On Tue, Apr 15, 2014 at 10:22:26AM -0700, john.johan...@canonical.com wrote: > The match > {VARIABLE_NAME}/{WS}*={WS}*\( > > is too broad causing mount and dbus rules to fail for sets of values eg. > > mount options=(ro bind) > > Instead of doing a broad match, for now lets lock it down to just > peer=(...) being the only cond that can cause entry into CONDLISTID > > Signed-off-by: John Johansen <john.johan...@canonical.com>
Acked-by: Seth Arnold <seth.arn...@canonical.com> Thanks > --- > parser/parser_lex.l | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > --- 2.9-test.orig/parser/parser_lex.l > +++ 2.9-test/parser/parser_lex.l > @@ -295,7 +295,7 @@ > } > > <INITIAL,MOUNT_MODE,DBUS_MODE,SIGNAL_MODE>{ > - {VARIABLE_NAME}/{WS}*={WS}*\( { > + peer/{WS}*={WS}*\( { > /* we match to the = in the lexer so that we can switch scanner > * state. By the time the parser see the = it may be too late > * as bison may have requested the next token from the scanner > > > -- > AppArmor mailing list > AppArmor@lists.ubuntu.com > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/apparmor >
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor