Changeset View
Changeset View
Standalone View
Standalone View
data/syntax/apparmor.xml
1 | <?xml version="1.0" encoding="UTF-8"?> | 1 | <?xml version="1.0" encoding="UTF-8"?> | ||
---|---|---|---|---|---|
2 | <!DOCTYPE language SYSTEM "language.dtd" | 2 | <!DOCTYPE language SYSTEM "language.dtd" | ||
3 | [ | 3 | [ | ||
4 | <!ENTITY pathchar "\w\-\.\*\?\+@,\\&%$!~"> | | |||
5 | <!ENTITY nopathchar "\s\)""> | | |||
6 | <!ENTITY varname "[A-Za-z]\w*"> | 4 | <!ENTITY varname "[A-Za-z]\w*"> | ||
7 | <!ENTITY exec "[pPcC]?[iuU]?x"> | 5 | <!ENTITY exec "[pPcC]?[iuU]?x"> | ||
6 | <!-- Characters not allowed in a path --> | ||||
7 | <!ENTITY nopathchar_simple ")""> | ||||
8 | <!ENTITY nopathchar "\s\)""> | ||||
9 | <!-- Path characters after a variable or brackets: | ||||
10 | \w +-,.*?@\/ ([{# !$%&':;<>^`|~ and Non-ASCII --> | ||||
11 | <!ENTITY noaftervar "&nopathchar;\]\}\="> | ||||
8 | ]> | 12 | ]> | ||
9 | 13 | | |||
10 | <!-- | 14 | <!-- | ||
11 | AppArmor Profiles Syntax Highlighting Definition | 15 | AppArmor Profiles Syntax Highlighting Definition | ||
12 | for the KDE's KSyntaxHighlighting Framework. | 16 | for the KDE's KSyntaxHighlighting Framework. | ||
13 | ========================================================================================== | 17 | ========================================================================================== | ||
14 | Copyright (c) 2017-2018 Nibaldo González S. (nibgonz@gmail.com) | 18 | Copyright (c) 2017-2018 Nibaldo González S. (nibgonz@gmail.com) | ||
15 | 19 | | |||
Show All 10 Lines | |||||
26 | INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A | 30 | INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A | ||
27 | PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR | 31 | PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR | ||
28 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN | 32 | COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN | ||
29 | AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | 33 | AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION | ||
30 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | 34 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. | ||
31 | ========================================================================================== | 35 | ========================================================================================== | ||
32 | 36 | | |||
33 | Last update: | 37 | Last update: | ||
34 | Syntax highlighting based in AppArmor 2.12.0 | 38 | Syntax highlighting based in AppArmor 2.13.0 | ||
35 | For more details about the syntax of AppArmor profiles, visit: | 39 | For more details about the syntax of AppArmor profiles, visit: | ||
36 | https://gitlab.com/apparmor/apparmor/wikis/Documentation | 40 | https://gitlab.com/apparmor/apparmor/wikis/Documentation | ||
37 | http://manpages.ubuntu.com/manpages/artful/en/man5/apparmor.d.5.html | 41 | http://manpages.ubuntu.com/manpages/artful/en/man5/apparmor.d.5.html | ||
38 | 42 | | |||
39 | Change log: | 43 | Change log: | ||
40 | * Version 5 [31-Jan-2018, by Nibaldo González]: | 44 | * Version 6 [15-Apr-2018, by Nibaldo G.]: (AppArmor 2.13.0) | ||
41 | - Fix 'itemDatas' and end-of-rules keywords. | 45 | - Some optimizations. Allow any character as escape. | ||
42 | * Version 4 [25-Jan-2018, by Nibaldo González]: (AppArmor 2.12.0) | 46 | - Add the profile flag 'xattrs' keyword and 'if exists' in Include rules. | ||
47 | * Version 4 [25-Jan-2018, by Nibaldo G.]: (AppArmor 2.12.0) | ||||
43 | - New keywords: network and mount rules, default abstractions, variables and others. | 48 | - New keywords: network and mount rules, default abstractions, variables and others. | ||
44 | - Improvements in the highlighting of Include rules, variables, rlimit rules, | 49 | - Improvements in the highlighting of Include rules, variables, rlimit rules, | ||
45 | profile name, transition profile rules, end of rule context & file permissions. | 50 | profile name, transition profile rules, end of rule context & file permissions. | ||
46 | - Fixes: Comments within rules, sensitive keywords, owner qualifier & others. | 51 | - Fixes: Comments within rules, sensitive keywords, owner qualifier & others. | ||
47 | * Version 3 [24-Sep-2017, by Nibaldo González]: | 52 | * Version 3 [24-Sep-2017, by Nibaldo G.]: | ||
48 | - Fix incorrect highlighting of the DBus rule 'name' keyword. | 53 | - Fix incorrect highlighting of the DBus rule 'name' keyword. | ||
49 | * Version 2 [29-Aug-2017, by Nibaldo González]: | 54 | * Version 2 [29-Aug-2017, by Nibaldo G.]: | ||
50 | - Improvements in highlighting and bug fixes. | 55 | - Improvements in highlighting and bug fixes. | ||
51 | - Each rule has its own context. | 56 | - Each rule has its own context. | ||
52 | - The profile name is highlighted in the profile header and profile transition rules. | 57 | - The profile name is highlighted in the profile header and profile transition rules. | ||
53 | * Version 1 [22-Feb-2017, by Nibaldo González]: | 58 | * Version 1 [22-Feb-2017, by Nibaldo González]: | ||
54 | - Initial version. Support for profile syntax of Apparmor 2.11. | 59 | - Initial version. Support for profile syntax of Apparmor 2.11. | ||
55 | --> | 60 | --> | ||
56 | 61 | | |||
57 | <language name="AppArmor Security Profile" | 62 | <language name="AppArmor Security Profile" | ||
58 | version="5" | 63 | version="6" | ||
59 | kateversion="5.0" | 64 | kateversion="5.0" | ||
60 | section="Markup" | 65 | section="Markup" | ||
61 | extensions="usr.bin.*;usr.sbin.*;bin.*;sbin.*;usr.lib.*;usr.lib64.*;usr.lib32.*;usr.libx32.*;usr.libexec.*;usr.local.bin.*;usr.local.sbin.*;usr.local.lib*;opt.*;etc.cron.*" | 66 | extensions="usr.bin.*;usr.sbin.*;bin.*;sbin.*;usr.lib.*;usr.lib64.*;usr.lib32.*;usr.libx32.*;usr.libexec.*;usr.local.bin.*;usr.local.sbin.*;usr.local.lib*;opt.*;etc.cron.*" | ||
