Re: [apparmor] wildcard syntax
At 11.01.20 12:31 John Johansen told us:
> On 1/10/20 9:38 PM, mailing list wrote:
>> Hi there,
>>
>> does AA understand the ? as a wildcard for single characters?
>> E.g. VirtualBox seems to want creating temporary files like
>>
>> $HOME/#45678361
>> (...)
>
> $HOME is not a valid apparmor path expansion variable. You would use
>
> @{HOME}/# mrw,
>
> The apparmor globbing syntax uses
> * - match zero or more of anything up to but not including the directory / it
> is roughly equivalent to pcre [^/\x00]*
> ** - match zero or more of anything including traversing directory / it is
> roughly equivalent to pcre [^\x00]*
> [] - character class
> [^] - inverted character class
> ? - any single character not including the directory / which is a pcre
> [^/\00]
> {,} - alternation pcre (|)
> \ is used as an escape to encode special characters
>
> # is not a special character.
Thanks.
Actually, man 5 apparmor.d explains the globbing. I just wasn´t sure
about the pound sign.
Thanks
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
Re: [apparmor] wildcard syntax
On 1/10/20 9:38 PM, mailing list wrote:
> Hi there,
>
> does AA understand the ? as a wildcard for single characters?
> E.g. VirtualBox seems to want creating temporary files like
>
> $HOME/#45678361
>
> These temp files always start with hash key symbol which may
> additionally trouble AA rule?
>
> Would the rule
>
> $HOME/# mrw,
>
> cover the syntax of such temp files? What about the hash key.
>
> Do I need to tell AA to see the hash key/pound symbol only as "plain
> symbol"?
>
> Ok, I now tried
> $HOME/# mrw,
> The pound sign seem to be seen just as plain symbol, as desired.
>
$HOME is not a valid apparmor path expansion variable. You would use
@{HOME}/# mrw,
The apparmor globbing syntax uses
* - match zero or more of anything up to but not including the directory / it
is roughly equivalent to pcre [^/\x00]*
** - match zero or more of anything including traversing directory / it is
roughly equivalent to pcre [^\x00]*
[] - character class
[^] - inverted character class
? - any single character not including the directory / which is a pcre [^/\00]
{,} - alternation pcre (|)
\ is used as an escape to encode special characters
# is not a special character.
--
AppArmor mailing list
AppArmor@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/apparmor
[apparmor] wildcard syntax
Hi there, does AA understand the ? as a wildcard for single characters? E.g. VirtualBox seems to want creating temporary files like $HOME/#45678361 These temp files always start with hash key symbol which may additionally trouble AA rule? Would the rule $HOME/# mrw, cover the syntax of such temp files? What about the hash key. Do I need to tell AA to see the hash key/pound symbol only as "plain symbol"? Ok, I now tried $HOME/# mrw, The pound sign seem to be seen just as plain symbol, as desired. Thanks! -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
