From 168258fd49fd519f3c9dc13a82599b98b3f9b7c1f7d69b1403f0fb47f7fe4c4b Mon Sep 17 00:00:00 2001
From: Martin Pluskal <mpluskal@suse.com>
Date: Mon, 20 Mar 2017 07:58:11 +0000
Subject: [PATCH] Accepting request 481189 from home:cboltz:branches:editors

- Update apparmor.vim (taken from AppArmor 2.11)
  * add support for the "kcm" and "qipcrtr" network keywords
  * update change_profile rule highlighting

Please forward this change to Factory and ideally also to Leap.

OBS-URL: https://build.opensuse.org/request/show/481189
OBS-URL: https://build.opensuse.org/package/show/editors/vim?expand=0&rev=425
---
 apparmor.vim | 10 +++++-----
 vim.changes  |  7 +++++++
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/apparmor.vim b/apparmor.vim
index 4b7bf59..498ef7d 100644
--- a/apparmor.vim
+++ b/apparmor.vim
@@ -142,17 +142,17 @@ syn match  sdCapDanger /\v^\s*(audit\s+)?(deny\s+|allow\s+)?capability\s*,(\s*$|
 " Network line
 " Syntax: network domain (inet, ...) type (stream, ...) protocol (tcp, ...)
 " TODO: 'owner' isn't supported, but will be (JJ, 2011-01-11)
-syn match  sdNetwork         /\v^\s*(audit\s+)?(deny\s+|allow\s+)?network(\s+(unspec|unix|inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|netlink|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|ib|mpls|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc|vsock))?(\s+(stream|dgram|seqpacket|rdm|packet))?(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match  sdNetwork         /\v^\s*(audit\s+)?(deny\s+|allow\s+)?network(\s+(unspec|unix|inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|netlink|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|ib|mpls|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc|vsock|kcm|qipcrtr))?(\s+(stream|dgram|seqpacket|rdm|packet))?(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 " network rules containing 'raw'
-syn match  sdNetworkDanger         /\v^\s*(audit\s+)?(deny\s+|allow\s+)?network(\s+(unspec|unix|inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|netlink|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|ib|mpls|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc|vsock))?(\s+(raw))(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match  sdNetworkDanger         /\v^\s*(audit\s+)?(deny\s+|allow\s+)?network(\s+(unspec|unix|inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|netlink|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|ib|mpls|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc|vsock|kcm|qipcrtr))?(\s+(raw))(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 " 'all networking' includes raw -> mark as dangerous
 syn match  sdNetworkDanger         /\v^\s*(audit\s+)?(deny\s+|allow\s+)?network\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 
 
 " Change Profile
-" TODO: audit and deny support will be added (JJ, 2011-01-11)
-syn match   sdEntryChangeProfile    /\v^\s*change_profile\s+-\>\s+\S+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
-
+syn match   sdEntryChangeProfile    /\v^\s*(audit\s+)?(deny\s+|allow\s+)?change_profile\s+(safe\s+[/@]\S+|unsafe\s+[/@]\S+|[/@]\S+)?\s*(-\>\s*\S+)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+" bare change_profile rule
+syn match   sdEntryChangeProfile    /\v^\s*(audit\s+)?(deny\s+|allow\s+)?change_profile\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 
 " rlimit
 " TODO: audit and deny support will be added (JJ, 2011-01-11)
diff --git a/vim.changes b/vim.changes
index 80e9cf9..77719c9 100644
--- a/vim.changes
+++ b/vim.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Sun Mar 19 20:55:16 UTC 2017 - suse-beta@cboltz.de
+
+- Update apparmor.vim (taken from AppArmor 2.11)
+  * add support for the "kcm" and "qipcrtr" network keywords
+  * update change_profile rule highlighting
+
 -------------------------------------------------------------------
 Sat Mar 11 10:55:35 CET 2017 - kukuk@suse.de