62 | priority="0" | 67 | priority="0" | ||
63 | mimetype="" | 68 | mimetype="" | ||
64 | author="Nibaldo González (nibgonz@gmail.com)" | 69 | author="Nibaldo González (nibgonz@gmail.com)" | ||
65 | license="MIT"> | 70 | license="MIT"> | ||
66 | 71 | | |||
67 | <highlighting> | 72 | <highlighting> | ||
68 | 73 | | |||
69 | <!-- Profile Header --> | 74 | <!-- Profile Header --> | ||
70 | <list name="profile_head"> | 75 | <list name="profile_head"> | ||
71 | <item>profile</item> | 76 | <item>profile</item> | ||
72 | <item>hat</item> | 77 | <item>hat</item> | ||
73 | </list> | 78 | </list> | ||
74 | <list name="profile_options"> | 79 | <list name="profile_options"> | ||
75 | <item>flags</item> | 80 | <item>flags</item> | ||
81 | <item>xattrs</item> | ||||
76 | </list> | 82 | </list> | ||
77 | <list name="profile_flags"> | 83 | <list name="profile_flags"> | ||
78 | <item>audit</item> | 84 | <item>audit</item> | ||
79 | <item>complain</item> | 85 | <item>enforce</item> <item>complain</item> | ||
80 | <item>enforce</item> | 86 | <item>mediate_deleted</item> <item>delegate_deleted</item> | ||
81 | <item>mediate_deleted</item> | 87 | <item>attach_disconnected</item> <item>no_attach_disconnected</item> | ||
82 | <item>attach_disconnected</item> | 88 | <item>chroot_relative</item> <item>namespace_relative</item> | ||
83 | <item>chroot_relative</item> | 89 | <item>chroot_attach</item> <item>chroot_no_attach</item> | ||
84 | <item>chroot_attach</item> | | |||
85 | <item>chroot_no_attach</item> | | |||
86 | <item>delegate_deleted</item> | | |||
87 | <item>no_attach_disconnected</item> | | |||
88 | <item>namespace_relative</item> | | |||
89 | </list> | 90 | </list> | ||
90 | 91 | | |||
91 | <!-- Rule Qualifiers --> | 92 | <!-- Rule Qualifiers --> | ||
92 | <list name="access_types"> | 93 | <list name="access_types"> | ||
93 | <item>allow</item> | 94 | <item>allow</item> | ||
94 | <item>deny</item> | 95 | <item>deny</item> | ||
95 | </list> | 96 | </list> | ||
96 | <list name="file_qualifiers"> | 97 | <list name="file_qualifiers"> | ||
97 | <item>owner</item> | 98 | <item>owner</item> | ||
98 | <!-- other --> | 99 | <!-- other --> | ||
99 | </list> | 100 | </list> | ||
100 | <list name="qualifiers"> | 101 | <list name="qualifiers"> | ||
101 | <item>audit</item> | 102 | <item>audit</item> | ||
102 | <!-- defined, if, else, not --> | 103 | <!-- noaudit/quiet, defined, if, else, not --> | ||
103 | </list> | 104 | </list> | ||
104 | 105 | | |||
105 | <!-- Capabilities, Capability Rule. | 106 | <!-- Capabilities, Capability Rule. | ||
106 | Lowercase capability name without 'CAP_' prefix. | 107 | Lowercase capability name without 'CAP_' prefix. | ||
107 | http://man7.org/linux/man-pages/man7/capabilities.7.html --> | 108 | http://man7.org/linux/man-pages/man7/capabilities.7.html --> | ||
108 | <list name="rule_capability"> | 109 | <list name="rule_capability"> | ||
109 | <item>audit_control</item> | 110 | <item>audit_control</item> <item>audit_read</item> | ||
110 | <item>audit_read</item> | 111 | <item>audit_write</item> <item>block_suspend</item> | ||
111 | <item>audit_write</item> | 112 | <item>chown</item> <item>dac_override</item> | ||
112 | <item>block_suspend</item> | 113 | <item>dac_read_search</item> <item>fowner</item> | ||
113 | <item>chown</item> | 114 | <item>fsetid</item> <item>ipc_lock</item> | ||
114 | <item>dac_override</item> | 115 | <item>ipc_owner</item> <item>kill</item> | ||
115 | <item>dac_read_search</item> | 116 | <item>lease</item> <item>linux_immutable</item> | ||
116 | <item>fowner</item> | 117 | <item>mac_admin</item> <item>mac_override</item> | ||
117 | <item>fsetid</item> | 118 | <item>mknod</item> <item>net_admin</item> | ||
118 | <item>ipc_lock</item> | 119 | <item>net_bind_service</item> <item>net_broadcast</item> | ||
119 | <item>ipc_owner</item> | 120 | <item>net_raw</item> <item>setgid</item> | ||
120 | <item>kill</item> | 121 | <item>setfcap</item> <item>setpcap</item> | ||
121 | <item>lease</item> | 122 | <item>setuid</item> <item>sys_admin</item> | ||
122 | <item>linux_immutable</item> | 123 | <item>sys_boot</item> <item>sys_chroot</item> | ||
123 | <item>mac_admin</item> | 124 | <item>sys_module</item> <item>sys_nice</item> | ||
124 | <item>mac_override</item> | 125 | <item>sys_pacct</item> <item>sys_ptrace</item> | ||
125 | <item>mknod</item> | 126 | <item>sys_rawio</item> <item>sys_resource</item> | ||
126 | <item>net_admin</item> | 127 | <item>sys_time</item> <item>sys_tty_config</item> | ||
127 | <item>net_bind_service</item> | 128 | <item>syslog</item> <item>wake_alarm</item> | ||
128 | <item>net_broadcast</item> | | |||
129 | <item>net_raw</item> | | |||
130 | <item>setgid</item> | | |||
131 | <item>setfcap</item> | | |||
132 | <item>setpcap</item> | | |||
133 | <item>setuid</item> | | |||
134 | <item>sys_admin</item> | | |||
135 | <item>sys_boot</item> | | |||
136 | <item>sys_chroot</item> | | |||
137 | <item>sys_module</item> | | |||
138 | <item>sys_nice</item> | | |||
139 | <item>sys_pacct</item> | | |||
140 | <item>sys_ptrace</item> | | |||
141 | <item>sys_rawio</item> | | |||
142 | <item>sys_resource</item> | | |||
143 | <item>sys_time</item> | | |||
144 | <item>sys_tty_config</item> | | |||
145 | <item>syslog</item> | | |||
146 | <item>wake_alarm</item> | | |||
147 | </list> | 129 | </list> | ||
148 | 130 | | |||
149 | <!-- Network Rule --> | 131 | <!-- Network Rule --> | ||
150 | <list name="rule_network"> | 132 | <list name="rule_network"> | ||
151 | <!-- Domain. | 133 | <!-- Domain. | ||
