on the wiki server, the edit wiki windows do
> colorize the mispelled words and this is very handy.
I have mixed feelings about using a spill chicken...
[> jdd and Peter Flodin in opensuse-wiki]
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161116/03effe05/attachment.pgp>
