Re: [apparmor] [PATCH 05/14] Fix: variable expansion for link target

Tyler Hicks Thu, 04 Jun 2015 07:18:16 -0700

On 2015-06-04 03:56:34, John Johansen wrote:
> link rules with a variable in the link target, eg.
>    link /foo -> @{var},
> 
> do not currently have the variable expanded
> 
> Signed-off-by: John Johansen <[email protected]>


Acked-by: Tyler Hicks <[email protected]>

> ---
>  parser/parser_variable.c                                      |  5 +++++
>  parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd       | 10 ++++++++++
>  parser/tst/simple_tests/file/var1_ok_deny_link.sd             | 10 ++++++++++
>  parser/tst/simple_tests/file/var1_ok_link_1.sd                | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var1_ok_link_2.sd                | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var1_ok_link_3.sd                | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd   | 10 ++++++++++
>  parser/tst/simple_tests/file/var1_src_ok_deny_link.sd         | 10 ++++++++++
>  parser/tst/simple_tests/file/var1_src_ok_link_1.sd            | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var1_src_ok_link_2.sd            | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var1_src_ok_link_3.sd            | 11 
> +++++++++++
>  .../tst/simple_tests/file/var1_target_ok_audit_deny_link.sd   | 10 ++++++++++
>  parser/tst/simple_tests/file/var1_target_ok_deny_link.sd      | 10 ++++++++++
>  parser/tst/simple_tests/file/var1_target_ok_link_1.sd         | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var1_target_ok_link_2.sd         | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var1_target_ok_link_3.sd         | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd       | 10 ++++++++++
>  parser/tst/simple_tests/file/var2_ok_deny_link.sd             | 10 ++++++++++
>  parser/tst/simple_tests/file/var2_ok_link_1.sd                | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_ok_link_2.sd                | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_ok_link_3.sd                | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd   | 10 ++++++++++
>  parser/tst/simple_tests/file/var2_src_ok_deny_link.sd         | 10 ++++++++++
>  parser/tst/simple_tests/file/var2_src_ok_link_1.sd            | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_src_ok_link_2.sd            | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_src_ok_link_3.sd            | 11 
> +++++++++++
>  .../tst/simple_tests/file/var2_target_ok_audit_deny_link.sd   | 10 ++++++++++
>  parser/tst/simple_tests/file/var2_target_ok_deny_link.sd      | 10 ++++++++++
>  parser/tst/simple_tests/file/var2_target_ok_link_1.sd         | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_target_ok_link_2.sd         | 11 
> +++++++++++
>  parser/tst/simple_tests/file/var2_target_ok_link_3.sd         | 11 
> +++++++++++
>  31 files changed, 323 insertions(+)
>  create mode 100644 parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_ok_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_ok_link_1.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_ok_link_2.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_ok_link_3.sd
>  create mode 100644 
> parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_src_ok_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_src_ok_link_1.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_src_ok_link_2.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_src_ok_link_3.sd
>  create mode 100644 
> parser/tst/simple_tests/file/var1_target_ok_audit_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_target_ok_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_target_ok_link_1.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_target_ok_link_2.sd
>  create mode 100644 parser/tst/simple_tests/file/var1_target_ok_link_3.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_ok_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_ok_link_1.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_ok_link_2.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_ok_link_3.sd
>  create mode 100644 
> parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_src_ok_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_src_ok_link_1.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_src_ok_link_2.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_src_ok_link_3.sd
>  create mode 100644 
> parser/tst/simple_tests/file/var2_target_ok_audit_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_target_ok_deny_link.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_target_ok_link_1.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_target_ok_link_2.sd
>  create mode 100644 parser/tst/simple_tests/file/var2_target_ok_link_3.sd
> 
> diff --git a/parser/parser_variable.c b/parser/parser_variable.c
> index e1f6543..ac334dc 100644
> --- a/parser/parser_variable.c
> +++ b/parser/parser_variable.c
> @@ -254,6 +254,11 @@ static int process_variables_in_entries(struct cod_entry 
> *entry_list)
>               error = expand_entry_variables(&entry->name);
>               if (error)
>                       return error;
> +             if (entry->link_name) {
> +                     error = expand_entry_variables(&entry->link_name);
> +                     if (error)