152 | Also: unix --> | 134 | Also: unix --> | ||
153 | <item>inet</item> | 135 | <item>inet</item> <item>ax25</item> | ||
154 | <item>ax25</item> | 136 | <item>ipx</item> <item>appletalk</item> | ||
155 | <item>ipx</item> | 137 | <item>netrom</item> <item>bridge</item> | ||
156 | <item>appletalk</item> | 138 | <item>atmpvc</item> <item>x25</item> | ||
157 | <item>netrom</item> | 139 | <item>inet6</item> <item>rose</item> | ||
158 | <item>bridge</item> | 140 | <item>netbeui</item> <item>security</item> | ||
159 | <item>atmpvc</item> | 141 | <item>key</item> <item>packet</item> | ||
160 | <item>x25</item> | 142 | <item>ash</item> <item>econet</item> | ||
161 | <item>inet6</item> | 143 | <item>atmsvc</item> <item>sna</item> | ||
162 | <item>rose</item> | 144 | <item>irda</item> <item>pppox</item> | ||
163 | <item>netbeui</item> | 145 | <item>wanpipe</item> <item>bluetooth</item> | ||
164 | <item>security</item> | 146 | <item>netlink</item> <item>rds</item> | ||
165 | <item>key</item> | 147 | <item>llc</item> <item>can</item> | ||
166 | <item>packet</item> | 148 | <item>tipc</item> <item>iucv</item> | ||
167 | <item>ash</item> | 149 | <item>rxrpc</item> <item>isdn</item> | ||
168 | <item>econet</item> | 150 | <item>phonet</item> <item>ieee802154</item> | ||
169 | <item>atmsvc</item> | 151 | <item>caif</item> <item>alg</item> | ||
170 | <item>sna</item> | 152 | <item>nfc</item> <item>vsock</item> | ||
171 | <item>irda</item> | 153 | <item>mpls</item> <item>ib</item> | ||
172 | <item>pppox</item> | 154 | <item>kcm</item> <item>smc</item> | ||
173 | <item>wanpipe</item> | | |||
174 | <item>bluetooth</item> | | |||
175 | <item>netlink</item> | | |||
176 | <item>rds</item> | | |||
177 | <item>llc</item> | | |||
178 | <item>can</item> | | |||
179 | <item>tipc</item> | | |||
180 | <item>iucv</item> | | |||
181 | <item>rxrpc</item> | | |||
182 | <item>isdn</item> | | |||
183 | <item>phonet</item> | | |||
184 | <item>ieee802154</item> | | |||
185 | <item>caif</item> | | |||
186 | <item>alg</item> | | |||
187 | <item>nfc</item> | | |||
188 | <item>vsock</item> | | |||
189 | <item>mpls</item> | | |||
190 | <item>ib</item> | | |||
191 | <item>kcm</item> | | |||
192 | <item>smc</item> | | |||
193 | 155 | | |||
194 | <!-- Type. | 156 | <!-- Type. | ||
195 | Also: packet --> | 157 | Also: packet --> | ||
196 | <item>stream</item> | 158 | <item>stream</item> <item>dgram</item> | ||
197 | <item>dgram</item> | 159 | <item>seqpacket</item> <item>rdm</item> | ||
198 | <item>seqpacket</item> | | |||
199 | <item>rdm</item> | | |||
200 | <item>raw</item> | 160 | <item>raw</item> | ||
201 | 161 | | |||
202 | <!-- Protocol --> | 162 | <!-- Protocol --> | ||
203 | <item>tcp</item> | 163 | <item>tcp</item> | ||
204 | <item>udp</item> | 164 | <item>udp</item> | ||
205 | <item>icmp</item> | 165 | <item>icmp</item> | ||
206 | </list> | 166 | </list> | ||
207 | <list name="rule_network_unix"> | 167 | <list name="rule_network_unix"> | ||
208 | <!-- NOTE: This keyword is placed in a separate list, | 168 | <!-- NOTE: This keyword is placed in a separate list, | ||
209 | to avoid conflicts with the 'unix' rule name. --> | 169 | to avoid conflicts with the 'unix' rule name. --> | ||
210 | <item>unix</item> | 170 | <item>unix</item> | ||
211 | </list> | 171 | </list> | ||
212 | 172 | | |||
213 | <!-- Mount Rule --> | 173 | <!-- Mount Rule --> | ||
214 | <list name="rule_mount_options"> | 174 | <list name="rule_mount_options"> | ||
215 | <item>fstype</item> | 175 | <item>fstype</item> <item>vfstype</item> | ||
216 | <item>vfstype</item> | 176 | <item>options</item> <item>option</item> | ||
217 | <item>options</item> | | |||
218 | <item>option</item> | | |||
219 | </list> | 177 | </list> | ||
220 | <list name="rule_mount_flags"> | 178 | <list name="rule_mount_flags"> | ||
221 | <item>r</item> | 179 | <item>r</item> <item>w</item> | ||
222 | <item>w</item> | 180 | <item>rw</item> <item>ro</item> | ||
223 | <item>rw</item> | 181 | <item>read-only</item> <item>suid</item> | ||
224 | <item>ro</item> | 182 | <item>nosuid</item> <item>dev</item> | ||
225 | <item>read-only</item> | 183 | <item>nodev</item> <item>exec</item> | ||
226 | <item>suid</item> | 184 | <item>noexec</item> <item>sync</item> | ||
227 | <item>nosuid</item> | 185 | <item>async</item> <item>remount</item> | ||
228 | <item>dev</item> | 186 | <item>mand</item> <item>nomand</item> | ||
229 | <item>nodev</item> | 187 | <item>dirsync</item> <item>atime</item> | ||
230 | <item>exec</item> | 188 | <item>noatime</item> <item>diratime</item> | ||
231 | <item>noexec</item> | 189 | <item>nodiratime</item> <item>bind</item> | ||
232 | <item>sync</item> | 190 | <item>B</item> <item>move</item> | ||
233 | <item>async</item> | 191 | <item>M</item> <item>rbind</item> | ||
234 | <item>remount</item> | 192 | <item>R</item> <item>verbose</item> | ||
235 | <item>mand</item> | 193 | <item>silent</item> <item>loud</item> | ||
236 | <item>nomand</item> | 194 | <item>acl</item> <item>noacl</item> | ||
237 | <item>dirsync</item> | 195 | <item>unbindable</item> <item>make-unbindable</item> | ||
238 | <item>atime</item> | 196 | <item>runbindable</item> <item>make-runbindable</item> | ||
239 | <item>noatime</item> | 197 | <item>private</item> <item>make-private</item> | ||
240 | <item>diratime</item> | 198 | <item>rprivate</item> <item>make-rprivate</item> | ||
241 | <item>nodiratime</item> | 199 | <item>slave</item> <item>make-slave</item> | ||
242 | <item>bind</item> | 200 | <item>rslave</item> <item>make-rslave</item> | ||
243 | <item>B</item> | 201 | <item>shared</item> <item>make-shared</item> | ||
244 | <item>move</item> | 202 | <item>rshared</item> <item>make-rshared</item> | ||
245 | <item>M</item> | 203 | <item>relatime</item> <item>norelatime</item> | ||
246 | <item>rbind</item> | 204 | <item>iversion</item> <item>noiversion</item> | ||
247 | <item>R</item> | 205 | <item>strictatime</item> <item>user</item> | ||
248 | <item>verbose</item> | | |||
249 | <item>silent</item> | | |||
250 | <item>loud</item> | | |||
251 | <item>acl</item> | | |||
252 | <item>noacl</item> | | |||
253 | <item>unbindable</item> | | |||
254 | <item>make-unbindable</item> | | |||
255 | <item>runbindable</item> | | |||
256 | <item>make-runbindable</item> | | |||
257 | <item>private</item> | | |||
258 | <item>make-private</item> | | |||
259 | <item>rprivate</item> | | |||
260 | <item>make-rprivate</item> | | |||
261 | <item>slave</item> | | |||
262 | <item>make-slave</item> | | |||
263 | <item>rslave</item> | | |||
264 | <item>make-rslave</item> | | |||
265 | <item>shared</item> | | |||
266 | <item>make-shared</item> | | |||
267 | <item>rshared</item> | | |||
268 | <item>make-rshared</item> | | |||
269 | <item>relatime</item> | | |||
270 | <item>norelatime</item> | | |||
271 | <item>iversion</item> | | |||
272 | <item>noiversion</item> | | |||
273 | <item>strictatime</item> | | |||
274 | <item>user</item> | | |||
275 | <item>nouser</item> | 206 | <item>nouser</item> | ||
276 | </list> | 207 | </list> | ||
277 | <list name="rule_mount_fstypes"> | 208 | <list name="rule_mount_fstypes"> | ||
278 | <!-- VFS Types --> | 209 | <!-- VFS Types --> | ||
279 | <item>autofs</item> | 210 | <item>autofs</item> <item>bdev</item> <item>bpf</item> | ||
280 | <item>bdev</item> | 211 | <item>cachefs</item> <item>cgroup</item> <item>cgroup2</item> | ||
281 | <item>bpf</item> | 212 | <item>cifs</item> <item>coherent</item> <item>configfs</item> | ||
282 | <item>cachefs</item> | 213 | <item>cpuset</item> <item>cramfs</item> <item>debugfs</item> | ||
283 | <item>cgroup</item> | 214 | <item>devfs</item> <item>devpts</item> <item>devtmpfs</item> | ||
284 | <item>cgroup2</item> | 215 | <item>ecryptfs</item> <item>efs</item> <item>fuse</item> | ||
285 | <item>cifs</item> | 216 | <item>fuseblk</item> <item>fusectl</item> <item>hugetlbfs</item> | ||
286 | <item>coherent</item> | 217 | <item>iso9660</item> <item>kernfs</item> <item>mqueue</item> | ||
287 | <item>configfs</item> | 218 | <item>pipefs</item> <item>proc</item> <item>procfs</item> | ||
288 | <item>cpuset</item> | 219 | <item>pstore</item> <item>ramfs</item> <item>romfs</item> | ||
289 | <item>cramfs</item> | 220 | <item>rootfs</item> <item>securityfs</item> <item>selinuxfs</item> | ||
290 | <item>debugfs</item> | 221 | <item>sockfs</item> <item>specfs</item> <item>squashfs</item> | ||
291 | <item>devfs</item> | 222 | <item>swapfs</item> <item>sysfs</item> <item>sysv</item> | ||
292 | <item>devpts</item> | 223 | <item>tmpfs</item> <item>usbfs</item> <item>vfat</item> | ||
293 | <item>devtmpfs</item> | | |||
294 | <item>ecryptfs</item> | | |||
295 | <item>efs</item> | | |||
296 | <item>fuse</item> | | |||
297 | <item>fuseblk</item> | | |||
298 | <item>fusectl</item> | | |||
299 | <item>hugetlbfs</item> | | |||
300 | <item>iso9660</item> | | |||
301 | <item>kernfs</item> | | |||
302 | <item>mqueue</item> | | |||
303 | <item>pipefs</item> | | |||
304 | <item>proc</item> | | |||
305 | <item>procfs</item> | | |||
306 | <item>pstore</item> | | |||
307 | <item>ramfs</item> | | |||
308 | <item>romfs</item> | | |||
309 | <item>rootfs</item> | | |||
310 | <item>securityfs</item> | | |||
311 | <item>selinuxfs</item> | | |||
312 | <item>sockfs</item> | | |||
313 | <item>specfs</item> | | |||
314 | <item>squashfs</item> | | |||
315 | <item>swapfs</item> | | |||
316 | <item>sysfs</item> | | |||
317 | <item>sysv</item> | | |||
318 | <item>tmpfs</item> | | |||
319 | <item>usbfs</item> | | |||
320 | <item>vfat</item> | | |||
321 | <!-- FS Types --> | 224 | <!-- FS Types --> | ||
322 | <item>adfs</item> | 225 | <item>adfs</item> <item>affs</item> <item>apfs</item> | ||
323 | <item>affs</item> | 226 | <item>btrfs</item> <item>coda</item> <item>exfat</item> | ||
324 | <item>apfs</item> | 227 | <item>ext2</item> <item>ext3</item> <item>ext4</item> | ||
325 | <item>btrfs</item> | 228 | <item>f2fs</item> <item>fatx</item> <item>hfs</item> | ||
326 | <item>coda</item> | 229 | <item>hfsplus</item> <item>hpfs</item> <item>jfs</item> | ||
327 | <item>exfat</item> | 230 | <item>lvm2</item> <item>minix</item> <item>msdos</item> | ||
328 | <item>ext2</item> | 231 | <item>ncpfs</item> <item>nilfs</item> <item>nilfs2</item> | ||
329 | <item>ext3</item> | 232 | <item>nfs</item> <item>nfs4</item> <item>ntfs</item> | ||
330 | <item>ext4</item> | 233 | <item>ntfs-3g</item> <item>openzfs</item> <item>qnx4</item> | ||
331 | <item>f2fs</item> | 234 | <item>qnx6</item> <item>reiser4</item> <item>reiserfs</item> | ||
332 | <item>fatx</item> | 235 | <item>smbfs</item> <item>swap</item> <item>tracefs</item> | ||
333 | <item>hfs</item> | 236 | <item>ubifs</item> <item>udf</item> <item>ufs</item> | ||
334 | <item>hfsplus</item> | 237 | <item>umsdos</item> <item>urefs</item> <item>xenix</item> | ||
335 | <item>hpfs</item> | 238 | <item>xfs</item> <item>zfs</item> | ||
336 | <item>jfs</item> | | |||
337 | <item>lvm2</item> | | |||
338 | <item>minix</item> | | |||
339 | <item>msdos</item> | | |||
340 | <item>ncpfs</item> | | |||
341 | <item>nilfs</item> | | |||
342 | <item>nilfs2</item> | | |||
343 | <item>nfs</item> | | |||
344 | <item>nfs4</item> | | |||
345 | <item>ntfs</item> | | |||
346 | <item>ntfs-3g</item> | | |||
347 | <item>openzfs</item> | | |||
348 | <item>qnx4</item> | | |||
349 | <item>qnx6</item> | | |||
350 | <item>reiser4</item> | | |||
351 | <item>reiserfs</item> | | |||
352 | <item>smbfs</item> | | |||
353 | <item>swap</item> | | |||
354 | <item>tracefs</item> | | |||
355 | <item>ubifs</item> | | |||
356 | <item>udf</item> | | |||
357 | <item>ufs</item> | | |||
358 | <item>umsdos</item> | | |||
359 | <item>urefs</item> | | |||
360 | <item>xenix</item> | | |||
361 | <item>xfs</item> | | |||
362 | <item>zfs</item> | | |||
363 | <!-- Not included: ext, usbdevfs, xiafs --> | 239 | <!-- Not included: ext, usbdevfs, xiafs --> | ||
364 | </list> | 240 | </list> | ||
365 | 241 | | |||
366 | <!-- Pivot Root Rule --> | 242 | <!-- Pivot Root Rule --> | ||
367 | <list name="rule_pivotroot_options"> | 243 | <list name="rule_pivotroot_options"> | ||
368 | <item>oldroot</item> | 244 | <item>oldroot</item> | ||
369 | </list> | 245 | </list> | ||
370 | 246 | | |||
Show All 10 Lines | |||||
381 | 257 | | |||
382 | <!-- Signal Rule --> | 258 | <!-- Signal Rule --> | ||
383 | <list name="rule_signal_options"> | 259 | <list name="rule_signal_options"> | ||
384 | <item>set</item> | 260 | <item>set</item> | ||
385 | <item>peer</item> | 261 | <item>peer</item> | ||
386 | </list> | 262 | </list> | ||
387 | <list name="rule_signal"> | 263 | <list name="rule_signal"> | ||
388 | <!-- Also: rtmin+0 ... rtmin+32 --> | 264 | <!-- Also: rtmin+0 ... rtmin+32 --> | ||
389 | <item>bus</item> | 265 | <item>bus</item> <item>hup</item> <item>int</item> | ||
390 | <item>hup</item> | 266 | <item>quit</item> <item>ill</item> <item>trap</item> | ||
391 | <item>int</item> | 267 | <item>abrt</item> <item>fpe</item> <item>kill</item> | ||
392 | <item>quit</item> | 268 | <item>usr1</item> <item>segv</item> <item>usr2</item> | ||
393 | <item>ill</item> | 269 | <item>pipe</item> <item>alrm</item> <item>term</item> | ||
394 | <item>trap</item> | 270 | <item>stkflt</item> <item>chld</item> <item>cont</item> | ||
395 | <item>abrt</item> | 271 | <item>stop</item> <item>stp</item> <item>ttin</item> | ||
396 | <item>fpe</item> | 272 | <item>ttou</item> <item>urg</item> <item>xcpu</item> | ||
397 | <item>kill</item> | 273 | <item>xfsz</item> <item>vtalrm</item> <item>prof</item> | ||
398 | <item>usr1</item> | 274 | <item>winch</item> <item>io</item> <item>pwr</item> | ||
399 | <item>segv</item> | 275 | <item>sys</item> <item>emt</item> <item>exists</item> | ||
400 | <item>usr2</item> | | |||
401 | <item>pipe</item> | | |||
402 | <item>alrm</item> | | |||
403 | <item>term</item> | | |||
404 | <item>stkflt</item> | | |||
405 | <item>chld</item> | | |||
406 | <item>cont</item> | | |||
407 | <item>stop</item> | | |||
408 | <item>stp</item> | | |||
409 | <item>ttin</item> | | |||
410 | <item>ttou</item> | | |||
411 | <item>urg</item> | | |||
412 | <item>xcpu</item> | | |||
413 | <item>xfsz</item> | | |||
414 | <item>vtalrm</item> | | |||
415 | <item>prof</item> | | |||
416 | <item>winch</item> | | |||
417 | <item>io</item> | | |||
418 | <item>pwr</item> | | |||
419 | <item>sys</item> | | |||
420 | <item>emt</item> | | |||
421 | <item>exists</item> | | |||
422 | </list> | 276 | </list> | ||
423 | <list name="rule_signal_access"> | 277 | <list name="rule_signal_access"> | ||
424 | <!-- Also: r, w, rw, read, write --> | 278 | <!-- Also: r, w, rw, read, write --> | ||
425 | <item>send</item> | 279 | <item>send</item> | ||
426 | <item>receive</item> | 280 | <item>receive</item> | ||
427 | </list> | 281 | </list> | ||
428 | 282 | | |||
429 | <!-- DBus Rule --> | 283 | <!-- DBus Rule --> | ||
430 | <list name="rule_dbus_options"> | 284 | <list name="rule_dbus_options"> | ||
431 | <item>peer</item> | 285 | <item>peer</item> <item>bus</item> | ||
432 | <item>bus</item> | 286 | <item>path</item> <item>interface</item> | ||
433 | <item>path</item> | 287 | <item>member</item> <item>name</item> | ||
434 | <item>interface</item> | | |||
435 | <item>member</item> | | |||
436 | <item>name</item> | | |||
437 | </list> | 288 | </list> | ||
438 | <list name="rule_dbus_peer"> | 289 | <list name="rule_dbus_peer"> | ||
439 | <item>name</item> | 290 | <item>name</item> | ||
440 | <item>label</item> | 291 | <item>label</item> | ||
441 | </list> | 292 | </list> | ||
442 | <list name="rule_dbus_access"> | 293 | <list name="rule_dbus_access"> | ||
443 | <!-- Also: r, w, rw, read, write --> | 294 | <!-- Also: r, w, rw, read, write --> | ||
444 | <item>send</item> | 295 | <item>send</item> <item>receive</item> | ||
445 | <item>receive</item> | 296 | <item>bind</item> <item>eavesdrop</item> | ||
446 | <item>bind</item> | | |||
447 | <item>eavesdrop</item> | | |||
448 | </list> | 297 | </list> | ||
449 | <list name="rule_dbus_bus"> | 298 | <list name="rule_dbus_bus"> | ||
450 | <item>system</item> | 299 | <item>system</item> | ||
451 | <item>session</item> | 300 | <item>session</item> | ||
452 | </list> | 301 | </list> | ||
453 | 302 | | |||
454 | <!-- Unix Rule --> | 303 | <!-- Unix Rule --> | ||
455 | <list name="rule_unix_options"> | 304 | <list name="rule_unix_options"> | ||
456 | <item>peer</item> | 305 | <item>peer</item> <item>set</item> | ||
457 | <item>set</item> | 306 | <item>label</item> <item>type</item> | ||
458 | <item>label</item> | 307 | <item>protocol</item> <item>addr</item> | ||
459 | <item>type</item> | 308 | <item>attr</item> <item>opt</item> | ||
460 | <item>protocol</item> | | |||
461 | <item>addr</item> | | |||
462 | <item>attr</item> | | |||
463 | <item>opt</item> | | |||
464 | </list> | 309 | </list> | ||
465 | <list name="rule_unix_access"> | 310 | <list name="rule_unix_access"> | ||
466 | <!-- Also: r, w, rw, read, write --> | 311 | <!-- Also: r, w, rw, read, write --> | ||
467 | <item>send</item> | 312 | <item>send</item> <item>receive</item> | ||
468 | <item>receive</item> | 313 | <item>bind</item> <item>create</item> | ||
469 | <item>bind</item> | 314 | <item>listen</item> <item>accept</item> | ||
470 | <item>create</item> | 315 | <item>connect</item> <item>shutdown</item> | ||
471 | <item>listen</item> | 316 | <item>getattr</item> <item>setattr</item> | ||
472 | <item>accept</item> | 317 | <item>getopt</item> <item>setopt</item> | ||
473 | <item>connect</item> | | |||
474 | <item>shutdown</item> | | |||
475 | <item>getattr</item> | | |||
476 | <item>setattr</item> | | |||
477 | <item>getopt</item> | | |||
478 | <item>setopt</item> | | |||
479 | </list> | 318 | </list> | ||
480 | 319 | | |||
481 | <!-- Rlimit Rule --> | 320 | <!-- Rlimit Rule --> | ||
482 | <list name="rule_rlimit"> | 321 | <list name="rule_rlimit"> | ||
483 | <item>cpu</item> | 322 | <item>cpu</item> <item>fsize</item> | ||
484 | <item>fsize</item> | 323 | <item>data</item> <item>stack</item> | ||
485 | <item>data</item> | 324 | <item>core</item> <item>rss</item> | ||
486 | <item>stack</item> | 325 | <item>nofile</item> <item>ofile</item> | ||
487 | <item>core</item> | 326 | <item>as</item> <item>nproc</item> | ||
488 | <item>rss</item> | 327 | <item>memlock</item> <item>locks</item> | ||
489 | <item>nofile</item> | 328 | <item>sigpending</item> <item>msgqueue</item> | ||
490 | <item>ofile</item> | 329 | <item>nice</item> <item>rtprio</item> | ||
491 | <item>as</item> | | |||
492 | <item>nproc</item> | | |||
493 | <item>memlock</item> | | |||
494 | <item>locks</item> | | |||
495 | <item>sigpending</item> | | |||
496 | <item>msgqueue</item> | | |||
497 | <item>nice</item> | | |||
498 | <item>rtprio</item> | | |||
499 | <item>rttime</item> | 330 | <item>rttime</item> | ||
500 | </list> | 331 | </list> | ||
501 | 332 | | |||
502 | <!-- Link Rule --> | 333 | <!-- Link Rule --> | ||
503 | <list name="rule_link"> | 334 | <list name="rule_link"> | ||
504 | <item>subset</item> | 335 | <item>subset</item> | ||
505 | </list> | 336 | </list> | ||
506 | 337 | | |||
507 | <!-- Change Profile Rule --> | 338 | <!-- Change Profile Rule --> | ||
508 | <list name="rule_changeprofile"> | 339 | <list name="rule_changeprofile"> | ||
509 | <item>safe</item> | 340 | <item>safe</item> | ||
510 | <item>unsafe</item> | 341 | <item>unsafe</item> | ||
511 | </list> | 342 | </list> | ||
512 | 343 | | |||
344 | <list name="rule_include"> | ||||
345 | <item>if</item> | ||||
346 | <item>exists</item> | ||||
347 | </list> | ||||
348 | | ||||
513 | <!-- Permissions --> | 349 | <!-- Permissions --> | ||
514 | <list name="base_accesses"> | 350 | <list name="base_accesses"> | ||
515 | <item>rw</item> | 351 | <item>rw</item> | ||
516 | <item>r</item> | 352 | <item>r</item> | ||
517 | <item>w</item> | 353 | <item>w</item> | ||
518 | <item>read</item> | 354 | <item>read</item> | ||
519 | <item>write</item> | 355 | <item>write</item> | ||
520 | </list> | 356 | </list> | ||
521 | 357 | | |||
522 | <!-- Abstractions and variables defined in the provided AppArmor policy. | 358 | <!-- Abstractions and variables defined in the provided AppArmor policy. | ||
523 | NOTE: The following keywords are not used for highlighting. The purpose of these | 359 | NOTE: The following keywords are not used for highlighting. The purpose of these | ||
524 | is to provide autocomplete suggestions when writing Include rules and variables. --> | 360 | is to provide autocomplete suggestions when writing Include rules and variables. --> | ||
525 | <list name="default_variables"> | 361 | <list name="default_variables"> | ||
526 | <item>profile_name</item> <!-- Special variable --> | 362 | <item>profile_name</item> <!-- Special variable --> | ||
527 | 363 | | |||
528 | <item>HOME</item> | 364 | <item>HOME</item> <item>HOMEDIRS</item> | ||
529 | <item>HOMEDIRS</item> | 365 | <item>multiarch</item> <item>pid</item> | ||
530 | <item>multiarch</item> | 366 | <item>pids</item> <item>PROC</item> | ||
531 | <item>pid</item> | 367 | <item>securityfs</item> <item>apparmorfs</item> | ||
532 | <item>pids</item> | 368 | <item>sys</item> <item>tid</item> | ||
533 | <item>PROC</item> | 369 | <item>XDG_DESKTOP_DIR</item> <item>XDG_DOWNLOAD_DIR</item> | ||
534 | <item>securityfs</item> | 370 | <item>XDG_TEMPLATES_DIR</item> <item>XDG_PUBLICSHARE_DIR</item> | ||
535 | <item>apparmorfs</item> | 371 | <item>XDG_DOCUMENTS_DIR</item> <item>XDG_MUSIC_DIR</item> | ||
536 | <item>sys</item> | 372 | <item>XDG_PICTURES_DIR</item> <item>XDG_VIDEOS_DIR</item> | ||
537 | <item>tid</item> | | |||
538 | <item>XDG_DESKTOP_DIR</item> | | |||
539 | <item>XDG_DOWNLOAD_DIR</item> | | |||
540 | <item>XDG_TEMPLATES_DIR</item> | | |||
541 | <item>XDG_PUBLICSHARE_DIR</item> | | |||
542 | <item>XDG_DOCUMENTS_DIR</item> | | |||
543 | <item>XDG_MUSIC_DIR</item> | | |||
544 | <item>XDG_PICTURES_DIR</item> | | |||
545 | <item>XDG_VIDEOS_DIR</item> | | |||
546 | </list> | 373 | </list> | ||
547 | <list name="default_abstractions"> | 374 | <list name="default_abstractions"> | ||
548 | <item>abstractions/</item> | 375 | <item>abstractions/</item> <item>apache2-common</item> | ||
549 | <item>apache2-common</item> | 376 | <item>aspell</item> <item>audio</item> | ||
550 | <item>aspell</item> | 377 | <item>authentication</item> <item>base</item> | ||
551 | <item>audio</item> | 378 | <item>bash</item> <item>consoles</item> | ||
552 | <item>authentication</item> | 379 | <item>cups-client</item> <item>dbus</item> | ||
553 | <item>base</item> | 380 | <item>dbus-accessibility</item> <item>dbus-accessibility-strict</item> | ||
554 | <item>bash</item> | 381 | <item>dbus-session</item> <item>dbus-session-strict</item> | ||
555 | <item>consoles</item> | 382 | <item>dbus-strict</item> <item>dconf</item> | ||
556 | <item>cups-client</item> | 383 | <item>dri-common</item> <item>dri-enumerate</item> | ||
557 | <item>dbus</item> | 384 | <item>dovecot-common</item> <item>enchant</item> | ||
