On Tue, Apr 15, 2014 at 10:22:26AM -0700, john.johan...@canonical.com wrote:
> The match
> {VARIABLE_NAME}/{WS}*={WS}*\(
>
> is too broad causing mount and dbus rules to fail for sets of values eg.
>
> mount options=(ro bind)
>
> Instead of doing a broad match, for now lets lock it down to just
> peer=(...) being the only cond that can cause entry into CONDLISTID
>
> Signed-off-by: John Johansen <john.johan...@canonical.com>
Acked-by: Seth Arnold <seth.arn...@canonical.com>
Thanks
> ---
> parser/parser_lex.l | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> --- 2.9-test.orig/parser/parser_lex.l
> +++ 2.9-test/parser/parser_lex.l
> @@ -295,7 +295,7 @@
> }
>
> <INITIAL,MOUNT_MODE,DBUS_MODE,SIGNAL_MODE>{
> - {VARIABLE_NAME}/{WS}*={WS}*\( {
> + peer/{WS}*={WS}*\( {
> /* we match to the = in the lexer so that we can switch scanner
> * state. By the time the parser see the = it may be too late
> * as bison may have requested the next token from the scanner
>
>
> --
> AppArmor mailing list
> AppArmor@lists.ubuntu.com
> Modify settings or unsubscribe at:
> https://lists.ubuntu.com/mailman/listinfo/apparmor
>
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
