diff --git a/data/syntax/apparmor.xml b/data/syntax/apparmor.xml
--- a/data/syntax/apparmor.xml
+++ b/data/syntax/apparmor.xml
@@ -16,7 +16,7 @@
==========================================================================================
This file is part of the KDE's KSyntaxHighlighting framework.
- Copyright (c) 2017-2018 Nibaldo González S. (nibgonz@gmail.com)
+ Copyright (c) 2017-2019 Nibaldo González S. (nibgonz@gmail.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this
software and associated documentation files (the "Software"), to deal in the Software
@@ -42,25 +42,25 @@
http://manpages.ubuntu.com/manpages/cosmic/en/man5/apparmor.d.5.html
Change log:
- * Version 7 [15-Sep-2018]:
- - Update itemData's style for the new Solarized color schemes.
- - Fixes in "_end_rule_irnc".
- * Version 6 [24-Jul-2018, by Nibaldo G.]: (AppArmor 2.13.0)
- - Fixes for Include rules, add 'if exists'. Fix escapes & globbing in text quoted.
- - Improvements in paths that start with variables, hats, comments and variable
- assignments and others. Add some abstractions & filesystems.
- * Version 4 [25-Jan-2018, by Nibaldo G.]: (AppArmor 2.12.0)
- - New keywords: network and mount rules, default abstractions, variables and others.
- - Multiple improvements and fixes.
- - Do not allow comments within rules and in variable assignment lines.
- * Version 3 [24-Sep-2017, by Nibaldo G.]:
- - Fix incorrect highlighting of the DBus rule 'name' keyword.
- * Version 2 [29-Aug-2017, by Nibaldo G.]:
- - Improvements in highlighting and bug fixes.
- - Each rule has its own context.
- - The profile name is highlighted in the profile header and profile transition rules.
- * Version 1 [22-Feb-2017, by Nibaldo González]:
- - Initial version. Support for profile syntax of Apparmor 2.11.
+ * Version 7 [15-Sep-2018]:
+ - Update itemData's style for the new Solarized color schemes.
+ - Fixes in "_end_rule_irnc".
+ * Version 6 [24-Jul-2018, by Nibaldo G.]: (AppArmor 2.13.0)
+ - Fixes for Include rules, add 'if exists'. Fix escapes & globbing in text quoted.
+ - Improvements in paths that start with variables, hats, comments and variable
+ assignments and others. Add some abstractions & filesystems.
+ * Version 4 [25-Jan-2018, by Nibaldo G.]: (AppArmor 2.12.0)
+ - New keywords: network and mount rules, default abstractions, variables and others.
+ - Multiple improvements and fixes.
+ - Do not allow comments within rules and in variable assignment lines.
+ * Version 3 [24-Sep-2017, by Nibaldo G.]:
+ - Fix incorrect highlighting of the DBus rule 'name' keyword.
+ * Version 2 [29-Aug-2017, by Nibaldo G.]:
+ - Improvements in highlighting and bug fixes.
+ - Each rule has its own context.
+ - The profile name is highlighted in the profile header and profile transition rules.
+ * Version 1 [22-Feb-2017, by Nibaldo González]:
+ - Initial version. Support for profile syntax of Apparmor 2.11.
