From e6e294fb171f8415ac5bded486af0b195c589ddb1c32bbc9e404c2055cc187c2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ismail=20D=C3=B6nmez?= <ismail@i10z.com>
Date: Mon, 26 Aug 2013 07:23:48 +0000
Subject: [PATCH] Accepting request 196286 from home:cboltz:branches:editors

- update apparmor.vim (taken from AppArmor 2.8.2)
  * add network vsock

OBS-URL: https://build.opensuse.org/request/show/196286
OBS-URL: https://build.opensuse.org/package/show/editors/vim?expand=0&rev=156
---
 apparmor.vim | 8 ++++----
 vim.changes  | 6 ++++++
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/apparmor.vim b/apparmor.vim
index 06eddaa..4570866 100644
--- a/apparmor.vim
+++ b/apparmor.vim
@@ -128,22 +128,22 @@ syn cluster sdEntry contains=sdEntryWriteExec,sdEntryR,sdEntryW,sdEntryIX,sdEntr
 " Capability line
 
 " normal capabilities - really keep this list? syn match sdCap should be enough... (difference: sdCapKey words would loose underlining)
-syn keyword  sdCapKey          block_suspend chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid sys_boot sys_chroot syslog sys_nice sys_pacct sys_ptrace sys_resource sys_time sys_tty_config wake_alarm
+syn keyword  sdCapKey          block_suspend chown dac_override dac_read_search fowner fsetid ipc_lock ipc_owner kill lease linux_immutable mknod net_admin net_bind_service net_broadcast net_raw setfcap setgid setpcap setuid syslog sys_boot sys_chroot sys_nice sys_pacct sys_ptrace sys_resource sys_time sys_tty_config wake_alarm
 
 " dangerous capabilities - highlighted separately
 syn keyword sdCapDanger	       audit_control audit_write mac_override mac_admin set_fcap sys_admin sys_module sys_rawio
 
 " full line. Keywords are from sdCapKey + sdCapDanger
-syn match  sdCap /\v^\s*(audit\s+)?(deny\s+)?capability\s+(audit_control|audit_write|block_suspend|chown|dac_override|dac_read_search|fowner|fsetid|ipc_lock|ipc_owner|kill|lease|linux_immutable|mac_admin|mac_override|mknod|net_admin|net_bind_service|net_broadcast|net_raw|setfcap|setgid|setpcap|setuid|sys_admin|sys_boot|sys_chroot|syslog|sys_module|sys_nice|sys_pacct|sys_ptrace|sys_rawio|sys_resource|sys_time|sys_tty_config|wake_alarm)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdCapKey,sdCapDanger,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match  sdCap /\v^\s*(audit\s+)?(deny\s+)?capability\s+(audit_control|audit_write|block_suspend|chown|dac_override|dac_read_search|fowner|fsetid|ipc_lock|ipc_owner|kill|lease|linux_immutable|mac_admin|mac_override|mknod|net_admin|net_bind_service|net_broadcast|net_raw|setfcap|setgid|setpcap|setuid|syslog|sys_admin|sys_boot|sys_chroot|sys_module|sys_nice|sys_pacct|sys_ptrace|sys_rawio|sys_resource|sys_time|sys_tty_config|wake_alarm)\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdCapKey,sdCapDanger,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 " all capabilities ('capability' without any keyword)
 syn match  sdCapDanger /\v^\s*(audit\s+)?(deny\s+)?capability\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 
 " Network line
 " Syntax: network domain (inet, ...) type (stream, ...) protocol (tcp, ...)
 " TODO: 'owner' isn't supported, but will be (JJ, 2011-01-11)
-syn match  sdNetwork         /\v^\s*(audit\s+)?(deny\s+)?network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc))?(\s+(stream|dgram|seqpacket|rdm|packet))?(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match  sdNetwork         /\v^\s*(audit\s+)?(deny\s+)?network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc|vsock))?(\s+(stream|dgram|seqpacket|rdm|packet))?(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 " network rules containing 'raw'
-syn match  sdNetworkDanger         /\v^\s*(audit\s+)?(deny\s+)?network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc))?(\s+(raw))(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+syn match  sdNetworkDanger         /\v^\s*(audit\s+)?(deny\s+)?network(\s+(inet|ax25|ipx|appletalk|netrom|bridge|atmpvc|x25|inet6|rose|netbeui|security|key|packet|ash|econet|atmsvc|rds|sna|irda|pppox|wanpipe|llc|can|tipc|bluetooth|iucv|rxrpc|isdn|phonet|ieee802154|caif|alg|nfc|vsock))?(\s+(raw))(\s+tcp|\s+udp|\s+icmp)?\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 " 'all networking' includes raw -> mark as dangerous
 syn match  sdNetworkDanger         /\v^\s*(audit\s+)?(deny\s+)?network\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 
diff --git a/vim.changes b/vim.changes
index b3170db..5630c6e 100644
--- a/vim.changes
+++ b/vim.changes
@@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Sat Aug 24 23:41:27 UTC 2013 - opensuse@cboltz.de
+
+- update apparmor.vim (taken from AppArmor 2.8.2)
+  * add network vsock
+
 -------------------------------------------------------------------
 Fri Aug 16 12:08:44 UTC 2013 - idonmez@suse.com