> +                             return error;
> +             }
>       }
>  
>       return 0;
> diff --git a/parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd 
> b/parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd
> new file mode 100644
> index 0000000..e806a20
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_ok_audit_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  audit deny link @{var} -> @{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_ok_deny_link.sd 
> b/parser/tst/simple_tests/file/var1_ok_deny_link.sd
> new file mode 100644
> index 0000000..8074a4e
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_ok_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  deny link @{var} -> @{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_ok_link_1.sd 
> b/parser/tst/simple_tests/file/var1_ok_link_1.sd
> new file mode 100644
> index 0000000..9ea1db0
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_ok_link_1.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  @{var} rl,
> +  /gamma/* rwl,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_ok_link_2.sd 
> b/parser/tst/simple_tests/file/var1_ok_link_2.sd
> new file mode 100644
> index 0000000..fae61f6
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_ok_link_2.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link @{var} -> @{var},
> +  @{var} r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_ok_link_3.sd 
> b/parser/tst/simple_tests/file/var1_ok_link_3.sd
> new file mode 100644
> index 0000000..3dccf98
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_ok_link_3.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link subset @{var} -> @{var},
> +  @{var} r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd 
> b/parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd
> new file mode 100644
> index 0000000..03f2600
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_src_ok_audit_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  audit deny link @{var} -> /tmp/**,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_src_ok_deny_link.sd 
> b/parser/tst/simple_tests/file/var1_src_ok_deny_link.sd
> new file mode 100644
> index 0000000..063c6ed
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_src_ok_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  deny link @{var} -> /tmp/**,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_src_ok_link_1.sd 
> b/parser/tst/simple_tests/file/var1_src_ok_link_1.sd
> new file mode 100644
> index 0000000..9ea1db0
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_src_ok_link_1.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  @{var} rl,
> +  /gamma/* rwl,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_src_ok_link_2.sd 
> b/parser/tst/simple_tests/file/var1_src_ok_link_2.sd
> new file mode 100644
> index 0000000..d02822c
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_src_ok_link_2.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link @{var} -> /tmp/**,
> +  /tmp/** r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_src_ok_link_3.sd 
> b/parser/tst/simple_tests/file/var1_src_ok_link_3.sd
> new file mode 100644
> index 0000000..c48af60
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_src_ok_link_3.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link subset @{var} -> /tmp/**,
> +  /tmp/** r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_target_ok_audit_deny_link.sd 
> b/parser/tst/simple_tests/file/var1_target_ok_audit_deny_link.sd
> new file mode 100644
> index 0000000..9c5a08c
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_target_ok_audit_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  audit deny link /alpha/beta -> @{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_target_ok_deny_link.sd 
> b/parser/tst/simple_tests/file/var1_target_ok_deny_link.sd
> new file mode 100644
> index 0000000..03c4bb6
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_target_ok_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  deny link /alpha/beta -> @{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_target_ok_link_1.sd 
> b/parser/tst/simple_tests/file/var1_target_ok_link_1.sd
> new file mode 100644
> index 0000000..7841cb3
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_target_ok_link_1.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  /alpha/beta rl,
> +  /gamma/* rwl,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_target_ok_link_2.sd 
> b/parser/tst/simple_tests/file/var1_target_ok_link_2.sd
> new file mode 100644
> index 0000000..219a56e
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_target_ok_link_2.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link /alpha/beta -> @{var},
> +  @{var} r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var1_target_ok_link_3.sd 
> b/parser/tst/simple_tests/file/var1_target_ok_link_3.sd
> new file mode 100644
> index 0000000..aecf731
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var1_target_ok_link_3.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link subset /alpha/beta -> @{var},
> +  @{var} r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd 
> b/parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd
> new file mode 100644
> index 0000000..3f7211b