-->
-
-
-
-
- - profile
- - hat
-
-
- - flags
- - xattrs
-
-
- - audit
- - complain
- - enforce
- - mediate_deleted
- - attach_disconnected
- - chroot_relative
- - chroot_attach
- - chroot_no_attach
- - delegate_deleted
- - no_attach_disconnected
- - namespace_relative
-
-
-
-
- - allow
- - deny
-
-
- - owner
-
-
-
- - audit
-
-
-
-
-
-
- - audit_control
- - audit_read
- - audit_write
- - block_suspend
- - chown
- - dac_override
- - dac_read_search
- - fowner
- - fsetid
- - ipc_lock
- - ipc_owner
- - kill
- - lease
- - linux_immutable
- - mac_admin
- - mac_override
- - mknod
- - net_admin
- - net_bind_service
- - net_broadcast
- - net_raw
- - setgid
- - setfcap
- - setpcap
- - setuid
- - sys_admin
- - sys_boot
- - sys_chroot
- - sys_module
- - sys_nice
- - sys_pacct
- - sys_ptrace
- - sys_rawio
- - sys_resource
- - sys_time
- - sys_tty_config
- - syslog
- - wake_alarm
-
+
+
+
+
+ - profile
+ - hat
+
+
+ - flags
+ - xattrs
+
+
+ - audit
+ - complain
+ - enforce
+ - mediate_deleted
+ - attach_disconnected
+ - chroot_relative
+ - chroot_attach
+ - chroot_no_attach
+ - delegate_deleted
+ - no_attach_disconnected
+ - namespace_relative
+
+
+
+
+ - allow
+ - deny
+
+
+ - owner
+
+
+
+ - audit
+
+
+
+
+
+
+ - audit_control
+ - audit_read
+ - audit_write
+ - block_suspend
+ - chown
+ - dac_override
+ - dac_read_search
+ - fowner
+ - fsetid
+ - ipc_lock
+ - ipc_owner
+ - kill
+ - lease
+ - linux_immutable
+ - mac_admin
+ - mac_override
+ - mknod
+ - net_admin
+ - net_bind_service
+ - net_broadcast
+ - net_raw
+ - setgid
+ - setfcap
+ - setpcap
+ - setuid
+ - sys_admin
+ - sys_boot
+ - sys_chroot
+ - sys_module
+ - sys_nice
+ - sys_pacct
+ - sys_ptrace
+ - sys_rawio
+ - sys_resource
+ - sys_time
+ - sys_tty_config
+ - syslog
+ - wake_alarm
+
+
+
+
+
+ - inet
+ - ax25
+ - ipx
+ - appletalk
+ - netrom
+ - bridge
+ - atmpvc
+ - x25
+ - inet6
+ - rose
+ - netbeui
+ - security
+ - key
+ - packet
+ - ash
+ - econet
+ - atmsvc
+ - sna
+ - irda
+ - pppox
+ - wanpipe
+ - bluetooth
+ - netlink
+ - rds
+ - llc
+ - can
+ - tipc
+ - iucv
+ - rxrpc
+ - isdn
+ - phonet
+ - ieee802154
+ - caif
+ - alg
+ - nfc
+ - vsock
+ - mpls
+ - ib
+ - kcm
+ - smc
+
+
+ - stream
+ - dgram
+ - seqpacket
+ - rdm
+ - raw
+
+
+ - tcp
+ - udp
+ - icmp
+
+
+
+ - unix
+
+
+
+
+ - fstype
+ - vfstype
+ - options
+ - option
+
+
+ - r
+ - w
+ - rw
+ - ro
+ - read-only
+ - suid
+ - nosuid
+ - dev
+ - nodev
+ - exec
+ - noexec
+ - sync
+ - async
+ - remount
+ - mand
+ - nomand
+ - dirsync
+ - atime
+ - noatime
+ - diratime
+ - nodiratime
+ - bind
+ - B
+ - move
+ - M
+ - rbind
+ - R
+ - verbose
+ - silent
+ - loud
+ - acl
+ - noacl
+ - unbindable
+ - make-unbindable
+ - runbindable
+ - make-runbindable
+ - private
+ - make-private
+ - rprivate
+ - make-rprivate
+ - slave
+ - make-slave
+ - rslave
+ - make-rslave
+ - shared
+ - make-shared
+ - rshared
+ - make-rshared
+ - relatime
+ - norelatime
+ - iversion
+ - noiversion
+ - strictatime
+ - user
+ - nouser
+
+
+ - ecryptfs
+ - overlayfs
+ - unionfs
+ - shm
+
+ - cryfs
+ - encfs
+ - apparmorfs
+ - autofs
+ - bdev
+ - bpf
+ - cachefs
+ - cgroup
+ - cgroup2
+ - cifs
+ - coherent
+ - configfs
+ - cpuset
+ - cramfs
+ - debugfs
+ - devfs
+ - devpts
+ - devtmpfs
+ - efs
+ - fuse
+ - fuseblk
+ - fusectl
+ - futexfs
+ - hugetlbfs
+ - kernfs
+ - mqueue
+ - pipefs
+ - proc
+ - procfs
+ - pstorefs
+ - pstore
+ - ramfs
+ - romfs
+ - rootfs
+ - sdcardfs
+ - securityfs
+ - selinuxfs
+ - sockfs
+ - specfs
+ - squashfs
+ - swapfs
+ - sysfs
+ - sysv
+ - tmpfs
+ - usbfs
+ - vfat
+ - functionfs
+ - inotifyfs
+ - labeledfs
+ - oemfs
+
+ - adfs
+ - affs
+ - afs
+ - apfs
+ - bfs
+ - btrfs
+ - ceph
+ - coda
+ - exfat
+ - ext2
+ - ext3
+ - ext4
+ - f2fs
+ - fatx
+ - gfs
+ - hfs
+ - hfsplus
+ - hpfs
+ - ifs
+ - iso9660
+ - jffs2
+ - jffs
+ - jfs
+ - lvm2
+ - minix
+ - msdos
+ - ncpfs
+ - nilfs
+ - nilfs2
+ - nfs
+ - nfs4
+ - ntfs-3g
+ - ntfs
+ - ocfs
+ - qnx4
+ - qnx6
+ - reiser4
+ - reiserfs
+ - smbfs
+ - swap
+ - tracefs
+ - ubifs
+ - udf
+ - ufs
+ - umsdos
+ - urefs
+ - xenix
+ - yaffs2
+ - yaffs
+ - xfs
+ - zfs
+
+
+
+
+
+ - oldroot
+
+
+
+
+ - peer
+
+
+
+ - readby
+ - trace
+ - tracedby
+
+
+
+
+ - set
+ - peer
+
+
+
+ - bus
+ - hup
+ - int
+ - quit
+ - ill
+ - trap
+ - abrt
+ - fpe
+ - kill
+ - usr1
+ - segv
+ - usr2
+ - pipe
+ - alrm
+ - term
+ - stkflt
+ - chld
+ - cont
+ - stop
+ - stp
+ - ttin
+ - ttou
+ - urg
+ - xcpu
+ - xfsz
+ - vtalrm
+ - prof
+ - winch
+ - io
+ - pwr
+ - sys
+ - emt
+ - exists
+
+
+
+ - send
+ - receive
+
+
+
+
+ - peer
+ - bus
+ - path
+ - interface
+ - member
+ - name
+
+
+ - name
+ - label
+
+
+
+ - send
+ - receive
+ - bind
+ - eavesdrop
+
+
+ - system
+ - session
+
+
+
+
+ - peer
+ - set
+ - label
+ - type
+ - protocol
+ - addr
+ - attr
+ - opt
+
+
+
+ - send
+ - receive
+ - bind
+ - create
+ - listen
+ - accept
+ - connect
+ - shutdown
+ - getattr
+ - setattr
+ - getopt
+ - setopt
+
+
+
+
+ - cpu
+ - fsize
+ - data
+ - stack
+ - core
+ - rss
+ - nofile
+ - ofile
+ - as
+ - nproc
+ - memlock
+ - locks
+ - sigpending
+ - msgqueue
+ - nice
+ - rtprio
+ - rttime
+
+
+
+
+ - subset
+
+
+
+
+ - safe
+ - unsafe
+
+
+
+ - if
+ - exists
+
+
+
+
+ - rw
+ - r
+ - w
+ - read
+ - write
+
+
+
+
+ - profile_name
+
+ - HOME
+ - HOMEDIRS
+ - multiarch
+ - pid
+ - pids
+ - PROC
+ - securityfs
+ - apparmorfs
+ - sys
+ - tid
+ - XDG_DESKTOP_DIR
+ - XDG_DOWNLOAD_DIR
+ - XDG_TEMPLATES_DIR
+ - XDG_PUBLICSHARE_DIR
+ - XDG_DOCUMENTS_DIR
+ - XDG_MUSIC_DIR
+ - XDG_PICTURES_DIR
+ - XDG_VIDEOS_DIR
+
+
+ - abstractions/
+ - apache2-common
+ - aspell
+ - audio
+ - authentication
+ - base
+ - bash
+ - consoles
+ - cups-client
+ - dbus
+ - dbus-accessibility
+ - dbus-accessibility-strict
+ - dbus-session
+ - dbus-session-strict
+ - dbus-strict
+ - dconf
+ - dovecot-common
+ - dri-common
+ - dri-enumerate
+ - enchant
+ - fcitx
+ - fcitx-strict
+ - fonts
+ - freedesktop.org
+ - gnome
+ - gnupg
+ - ibus
+ - kde-icon-cache-write
+ - kde-globals-write
+ - kde-language-write
+ - kde
+ - kerberosclient
+ - launchpad-integration
+ - ldapclient
+ - libpam-systemd
+ - likewise
+ - mdns
+ - mesa
+ - mir
+ - mozc
+ - mysql
+ - nameservice
+ - nis
+ - nvidia
+ - opencl
+ - opencl-common
+ - opencl-intel
+ - opencl-mesa
+ - opencl-nvidia
+ - opencl-pocl
+ - openssl
+ - orbit2
+ - p11-kit
+ - perl
+ - php
+ - php5
+ - postfix-common
+ - private-files
+ - private-files-strict
+ - python
+ - qt5-compose-cache-write
+ - qt5-settings-write
+ - qt5
+ - recent-documents-write
+ - ruby
+ - samba
+ - smbpass
+ - ssl_certs
+ - ssl_keys
+ - svn-repositories
+ - ubuntu-bittorrent-clients
+ - ubuntu-browsers
+ - ubuntu-console-browsers
+ - ubuntu-console-email
+ - ubuntu-email
+ - ubuntu-feed-readers
+ - ubuntu-gnome-terminal
+ - ubuntu-helpers
+ - ubuntu-konsole
+ - ubuntu-media-players
+ - ubuntu-unity7-base
+ - ubuntu-unity7-launcher
+ - ubuntu-unity7-messaging
+ - ubuntu-xterm
+ - user-download
+ - user-mail
+ - user-manpages
+ - user-tmp
+ - user-write
+ - video
+ - vulkan
+ - wayland
+ - web-data
+ - winbind
+ - wutmp
+ - X
+ - xad
+ - xdg-desktop
+
+ - ubuntu-browsers.d/
+ - java
+ - mailto
+ - multimedia
+ - plugins-common
+ - productivity
+ - text-editors
+ - ubuntu-integration
+ - ubuntu-integration-xul
+ - user-files
+
+ - apparmor_api/
+ - change_profile
+ - examine
+ - find_mountpoint
+ - introspect
+ - is_enabled
+
+ - tunables/
+ - alias
+ - apparmorfs
+ - dovecot
+ - global
+ - home
+ - kernelvars
+ - multiarch
+ - ntpd
+ - proc
+ - securityfs
+ - sys
+ - xdg-user-dirs
+ - home.d/
+ - multiarch.d/
+ - xdg-user-dirs.d/
+ - site.local
+
+ - local/
+
+
+
+ - true
+ - false
+
+
+ - unspec
+ - none
+ - unconfined
+
+
+
+
+ - mount
+ - remount
+ - umount
+
+ - alias
+ - file
+ - capability
+ - network
+ - pivot_root
+ - ptrace
+ - signal
+ - dbus
+ - unix
+ - link
+ - change_profile
+ - rlimit
+ - set
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
- - inet
- - ax25
- - ipx
- - appletalk
- - netrom
- - bridge
- - atmpvc
- - x25
- - inet6
- - rose
- - netbeui
- - security
- - key
- - packet
- - ash
- - econet
- - atmsvc
- - sna
- - irda
- - pppox
- - wanpipe
- - bluetooth
- - netlink
- - rds
- - llc
- - can
- - tipc
- - iucv
- - rxrpc
- - isdn
- - phonet
- - ieee802154
- - caif
- - alg
- - nfc
- - vsock
- - mpls
- - ib
- - kcm
- - smc
-
-
- - stream
- - dgram
- - seqpacket
- - rdm
- - raw
-
-
- - tcp
- - udp
- - icmp
-
-
-
- - unix
-
+
+
+
+
+
+
+
+
+
+
+
-
- - fstype
- - vfstype
- - options
- - option
-
-
- - r
- - w
- - rw
- - ro
- - read-only
- - suid
- - nosuid
- - dev
- - nodev
- - exec
- - noexec
- - sync
- - async
- - remount
- - mand
- - nomand
- - dirsync
- - atime
- - noatime
- - diratime
- - nodiratime
- - bind
- - B
- - move
- - M
- - rbind
- - R
- - verbose
- - silent
- - loud
- - acl
- - noacl
- - unbindable
- - make-unbindable
- - runbindable
- - make-runbindable
- - private
- - make-private
- - rprivate
- - make-rprivate
- - slave
- - make-slave
- - rslave
- - make-rslave
- - shared
- - make-shared
- - rshared
- - make-rshared
- - relatime
- - norelatime
- - iversion
- - noiversion
- - strictatime
- - user
- - nouser
-
-
- - ecryptfs
- - overlayfs
- - unionfs
- - shm
-
- - cryfs
- - encfs
- - apparmorfs
- - autofs
- - bdev
- - bpf
- - cachefs
- - cgroup
- - cgroup2
- - cifs
- - coherent
- - configfs
- - cpuset
- - cramfs
- - debugfs
- - devfs
- - devpts
- - devtmpfs
- - efs
- - fuse
- - fuseblk
- - fusectl
- - futexfs
- - hugetlbfs
- - kernfs
- - mqueue
- - pipefs
- - proc
- - procfs
- - pstorefs
- - pstore
- - ramfs
- - romfs
- - rootfs
- - sdcardfs
- - securityfs
- - selinuxfs
- - sockfs
- - specfs
- - squashfs
- - swapfs
- - sysfs
- - sysv
- - tmpfs
- - usbfs
- - vfat
- - functionfs
- - inotifyfs
- - labeledfs
- - oemfs
-
- - adfs
- - affs
- - afs
- - apfs
- - bfs
- - btrfs
- - ceph
- - coda
- - exfat
- - ext2
- - ext3
- - ext4
- - f2fs
- - fatx
- - gfs
- - hfs
- - hfsplus
- - hpfs
- - ifs
- - iso9660
- - jffs2
- - jffs
- - jfs
- - lvm2
- - minix
- - msdos
- - ncpfs
- - nilfs
- - nilfs2
- - nfs
- - nfs4
- - ntfs-3g
- - ntfs
- - ocfs
- - qnx4
- - qnx6
- - reiser4
- - reiserfs
- - smbfs
- - swap
- - tracefs
- - ubifs
- - udf
- - ufs
- - umsdos
- - urefs
- - xenix
- - yaffs2
- - yaffs
- - xfs
- - zfs
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
- - oldroot
-
+
+
+
+
-
- - peer
-
-
-
- - readby
- - trace
- - tracedby
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
- - set
- - peer
-
-
-
- - bus
- - hup
- - int
- - quit
- - ill
- - trap
- - abrt
- - fpe
- - kill
- - usr1
- - segv
- - usr2
- - pipe
- - alrm
- - term
- - stkflt
- - chld
- - cont
- - stop
- - stp
- - ttin
- - ttou
- - urg
- - xcpu
- - xfsz
- - vtalrm
- - prof
- - winch
- - io
- - pwr
- - sys
- - emt
- - exists
-
-
-
- - send
- - receive
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
- - peer
- - bus
- - path
- - interface
- - member
- - name
-
-
- - name
- - label
-
-
-
- - send
- - receive
- - bind
- - eavesdrop
-
-
- - system
- - session
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
- - peer
- - set
- - label
- - type
- - protocol
- - addr
- - attr
- - opt
-
-
-
- - send
- - receive
- - bind
- - create
- - listen
- - accept
- - connect
- - shutdown
- - getattr
- - setattr
- - getopt
- - setopt
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
- - cpu
- - fsize
- - data
- - stack
- - core
- - rss
- - nofile
- - ofile
- - as
- - nproc
- - memlock
- - locks
- - sigpending
- - msgqueue
- - nice
- - rtprio
- - rttime
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
- - subset
-
+
+
+
+
-
- - safe
- - unsafe
-
-
-
- - if
- - exists
-
-
-
-
- - rw
- - r
- - w
- - read
- - write
-
-
-
-
- - profile_name
-
- - HOME
- - HOMEDIRS
- - multiarch
- - pid
- - pids
- - PROC
- - securityfs
- - apparmorfs
- - sys
- - tid
- - XDG_DESKTOP_DIR
- - XDG_DOWNLOAD_DIR
- - XDG_TEMPLATES_DIR
- - XDG_PUBLICSHARE_DIR
- - XDG_DOCUMENTS_DIR
- - XDG_MUSIC_DIR
- - XDG_PICTURES_DIR
- - XDG_VIDEOS_DIR
-
-
- - abstractions/
- - apache2-common
- - aspell
- - audio
- - authentication
- - base
- - bash
- - consoles
- - cups-client
- - dbus
- - dbus-accessibility
- - dbus-accessibility-strict
- - dbus-session
- - dbus-session-strict
- - dbus-strict
- - dconf
- - dovecot-common
- - dri-common
- - dri-enumerate
- - enchant
- - fcitx
- - fcitx-strict
- - fonts
- - freedesktop.org
- - gnome
- - gnupg
- - ibus
- - kde-icon-cache-write
- - kde-globals-write
- - kde-language-write
- - kde
- - kerberosclient
- - launchpad-integration
- - ldapclient
- - libpam-systemd
- - likewise
- - mdns
- - mesa
- - mir
- - mozc
- - mysql
- - nameservice
- - nis
- - nvidia
- - opencl
- - opencl-common
- - opencl-intel
- - opencl-mesa
- - opencl-nvidia
- - opencl-pocl
- - openssl
- - orbit2
- - p11-kit
- - perl
- - php
- - php5
- - postfix-common
- - private-files
- - private-files-strict
- - python
- - qt5-compose-cache-write
- - qt5-settings-write
- - qt5
- - recent-documents-write
- - ruby
- - samba
- - smbpass
- - ssl_certs
- - ssl_keys
- - svn-repositories
- - ubuntu-bittorrent-clients
- - ubuntu-browsers
- - ubuntu-console-browsers
- - ubuntu-console-email
- - ubuntu-email
- - ubuntu-feed-readers
- - ubuntu-gnome-terminal
- - ubuntu-helpers
- - ubuntu-konsole
- - ubuntu-media-players
- - ubuntu-unity7-base
- - ubuntu-unity7-launcher
- - ubuntu-unity7-messaging
- - ubuntu-xterm
- - user-download
- - user-mail
- - user-manpages
- - user-tmp
- - user-write
- - video
- - vulkan
- - wayland
- - web-data
- - winbind
- - wutmp
- - X
- - xad
- - xdg-desktop
-
- - ubuntu-browsers.d/
- - java
- - mailto
- - multimedia
- - plugins-common
- - productivity
- - text-editors
- - ubuntu-integration
- - ubuntu-integration-xul
- - user-files
-
- - apparmor_api/
- - change_profile
- - examine
- - find_mountpoint
- - introspect
- - is_enabled
-
- - tunables/
- - alias
- - apparmorfs
- - dovecot
- - global
- - home
- - kernelvars
- - multiarch
- - ntpd
- - proc
- - securityfs
- - sys
- - xdg-user-dirs
- - home.d/
- - multiarch.d/
- - xdg-user-dirs.d/
- - site.local
-
- - local/
-
-
-
- - true
- - false
-
-
- - unspec
- - none
- - unconfined
-
-
-
-
- - mount
- - remount
- - umount
-
- - alias
- - file
- - capability
- - network
- - pivot_root
- - ptrace
- - signal
- - dbus
- - unix
- - link
- - change_profile
- - rlimit
- - set
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/data/syntax/selinux-cil.xml b/data/syntax/selinux-cil.xml
--- a/data/syntax/selinux-cil.xml
+++ b/data/syntax/selinux-cil.xml
@@ -14,7 +14,7 @@
==========================================================================================
This file is part of the KDE's KSyntaxHighlighting framework.
- Copyright (c) 2018 Nibaldo González S. (nibgonz@gmail.com)
+ Copyright (c) 2018-2019 Nibaldo González S. (nibgonz@gmail.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this
software and associated documentation files (the "Software"), to deal in the Software
@@ -41,643 +41,645 @@
https://github.com/SELinuxProject/selinux/tree/master/secilc/docs
Change log:
- * Version 2 [28-Aug-2018]:
- - Implement "selinux.xml": some rules and keywords are moved there. Improve RegExp
- highlighting, add Android permissions and BPF permissions, improve IPv6
- detection and others improvements.
- - Fix permissions list in "ioctl" kind and "call" statements.
- - Add "sctp" protocol keyword and policy capabilities keywords.
- * Version 1 [26-Jan-2018, by Nibaldo González]:
- - Initial version.
+ * Version 3 [02-Apr-2019]: Remove one indentation.
+ * Version 2 [28-Aug-2018]:
+ - Implement "selinux.xml": some rules and keywords are moved there. Improve RegExp
+ highlighting, add Android permissions and BPF permissions, improve IPv6
+ detection and others improvements.
