Support multiline rules
Bug #1795139 reported by
Vincas Dargis
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Confirmed
|
Wishlist
|
Unassigned |
Bug Description
```
$ cat /tmp/test
@{uid}={
[0-9],
[1-9][0-9],
[1-9][0-9][0-9],
[1-9][0-
[1-9][0-
[1-9][0-
[1-9][0-
[1-9][0-
[1-9][0-
[1-4][0-
}
$ /usr/sbin/
@{uid}={
AppArmor parser error for /tmp/test in /tmp/test at line 2: Found unexpected character: '['
```
Multiline rules would increase readability/
Or am I doing something wrong here?
To post a comment you must log in.
Multi-line rule are supported in some places (dbus, signal, etc). However this is dependent on how the rule is parsed.
Variable assignments currently use the newline to indicate the end of the variable. They don't currently parse the variable content, so it is possible to introduce thing like a single opening brace '{' in the variable.
How much we could change this now and remain backwards compatible with the majority of actual policy is unclear atm