[apparmor] What are "AARE"s, exactly?
TheDiveO at gmx.eu
TheDiveO at gmx.eu
Wed Feb 24 20:07:47 UTC 2021
> It seems the apparmor.d manpage lacks a mention of AARE at one place -
> the place they are explained ;-)
Especially a proper definition, it seems. As it is, today's definition rather looks like cats having a jolly good time with a keyboard, and especially the weird keys.
> That place is the "Globbing" section. Have a look at it, it should help
> to understand the AARE syntax.
Ah, thanks for that pointer! It does help understanding the AARE syntax ... but unfortunately only to _some_ extend. For instance, this does not explain the additional features that seems to be defined, like using variables; but then, the globbing section doesn't cover variables either.
For instance, in the context of specifying a peer using an AARE: does that mean that I could specify a set of matching profile names (task labels), such as "foo*"? or "/usr/bin/*"?
> If you still have questions, feel free to ask - maybe the manpage needs
> more improvements ;-)
...I would suspect so...
Best regards,
Harald
More information about the AppArmor
mailing list