Thanks!
On Thu, 23 Jun 2011 20:22:16 +0100
Jamie Nguyen <ja...@tomoyolinux.co.uk> wrote:
> Horvath Andras wrote:
> > If i see it correctly, when i try to give recursive read access to a
> > directory (for example /tmp/test/), then i have to use 2 lines of
> > rules:
> >
> > allow_read /tmp/test/\*
> > allow_read /tmp/test/\{\*\}/\*
> >
> > ..because the "\{\*\}" recursive dir wildcard means at least 1 or
> > more directories, right?
>
> Correct.
>
>
> > So isn't there a 1 line solution for the recursive read access?
> > Like a recursive wildcard where it means zero or more repetition?
>
> The short answer is no. Both must be specified in order to allow a
> domain to read all files within a directory and subdirectories.
>
> However, you could also consider putting this in exception policy:
>
> path_group TMP_TEST /tmp/test/\*
> path_group TMP_TEST /tmp/test/\{\*\}/\*
>
> And then you would be able to put just a single line in domain policy:
>
> allow_read @TMP_TEST
>
> If you are using 2.2, then see here:
> http://tomoyo.sourceforge.jp/2.2/policy-reference.html.en#exception_policy_path_group
>
> If you are using 2.3, then see here:
> http://tomoyo.sourceforge.jp/2.3/policy-specification/exception-policy-syntax.html.en#path_group
>
> Kind regards,
> Jamie
>
> _______________________________________________
> tomoyo-dev-en mailing list
> tomoyo-dev-en@lists.sourceforge.jp
> http://lists.sourceforge.jp/mailman/listinfo/tomoyo-dev-en
_______________________________________________
tomoyo-dev-en mailing list
tomoyo-dev-en@lists.sourceforge.jp
http://lists.sourceforge.jp/mailman/listinfo/tomoyo-dev-en
