Accepting request 82521 from home:cboltz:branches:editors

- apparmor.vim update - support "deny $filename x" rules - apparmor.vim generated from AppArmor 2.7 beta2 OBS-URL: https://build.opensuse.org/request/show/82521 OBS-URL: https://build.opensuse.org/package/show/editors/vim?expand=0&rev=56
2011-09-16 18:29:33 +00:00
parent 57bb0c8e30
commit f2f5fd590e
3 changed files with 9 additions and 6 deletions
--- a/apparmor.vim
+++ b/apparmor.vim
@@ -188,6 +188,8 @@ syn match  sdEntryPXe /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s
 syn match  sdEntryIX /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k|ix)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
 " mr - mmap with PROT_EXEC
 syn match  sdEntryM /\v^\s*(audit\s+)?(deny\s+)?(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude
+" special case: deny x is allowed (doesn't need to be ix, px, ux or cx)
+syn match  sdEntryM /\v^\s*(audit\s+)?deny\s+(owner\s+)?(\/|\@\{\S*\})\S*\s+(r|m|k|x)+\s*,(\s*$|(\s*#.*$)\@=)/ contains=sdGlob,sdComment nextgroup=@sdEntry,sdComment,sdError,sdInclude

 " if we've got u or i without x, it's an error
 " rule is superfluous because of the '/.*/ is an error' rule ;-)