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_ok_audit_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  audit deny link /foo@{var} -> /foo@{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_ok_deny_link.sd 
> b/parser/tst/simple_tests/file/var2_ok_deny_link.sd
> new file mode 100644
> index 0000000..eed94b9
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_ok_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  deny link /foo@{var} -> /foo@{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_ok_link_1.sd 
> b/parser/tst/simple_tests/file/var2_ok_link_1.sd
> new file mode 100644
> index 0000000..fe1b2dc
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_ok_link_1.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  /foo@{var} rl,
> +  /gamma/* rwl,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_ok_link_2.sd 
> b/parser/tst/simple_tests/file/var2_ok_link_2.sd
> new file mode 100644
> index 0000000..7d496b9
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_ok_link_2.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link /foo@{var} -> /foo@{var},
> +  /foo@{var} r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_ok_link_3.sd 
> b/parser/tst/simple_tests/file/var2_ok_link_3.sd
> new file mode 100644
> index 0000000..026b8aa
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_ok_link_3.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link subset /foo@{var} -> /foo@{var},
> +  /foo@{var} r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd 
> b/parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd
> new file mode 100644
> index 0000000..2d880b1
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_src_ok_audit_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  audit deny link /foo@{var} -> /tmp/**,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_src_ok_deny_link.sd 
> b/parser/tst/simple_tests/file/var2_src_ok_deny_link.sd
> new file mode 100644
> index 0000000..a6c4bac
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_src_ok_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  deny link /foo@{var} -> /tmp/**,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_src_ok_link_1.sd 
> b/parser/tst/simple_tests/file/var2_src_ok_link_1.sd
> new file mode 100644
> index 0000000..fe1b2dc
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_src_ok_link_1.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  /foo@{var} rl,
> +  /gamma/* rwl,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_src_ok_link_2.sd 
> b/parser/tst/simple_tests/file/var2_src_ok_link_2.sd
> new file mode 100644
> index 0000000..5bc6ef8
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_src_ok_link_2.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link /foo@{var} -> /tmp/**,
> +  /tmp/** r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_src_ok_link_3.sd 
> b/parser/tst/simple_tests/file/var2_src_ok_link_3.sd
> new file mode 100644
> index 0000000..0bdd95f
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_src_ok_link_3.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link subset /foo@{var} -> /tmp/**,
> +  /tmp/** r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_target_ok_audit_deny_link.sd 
> b/parser/tst/simple_tests/file/var2_target_ok_audit_deny_link.sd
> new file mode 100644
> index 0000000..675c3e8
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_target_ok_audit_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  audit deny link /alpha/beta -> /foo@{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_target_ok_deny_link.sd 
> b/parser/tst/simple_tests/file/var2_target_ok_deny_link.sd
> new file mode 100644
> index 0000000..8332124
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_target_ok_deny_link.sd
> @@ -0,0 +1,10 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  deny link /alpha/beta -> /foo@{var},
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_target_ok_link_1.sd 
> b/parser/tst/simple_tests/file/var2_target_ok_link_1.sd
> new file mode 100644
> index 0000000..7841cb3
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_target_ok_link_1.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  /alpha/beta rl,
> +  /gamma/* rwl,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_target_ok_link_2.sd 
> b/parser/tst/simple_tests/file/var2_target_ok_link_2.sd
> new file mode 100644
> index 0000000..5ca93a7
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_target_ok_link_2.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link /alpha/beta -> /foo@{var},
> +  /foo@{var} r,
> +}
> +
> diff --git a/parser/tst/simple_tests/file/var2_target_ok_link_3.sd 
> b/parser/tst/simple_tests/file/var2_target_ok_link_3.sd
> new file mode 100644
> index 0000000..db36600
> --- /dev/null
> +++ b/parser/tst/simple_tests/file/var2_target_ok_link_3.sd
> @@ -0,0 +1,11 @@
> +#
> +#=DESCRIPTION simple link access test
> +#=EXRESULT PASS
> +#
> +
> +@{var}=/test
> +profile test {
> +  link subset /alpha/beta -> /foo@{var},
> +  /foo@{var} r,
> +}
> +
> -- 
> 2.1.4
> 
> 
> -- 
> AppArmor mailing list
> [email protected]
> Modify settings or unsubscribe at: 
> https://lists.ubuntu.com/mailman/listinfo/apparmor

signature.asc
Description: Digital signature

-- 
AppArmor mailing list
[email protected]
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/apparmor

Re: [apparmor] [PATCH 05/14] Fix: variable expansion for link target

Reply via email to