On Wed, 2012-04-11 at 09:32 -0700, Steve Beattie wrote: > On Wed, Apr 11, 2012 at 11:22:20AM -0500, Jamie Strandboge wrote: > > On Wed, 2012-04-11 at 07:50 -0700, Steve Beattie wrote: > > > On Tue, Apr 10, 2012 at 05:06:59PM -0500, Jamie Strandboge wrote: > > > > > > +=item B<mount options=ro, mount options=atime /dev/foo,> > > > > > > Doesn't the first part need to be 'mount options=ro /dev/foo,' in order > > > for it to allow the mount of only /dev/foo anywhere? > > > > I'd like for John to comment here, but based on the wiki[1], no. Eg: > > > > "When both = and in conditional operators are used the options within > > each condition type can be combined and split interchangeably. > > > > mount options=(ro, acl) options in (nodev, user)" > > Right, except your example has two rules, no? > > mount options=ro, > mount options=atime /dev/foo, > > if it were > > mount options=ro options=atime /dev/foo, > > then it would do what you want, I think. At least, based on my > understanding of how the rules work.
Oh! I didn't see the (unintended) comma. I removed it from the man page and committed it. Nice catch. -- Jamie Strandboge | http://www.canonical.com
signature.asc
Description: This is a digitally signed message part
-- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
