From 7f657780e5fc0cbcaad6dc1ec79de4d361ea7dea Mon Sep 17 00:00:00 2001
From: Alexandre Pujol <alexandre@pujol.io>
Date: Sat, 21 Sep 2024 22:24:45 +0100
Subject: [PATCH] feat(tunable): add the word @{w} and digit @{d} variables.

---
 apparmor.d/tunables/multiarch.d/system | 33 +++++++++++++++++++++-----
 1 file changed, 27 insertions(+), 6 deletions(-)

diff --git a/apparmor.d/tunables/multiarch.d/system b/apparmor.d/tunables/multiarch.d/system
index 4fb8304c..d51ede6c 100644
--- a/apparmor.d/tunables/multiarch.d/system
+++ b/apparmor.d/tunables/multiarch.d/system
@@ -11,22 +11,29 @@
 # Single alphanumeric character
 @{c}=[0-9a-zA-Z]
 
+# Word character. Matches any letter, digit or underscore.
+@{w}=[a-zA-Z0-9_]
+
+# Any digit
+@{d}=[0-9]
+
 # Integer up to 10 digits (0-9999999999)
-@{int}=[0-9]{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}{[0-9],}
+@{int}=@{d}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}{@{d},}
 
 # Unsigned integer over 8 bits (0-255)
 #      0 - 99       100 - 199   200 - 249   250 - 255
 @{u8}=[0-9]{[0-9],} 1[0-9][0-9] 2[0-4][0-9] 25[0-5]
 
 # Unsigned integer over 16 bits (0-65535, 5 digits)
-@{u16}=[0-9]{[0-9],}{[0-9],}{[0-9],}{[0-9],}
+@{u16}=@{d}{@{d},}{@{d},}{@{d},}{@{d},}
 
-# hexadecimal, alphanumeric up to 64 characters
+# hexadecimal, alphanumeric and word up to 64 characters
 @{hex}=@{h}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}{@{h},}
 @{rand}=@{c}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}{@{c},}
+@{word}=@{w}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}
 
 # Any x digits characters
-@{int2}=[0-9][0-9]
+@{int2}=@{d}@{d}
 @{int4}=@{int2}@{int2}
 @{int6}=@{int4}@{int2}
 @{int8}=@{int4}@{int4}
@@ -42,6 +49,7 @@
 @{hex8}=@{hex4}@{hex4}
 @{hex9}=@{hex8}@{h}
 @{hex10}=@{hex8}@{hex2}
+@{hex12}=@{hex8}@{hex4}
 @{hex15}=@{hex8}@{hex4}@{hex2}@{h}
 @{hex16}=@{hex8}@{hex8}
 @{hex32}=@{hex16}@{hex16}
@@ -55,17 +63,30 @@
 @{rand8}=@{rand4}@{rand4}
 @{rand9}=@{rand8}@{c}
 @{rand10}=@{rand8}@{rand2}
+@{rand12}=@{rand8}@{rand4}
 @{rand15}=@{rand8}@{rand4}@{rand2}@{c}
 @{rand16}=@{rand8}@{rand8}
 @{rand32}=@{rand16}@{rand16}
 @{rand64}=@{rand64}@{rand64}
 
+# Any x word characters
+@{word2}=@{w}@{w}
+@{word4}=@{word2}@{word2}
+@{word6}=@{word4}@{word2}
+@{word8}=@{word4}@{word4}
+@{word9}=@{word8}@{w}
+@{word10}=@{word8}@{word2}
+@{word12}=@{word8}@{word4}
+@{word15}=@{word8}@{word4}@{word2}@{w}
+@{word16}=@{word8}@{word8}
+@{word32}=@{word16}@{word16}
+@{word64}=@{word32}@{word32}
+
 # Universally unique identifier
 @{uuid}=@{h}@{h}@{h}@{h}@{h}@{h}@{h}@{h}[-_]@{h}@{h}@{h}@{h}[-_]@{h}@{h}@{h}@{h}[-_]@{h}@{h}@{h}@{h}[-_]@{h}@{h}@{h}@{h}@{h}@{h}@{h}@{h}@{h}@{h}@{h}@{h}
 
 # Username & group valid characters
-@{u}=[a-zA-Z0-9_]
-@{user}=[a-zA-Z_]{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}{@{u},}
+@{user}=[a-zA-Z_]{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}{@{w},}
 @{group}=@{user}
 
 # Semantic version