[apparmor] [patch] Fix 'alias' rule description in apparmor.d manpage

Wed Nov 16 19:26:33 UTC 2016

On Wed, Nov 16, 2016 at 07:45:03PM +0100, Christian Boltz wrote:
> Hello,
> 
> The apparmor.d description about alias rules was broken in multiple
> ways. The manpage
> - didn't include the   alias   keyword
> - listed alias rules in the "COMMA RULES" section - while that's correct
>   for the comma requirement, it's also wrong because COMMA RULES is
>   meant to be inside a profile
> - didn't list alias rules in the PREAMBLE section
> 
> This patch fixes this.
> 
> It also moves the definition of VARIABLE, VARIABLE ASSIGNMENT (both
> unchanged) and ALIAS RULE next to PREAMBLE.
> 
> 
> I propose this patch for trunk and 2.10.

Acked for both,
Acked-by: Seth Arnold <seth.arnold at canonical.com>

Thanks

> 
> The patch doesn't apply cleanly on the 2.9 apparmor.d manpage, and
> people still using 2.9 probably found out in the meantime how things
> work ;-)
> 
> 
> [ apparmor.d.pod-alias.diff ]
> 
> === modified file 'parser/apparmor.d.pod'
> --- parser/apparmor.d.pod       2016-10-14 18:32:48 +0000
> +++ parser/apparmor.d.pod       2016-11-16 18:42:50 +0000
> @@ -46,8 +46,14 @@
>  
>  B<PROFILE FILE> = ( [ I<PREAMBLE> ] [ I<PROFILE> ] )*
>  
> -B<PREAMBLE> = ( I<COMMENT> | I<VARIABLE ASSIGNMENT> | I<INCLUDE> )*
> -  Variable assignment must come before the profile.
> +B<PREAMBLE> = ( I<COMMENT> | I<VARIABLE ASSIGNMENT> | I<ALIAS RULE> | I<INCLUDE> )*
> +  Variable assignment and alias rules must come before the profile.
> +
> +B<VARIABLE ASSIGNMENT> = I<VARIABLE> ('=' | '+=') (space separated values)
> +
> +B<VARIABLE> = '@{' I<ALPHA> [ ( I<ALPHANUMERIC> | '_' ) ... ] '}'
> +
> +B<ALIAS RULE> = 'alias' I<ABS PATH> '-E<gt>' I<REWRITTEN ABS PATH> ','
>  
>  B<INCLUDE> = '#include' ( I<ABS PATH> | I<MAGIC PATH> )
>  
> @@ -80,7 +86,7 @@
>  
>  B<LINE RULES> = ( I<COMMENT> | I<INCLUDE> ) [ '\r' ] '\n'
>  
> -B<COMMA RULES> = ( I<CAPABILITY RULE> | I<NETWORK RULE> | I<MOUNT RULE> | I<PIVOT ROOT RULE> | I<UNIX RULE> | I<FILE RULE> | I<LINK RULE> | I<CHANGE_PROFILE RULE> | I<RLIMIT RULE> | I<ALIAS RULE> | I<DBUS RULE> )
> +B<COMMA RULES> = ( I<CAPABILITY RULE> | I<NETWORK RULE> | I<MOUNT RULE> | I<PIVOT ROOT RULE> | I<UNIX RULE> | I<FILE RULE> | I<LINK RULE> | I<CHANGE_PROFILE RULE> | I<RLIMIT RULE> | I<DBUS RULE> )
>  
>  B<BLOCK RULES> = ( I<SUBPROFILE> | I<HAT> | I<QUALIFIER BLOCK> )
>  
> @@ -267,12 +273,6 @@
>  
>  B<LINK RULE> = I<QUALIFIERS> [ 'owner' ] 'link' [ 'subset' ] I<FILEGLOB> ( 'to' | '-E<gt>' ) I<FILEGLOB>
>  
> -B<VARIABLE> = '@{' I<ALPHA> [ ( I<ALPHANUMERIC> | '_' ) ... ] '}'
> -
> -B<VARIABLE ASSIGNMENT> = I<VARIABLE> ('=' | '+=') (space separated values)
> -
> -B<ALIAS RULE> = I<ABS PATH> '-E<gt>' I<REWRITTEN ABS PATH>
> -
>  B<ALPHA> = ('a', 'b', 'c', ... 'z', 'A', 'B', ... 'Z')
>  
>  B<ALPHANUMERIC> = ('0', '1', '2', ... '9', 'a', 'b', 'c', ... 'z', 'A', 'B', ... 'Z')
> 
> 
> 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20161116/9872eba0/attachment.pgp>