apparmor/profiles/apparmor.d/tunables/kernelvars

#    Copyright (C) 2012 Canonical Ltd.
#
#    This program is free software; you can redistribute it and/or
#    modify it under the terms of version 2 of the GNU General Public
#    License published by the Free Software Foundation.
#
# ------------------------------------------------------------------

# This file should contain declarations to kernel vars or variables
# that will become kernel vars at some point

# until kernel vars are implemented
# and until the parser supports nested groupings like
#   @{pid}=[1-9]{[0-9]{[0-9]{[0-9]{[0-9]{[0-9],},},},},}
# use
@{pid}={[1-9],[1-9][0-9],[1-9][0-9][0-9],[1-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9][0-9],[1-4][0-9][0-9][0-9][0-9][0-9][0-9]}

#same pattern as @{pid} for now
@{tid}=@{pid}

#A pattern for pids that can appear
@{pids}=@{pid}

# Placeholder for user id until kernel var is implemented to match
# current user of the confined application.
# Values are 0...4,294,967,295 (32-bit unsigned, 10 digits).
@{uid}={[0-9],[1-9][0-9],[1-9][0-9][0-9],[1-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9],[1-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9],[1-4][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]}

#same pattern as @{uid} for now
@{uids}=@{uid}

# until kernel var is implemented
@{sys}=/sys/