558 | <item>dbus-accessibility</item> | 385 | <item>fcitx</item> <item>fcitx-strict</item> | ||
559 | <item>dbus-accessibility-strict</item> | 386 | <item>fonts</item> <item>freedesktop.org</item> | ||
560 | <item>dbus-session</item> | 387 | <item>gnome</item> <item>gnupg</item> | ||
561 | <item>dbus-session-strict</item> | 388 | <item>ibus</item> <item>kde</item> | ||
562 | <item>dbus-strict</item> | 389 | <item>kerberosclient</item> <item>launchpad-integration</item> | ||
563 | <item>dconf</item> | 390 | <item>ldapclient</item> <item>libpam-systemd</item> | ||
564 | <item>dovecot-common</item> | 391 | <item>likewise</item> <item>mdns</item> | ||
565 | <item>enchant</item> | 392 | <item>mir</item> <item>mozc</item> | ||
566 | <item>fcitx</item> | 393 | <item>mysql</item> <item>nameservice</item> | ||
567 | <item>fcitx-strict</item> | 394 | <item>nis</item> <item>nvidia</item> | ||
568 | <item>fonts</item> | 395 | <item>openssl</item> <item>orbit2</item> | ||
569 | <item>freedesktop.org</item> | 396 | <item>p11-kit</item> <item>perl</item> | ||
570 | <item>gnome</item> | 397 | <item>php</item> <item>php5</item> | ||
571 | <item>gnupg</item> | 398 | <item>postfix-common</item> <item>python</item> | ||
572 | <item>ibus</item> | 399 | <item>private-files</item> <item>private-files-strict</item> | ||
573 | <item>kde</item> | 400 | <item>ruby</item> <item>samba</item> | ||
574 | <item>kerberosclient</item> | 401 | <item>smbpass</item> <item>svn-repositories</item> | ||
575 | <item>launchpad-integration</item> | 402 | <item>ssl_certs</item> <item>ssl_keys</item> | ||
576 | <item>ldapclient</item> | 403 | <item>ubuntu-browsers</item> <item>ubuntu-bittorrent-clients</item> | ||
577 | <item>libpam-systemd</item> | 404 | <item>ubuntu-console-email</item> <item>ubuntu-console-browsers</item> | ||
578 | <item>likewise</item> | 405 | <item>ubuntu-email</item> <item>ubuntu-feed-readers</item> | ||
579 | <item>mdns</item> | 406 | <item>ubuntu-helpers</item> <item>ubuntu-gnome-terminal</item> | ||
580 | <item>mir</item> | 407 | <item>ubuntu-konsole</item> <item>ubuntu-media-players</item> | ||
581 | <item>mozc</item> | 408 | <item>ubuntu-unity7-base</item> <item>ubuntu-unity7-launcher</item> | ||
582 | <item>mysql</item> | 409 | <item>ubuntu-xterm</item> <item>ubuntu-unity7-messaging</item> | ||
583 | <item>nameservice</item> | 410 | <item>user-download</item> <item>user-mail</item> | ||
584 | <item>nis</item> | 411 | <item>user-manpages</item> <item>user-tmp</item> | ||
585 | <item>nvidia</item> | 412 | <item>user-write</item> <item>video</item> | ||
586 | <item>openssl</item> | 413 | <item>wayland</item> <item>web-data</item> | ||
587 | <item>orbit2</item> | 414 | <item>winbind</item> <item>wutmp</item> | ||
588 | <item>p11-kit</item> | 415 | <item>X</item> <item>xad</item> | ||
589 | <item>perl</item> | | |||
590 | <item>php</item> | | |||
591 | <item>php5</item> | | |||
592 | <item>postfix-common</item> | | |||
593 | <item>private-files</item> | | |||
594 | <item>private-files-strict</item> | | |||
595 | <item>python</item> | | |||
596 | <item>ruby</item> | | |||
597 | <item>samba</item> | | |||
598 | <item>smbpass</item> | | |||
599 | <item>ssl_certs</item> | | |||
600 | <item>ssl_keys</item> | | |||
601 | <item>svn-repositories</item> | | |||
602 | <item>ubuntu-bittorrent-clients</item> | | |||
603 | <item>ubuntu-browsers</item> | | |||
604 | <item>ubuntu-console-browsers</item> | | |||
605 | <item>ubuntu-console-email</item> | | |||
606 | <item>ubuntu-email</item> | | |||
607 | <item>ubuntu-feed-readers</item> | | |||
608 | <item>ubuntu-gnome-terminal</item> | | |||
609 | <item>ubuntu-helpers</item> | | |||
610 | <item>ubuntu-konsole</item> | | |||
611 | <item>ubuntu-media-players</item> | | |||
612 | <item>ubuntu-unity7-base</item> | | |||
613 | <item>ubuntu-unity7-launcher</item> | | |||
614 | <item>ubuntu-unity7-messaging</item> | | |||
615 | <item>ubuntu-xterm</item> | | |||
616 | <item>user-download</item> | | |||
617 | <item>user-mail</item> | | |||
618 | <item>user-manpages</item> | | |||
619 | <item>user-tmp</item> | | |||
620 | <item>user-write</item> | | |||
621 | <item>video</item> | | |||
622 | <item>wayland</item> | | |||
623 | <item>web-data</item> | | |||
624 | <item>winbind</item> | | |||
625 | <item>wutmp</item> | | |||
626 | <item>X</item> | | |||
627 | <item>xad</item> | | |||
628 | <item>xdg-desktop</item> | 416 | <item>xdg-desktop</item> | ||
629 | 417 | | |||
630 | <item>ubuntu-browsers.d/</item> | 418 | <item>ubuntu-browsers.d/</item> <item>java</item> | ||
631 | <item>java</item> | 419 | <item>mailto</item> <item>multimedia</item> | ||
632 | <item>mailto</item> | 420 | <item>plugins-common</item> <item>productivity</item> | ||
633 | <item>multimedia</item> | 421 | <item>text-editors</item> <item>user-files</item> | ||
634 | <item>plugins-common</item> | 422 | <item>ubuntu-integration</item> <item>ubuntu-integration-xul</item> | ||
635 | <item>productivity</item> | 423 | | ||
636 | <item>text-editors</item> | 424 | <item>apparmor_api/</item> <item>change_profile</item> | ||
637 | <item>ubuntu-integration</item> | 425 | <item>examine</item> <item>find_mountpoint</item> | ||
638 | <item>ubuntu-integration-xul</item> | 426 | <item>introspect</item> <item>is_enabled</item> | ||
639 | <item>user-files</item> | 427 | | ||
640 | 428 | <item>tunables/</item> <item>alias</item> | |||
641 | <item>apparmor_api/</item> | 429 | <item>apparmorfs</item> <item>dovecot</item> | ||
642 | <item>change_profile</item> | 430 | <item>global</item> <item>home</item> | ||
643 | <item>examine</item> | 431 | <item>kernelvars</item> <item>multiarch</item> | ||
