mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-04 08:24:42 +01:00
b222731c4f
Add signal rules and make sure the parser encodes support for them
if the supported feature set reports supporting them.
The current format of the signal rule is
[audit] [deny] signal [<signal_perms>] [<signal_set>] <target_profile>,
signal_perm := 'send'|'receive'|'r'|'w'|'rw'
signal_perms := <signal_perm> | '(' <signal_perm> ([,]<signal_perm>)* ')'
signal := ("hup"|"int"|"quit"|"ill"|"trap"|"abrt"|"bus"|"fpe"|"kill"|
"usr1"|"segv"|"usr2"|"pipe"|"alrm"|"term"|"tkflt"|"chld"|
"cont"|"stop"|"stp"|"ttin"|"ttou"|"urg"|"xcpu"|"xfsz"|"vtalrm"|
"prof"|"winch"|"io"|"pwr"|"sys"|"emt"|"exists")
signal_set := set=<signal> | '(' <signal> ([,]<signal>)* ')'
it does not currently follow the peer=() format, and there is some question
as to whether it should or not. Input welcome.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
41 lines
1.1 KiB
C
41 lines
1.1 KiB
C
/*
|
|
* Copyright 2012 Canonical Ltd.
|
|
*
|
|
* This program is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU General Public License as
|
|
* published by the Free Software Foundation, version 2 of the
|
|
* License.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
*/
|
|
|
|
#ifndef __AA_POLICYDB_H
|
|
#define __AA_POLICYDB_H
|
|
|
|
/*
|
|
* Class of private mediation types in the AppArmor policy db
|
|
*
|
|
* See libapparmor's apparmor.h for public mediation types
|
|
*/
|
|
#define AA_CLASS_COND 0
|
|
#define AA_CLASS_UNKNOWN 1
|
|
#define AA_CLASS_FILE 2
|
|
#define AA_CLASS_CAP 3
|
|
#define AA_CLASS_NET 4
|
|
#define AA_CLASS_RLIMITS 5
|
|
#define AA_CLASS_DOMAIN 6
|
|
#define AA_CLASS_MOUNT 7
|
|
#define AA_CLASS_NS_DOMAIN 8
|
|
#define AA_CLASS_PTRACE 9
|
|
#define AA_CLASS_SIGNAL 10
|
|
|
|
#define AA_CLASS_LABEL 16
|
|
|
|
/* defined in libapparmor's apparmor.h #define AA_CLASS_DBUS 32 */
|
|
#define AA_CLASS_X 33
|
|
|
|
#endif /* __AA_POLICYDB_H */
|