+ - Fix permissions list in "ioctl" kind and "call" statements.
+ - Add "sctp" protocol keyword and policy capabilities keywords.
+ * Version 1 [26-Jan-2018, by Nibaldo González]:
+ - Initial version.
-->
-
-
-
- - and
- - or
- - xor
- - not
- - all
- - eq
- - ne
- - neq
- - dom
- - domby
- - incomp
- - range
-
-
-
-
- - allow
- - auditallow
- - dontaudit
- - neverallow
- - auditdeny
- - allowx
- - auditallowx
- - dontauditx
- - neverallowx
-
-
-
- - true
- - false
-
-
-
- - file
- - dir
- - char
- - block
- - socket
- - pipe
- - symlink
- - any
-
-
- - task
- - trans
- - xattr
-
-
- - tcp
- - udp
- - dccp
- - sctp
-
-
-
- - self
-
-
- - unordered
-
-
- - allow
- - deny
- - reject
-
-
-
- - block
- - optional
- - common
- - class
- - classmap
- - classmapping
- - sid
- - user
- - role
- - roleattribute
- - type
- - classpermission
- - typeattribute
- - typealias
- - tunable
- - sensitivity
- - sensitivityalias
- - category
- - categoryalias
- - categoryset
- - level
- - levelrange
- - context
- - ipaddr
- - macro
- - boolean
-
-
-
- - policycap
- - mls
- - handleunknown
-
-
-
- - blockabstract
- - blockinherit
- - in
- - call
-
-
- - defaultuser
- - defaultrole
- - defaulttype
- - defaultrange
-
-
- - userrole
- - userattribute
- - userattributeset
- - userlevel
- - userrange
- - userbounds
- - userprefix
- - selinuxuser
- - selinuxuserdefault
-
-
- - roletype
- - roleattributeset
- - roleallow
- - roletransition
- - rolebounds
-
-
- - typealiasactual
- - typeattributeset
- - typebounds
- - typechange
- - typemember
- - typetransition
- - typepermissive
- - attributetype
-
- - expandtypeattribute
- - nametypetransition
-
-
- - classcommon
- - classorder
- - permission
- - permissionset
- - classpermissionset
- - permissionx
-
-
- - booleanif
- - tunableif
-
-
- - constrain
- - validatetrans
- - mlsconstrain
- - mlsvalidatetrans
-
-
- - sensitivityaliasactual
- - sensitivityorder
- - categoryaliasactual
- - categoryorder
- - sensitivitycategory
- - rangetransition
- - categoryrange
-
-
-
- - sidorder
- - sidcontext
-
-
- - filecon
- - fsuse
- - genfscon
- - fscon
- - fsusexattr
- - fsusetask
- - fsusetrans
-
-
- - netifcon
- - nodecon
- - portcon
-
-
-
- - iomemcon
- - ioportcon
- - pcidevicecon
- - pirqcon
- - devicetreecon
-
-
- - ibpkeycon
- - ibendportcon
-
-
- - dominance
- - allowxperm
- - auditallowxperm
- - dontauditxperm
- - neverallowxperm
-
-
-
- - string
- - name
- - ioctl
-
-
-
- - source
- - target
- - low
- - high
- - low-high
-
- - perm
- - object_r
- - t1
- - t2
- - t3
- - r1
- - r2
- - r3
- - u1
- - u2
- - u3
- - l1
- - l2
- - h1
- - h2
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+ - and
+ - or
+ - xor
+ - not
+ - all
+ - eq
+ - ne
+ - neq
+ - dom
+ - domby
+ - incomp
+ - range
+
+
+
+
+ - allow
+ - auditallow
+ - dontaudit
+ - neverallow
+ - auditdeny
+ - allowx
+ - auditallowx
+ - dontauditx
+ - neverallowx
+
+
+
+ - true
+ - false
+
+
+
+ - file
+ - dir
+ - char
+ - block
+ - socket
+ - pipe
+ - symlink
+ - any
+
+
+ - task
+ - trans
+ - xattr
+
+
+ - tcp
+ - udp
+ - dccp
+ - sctp
+
+
+
+ - self
+
+
+ - unordered
+
+
+ - allow
+ - deny
+ - reject
+
+
+
+ - block
+ - optional
+ - common
+ - class
+ - classmap
+ - classmapping
+ - sid
+ - user
+ - role
+ - roleattribute
+ - type
