[prev in list] [next in list] [prev in thread] [next in thread]
List: apparmor-dev
Subject: Re: [apparmor] Combining Variables and Whitespace in AppArmor
From: "sepero111 () gmx ! com" <sepero111 () gmx ! com>
Date: 2014-06-27 8:32:21
Message-ID: 53AD2C15.2050605 () gmx ! com
[Download RAW message or body]
Apologies for the late reply, John. Also, thanks for the tips. I must have made
a syntax error somewhere, because now it seems to be working fine as you
suggested, like so:
owner "@{HOME}/my dir/" r,
Though, I don't know why the backslash version doesn't work:
@{HOME}/my\ dir/
I will just use the quoted version for my use. I'm on Ubuntu 14.04.
$ apparmor_parser -V
AppArmor parser version 2.8.95
Copyright (C) 1999-2008 Novell Inc.
Copyright 2009-2012 Canonical Ltd.
On 06/25/2014 03:11 PM, John Johansen wrote:
> On 06/24/2014 07:14 AM, sepero111@gmx.com wrote:
>> I can't seem to get apparmor to accept combinations of variables and whitespace. Examples
>>
> which version of the apparmor_parser?
> apparmor_parser -V
>
>
>> owner "@{HOME}/my dir/" r,
> this should work, however there is a BIG caveat here with a bug in variable expansion.
> IF the expansion of the variable has a trailing / and the post to the variable starts with a
> / (the situation here), then it results in a // that doesn't seem to be properly eliminated
> in some parsers.
> ie. if
> @{HOME}=/home/
> your rule would expand to
> "/home//my dir" r,
> and the // is not getting eliminated, or at least that is the case with the parser I just
> tested. This should work, I'm looking into it
>
> The workaround would be to just use
> "@{HOME}my dir/" r,
>
>> owner @{HOME}"/my dir/" r,
> this won't work
>
>> owner @{HOME}/my\ dir/ r,
> hrmm this should work as well, except it seems to be throwing an error for me. I'll have to
> dig into the bug
>
>
>> Is there a way to make it work, or must I use the primitive version? owner "/home/*/my dir/"
>>
>>
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic