After gathering everyone's opinions[1] on the DBus syntax, John's wider discussion[2] of IPC syntax, and various other conversations, I think we've come to a conclusion on what the DBus syntax should look like. I'll begin adjusting the existing parser patches (along with test cases, documentation, etc.) this week and will get all of the patches posted to the list ASAP.
Here's some examples of what the rules will look like: dbus send path=/org/freedesktop/DBus interface=org.freedesktop.org member=Hello, dbus bind bus=session name=com.foo.service, dbus receive bus=session peer=(label=/usr/bin/client), The 'acquire' keyword will go away in favor of 'bind'. Bind rules will have the following syntax: dbus [bind] [BUS] [NAME], Read/Write rules will have the following syntax: dbus [RW_ACCESS] [BUS] [PATH] [INTERFACE] [MEMBER] [PEER], [PEER] can consist of a connection name or a peer label, enclosed inside of 'peer=()'. [RW_ACCESS] can be r, read, or receive when receiving DBus messages. It can be w, write, or send when sending. It can also be a combination, enclosed in parenthesis and separated by a comma and/or a space. All of this will be more formally documented in the apparmor.d(5) manpage. Let me know if there are any questions before I can finish and post the patch set. Tyler [1] https://lists.ubuntu.com/archives/apparmor/2013-June/003816.html [2] https://lists.ubuntu.com/archives/apparmor/2013-June/003926.html
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