+ - classpermission
+ - typeattribute
+ - typealias
+ - tunable
+ - sensitivity
+ - sensitivityalias
+ - category
+ - categoryalias
+ - categoryset
+ - level
+ - levelrange
+ - context
+ - ipaddr
+ - macro
+ - boolean
+
+
+
+ - policycap
+ - mls
+ - handleunknown
+
+
+
+ - blockabstract
+ - blockinherit
+ - in
+ - call
+
+
+ - defaultuser
+ - defaultrole
+ - defaulttype
+ - defaultrange
+
+
+ - userrole
+ - userattribute
+ - userattributeset
+ - userlevel
+ - userrange
+ - userbounds
+ - userprefix
+ - selinuxuser
+ - selinuxuserdefault
+
+
+ - roletype
+ - roleattributeset
+ - roleallow
+ - roletransition
+ - rolebounds
+
+
+ - typealiasactual
+ - typeattributeset
+ - typebounds
+ - typechange
+ - typemember
+ - typetransition
+ - typepermissive
+ - attributetype
+
+ - expandtypeattribute
+ - nametypetransition
+
+
+ - classcommon
+ - classorder
+ - permission
+ - permissionset
+ - classpermissionset
+ - permissionx
+
+
+ - booleanif
+ - tunableif
+
+
+ - constrain
+ - validatetrans
+ - mlsconstrain
+ - mlsvalidatetrans
+
+
+ - sensitivityaliasactual
+ - sensitivityorder
+ - categoryaliasactual
+ - categoryorder
+ - sensitivitycategory
+ - rangetransition
+ - categoryrange
+
+
+
+ - sidorder
+ - sidcontext
+
+
+ - filecon
+ - fsuse
+ - genfscon
+ - fscon
+ - fsusexattr
+ - fsusetask
+ - fsusetrans
+
+
+ - netifcon
+ - nodecon
+ - portcon
+
+
+
+ - iomemcon
+ - ioportcon
+ - pcidevicecon
+ - pirqcon
+ - devicetreecon
+
+
+ - ibpkeycon
+ - ibendportcon
+
+
+ - dominance
+ - allowxperm
+ - auditallowxperm
+ - dontauditxperm
+ - neverallowxperm
+
+
+
+ - string
+ - name
+ - ioctl
+
+
+
+ - source
+ - target
+ - low
+ - high
+ - low-high
+
+ - perm
+ - object_r
+ - t1
+ - t2
+ - t3
+ - r1
+ - r2
+ - r3
+ - u1
+ - u2
+ - u3
+ - l1
+ - l2
+ - h1
+ - h2
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
diff --git a/data/syntax/selinux-fc.xml b/data/syntax/selinux-fc.xml
--- a/data/syntax/selinux-fc.xml
+++ b/data/syntax/selinux-fc.xml
@@ -14,7 +14,7 @@
==========================================================================================
This file is part of the KDE's KSyntaxHighlighting framework.
- Copyright (c) 2018 Nibaldo González S. (nibgonz@gmail.com)
+ Copyright (c) 2018-2019 Nibaldo González S. (nibgonz@gmail.com)
Permission is hereby granted, free of charge, to any person obtaining a copy of this
software and associated documentation files (the "Software"), to deal in the Software
@@ -42,258 +42,259 @@
- Policy Build Files: initial_sid_contexts, genfs_contexts, fs_use
Change log:
- * Version 3 [09-Sep-2018]:
- - Update itemData's style for the new Solarized color schemes.
- * Version 2 [28-Aug-2018]:
- - Some improvements. RegExp and some rules are moved to "selinux.xml".
- - Add statements keywords that use file contexts.
- * Version 1 [26-Jan-2018, by Nibaldo González]:
- - Initial version.
+ * Version 4 [02-Apr-2019]: Remove one indentation.
+ * Version 3 [09-Sep-2018]:
+ - Update itemData's style for the new Solarized color schemes.
+ * Version 2 [28-Aug-2018]:
+ - Some improvements. RegExp and some rules are moved to "selinux.xml".
+ - Add statements keywords that use file contexts.
+ * Version 1 [26-Jan-2018, by Nibaldo González]:
+ - Initial version.
-->
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+