644 | <item>find_mountpoint</item> | 432 | <item>ntpd</item> <item>proc</item> | ||
645 | <item>introspect</item> | 433 | <item>securityfs</item> <item>sys</item> | ||
646 | <item>is_enabled</item> | | |||
647 | | ||||
648 | <item>tunables/</item> | | |||
649 | <item>alias</item> | | |||
650 | <item>apparmorfs</item> | | |||
651 | <item>dovecot</item> | | |||
652 | <item>global</item> | | |||
653 | <item>home</item> | | |||
654 | <item>kernelvars</item> | | |||
655 | <item>multiarch</item> | | |||
656 | <item>ntpd</item> | | |||
657 | <item>proc</item> | | |||
658 | <item>securityfs</item> | | |||
659 | <item>sys</item> | | |||
660 | <item>xdg-user-dirs</item> | 434 | <item>xdg-user-dirs</item> | ||
661 | <item>home.d/</item> | 435 | <item>home.d/</item> <item>multiarch.d/</item> | ||
662 | <item>multiarch.d/</item> | 436 | <item>xdg-user-dirs.d/</item> <item>site.local</item> | ||
663 | <item>xdg-user-dirs.d/</item> | | |||
664 | <item>site.local</item> | | |||
665 | 437 | | |||
666 | <item>local/</item> | 438 | <item>local/</item> | ||
667 | </list> | 439 | </list> | ||
668 | 440 | | |||
669 | <list name="boolean"> | 441 | <list name="boolean"> | ||
670 | <item>True</item> | 442 | <item>True</item> | ||
671 | <item>False</item> | 443 | <item>False</item> | ||
672 | </list> | 444 | </list> | ||
445 | <list name="numbers"> | ||||
446 | <item>infinity</item> | ||||
447 | </list> | ||||
673 | <list name="other_words"> | 448 | <list name="other_words"> | ||
674 | <item>unspec</item> | 449 | <item>unspec</item> | ||
675 | <item>none</item> | 450 | <item>none</item> | ||
676 | <item>unconfined</item> | 451 | <item>unconfined</item> | ||
677 | </list> | 452 | </list> | ||
678 | 453 | | |||
679 | <!-- Rule Names. | 454 | <!-- Rule Names. | ||
680 | NOTE: Each rule name is a keyword in separate lists, since each | 455 | NOTE: Each rule name is a keyword in separate lists, since each | ||
Show All 33 Lines | 482 | <context name="_profile" attribute="Normal Text" lineEndContext="#stay"> | |||
714 | <!-- Preamble --> | 489 | <!-- Preamble --> | ||
715 | <StringDetect context="_include" attribute="Preprocessor" String="#include" insensitive="true"/> | 490 | <StringDetect context="_include" attribute="Preprocessor" String="#include" insensitive="true"/> | ||
716 | <RegExpr context="_include" attribute="Preprocessor" String="(^|\s)include(?=\s)"/> | 491 | <RegExpr context="_include" attribute="Preprocessor" String="(^|\s)include(?=\s)"/> | ||
717 | <DetectChar context="_comment" attribute="Comment" char="#"/> | 492 | <DetectChar context="_comment" attribute="Comment" char="#"/> | ||
718 | 493 | | |||
719 | <Detect2Chars context="_variable_assignment" attribute="Variable" char="@" char1="{" lookAhead="true" firstNonSpace="true"/> | 494 | <Detect2Chars context="_variable_assignment" attribute="Variable" char="@" char1="{" lookAhead="true" firstNonSpace="true"/> | ||
720 | <Detect2Chars context="_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> | 495 | <Detect2Chars context="_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> | ||
721 | <RegExpr context="_variable_assignment_operator" attribute="Variable" String="@&varname;(?=\s*(\+?\=|$))" insensitive="true" firstNonSpace="true"/> | 496 | <RegExpr context="_variable_assignment_operator" attribute="Variable" String="@&varname;(?=\s*(\+?\=|$))" insensitive="true" firstNonSpace="true"/> | ||
497 | <Detect2Chars context="_boolean_assignment" attribute="Variable" char="$" char1="{" lookAhead="true" firstNonSpace="true"/> | ||||
722 | <Detect2Chars context="_boolean" attribute="Variable" char="$" char1="{" lookAhead="true"/> | 498 | <Detect2Chars context="_boolean" attribute="Variable" char="$" char1="{" lookAhead="true"/> | ||
723 | <RegExpr context="#stay" attribute="Variable" String="\$&varname;(?=\s*(\=|$))" insensitive="true" firstNonSpace="true"/> | 499 | <RegExpr context="_boolean_assignment_operator" attribute="Variable" String="\$&varname;(?=\s*(\=|$))" insensitive="true" firstNonSpace="true"/> | ||
724 | <keyword context="#stay" attribute="Other Option" String="boolean"/> | | |||
725 | 500 | | |||
726 | <IncludeRules context="_brackets_error"/> | 501 | <IncludeRules context="_brackets_error"/> | ||
727 | <DetectChar context="#stay" attribute="Normal Text" char="{" beginRegion="Profile"/> | 502 | <DetectChar context="#stay" attribute="Operator 1" char="{" beginRegion="Profile"/> | ||
728 | <DetectChar context="#stay" attribute="Normal Text" char="}" endRegion="Profile"/> | 503 | <DetectChar context="#stay" attribute="Operator 1" char="}" endRegion="Profile"/> | ||
729 | <DetectChar context="_parentheses_block_profile" attribute="Normal Text" char="("/> | 504 | <DetectChar context="_parentheses_block_profile" attribute="Normal Text" char="("/> | ||
730 | <DetectChar context="_r_square_brackets" attribute="Globbing Brackets" char="["/> | 505 | <DetectChar context="_r_square_brackets" attribute="Globbing Brackets" char="["/> | ||
731 | 506 | | |||
732 | <keyword context="#stay" attribute="Access Qualifier" String="access_types"/> | 507 | <keyword context="#stay" attribute="Access Qualifier" String="access_types"/> | ||
733 | <keyword context="#stay" attribute="Qualifier" String="qualifiers"/> | 508 | <keyword context="#stay" attribute="Qualifier" String="qualifiers"/> | ||
734 | <keyword context="#stay" attribute="File Qualifier" String="file_qualifiers"/> | 509 | <keyword context="#stay" attribute="File Qualifier" String="file_qualifiers"/> | ||
735 | 510 | | |||
736 | <!-- Rules --> | 511 | <!-- Rules --> | ||
737 | <keyword context="_rule_file" attribute="Rule" String="rule_name_file" beginRegion="Rule"/> | 512 | <keyword context="_rule_file" attribute="Rule" String="rule_name_file" beginRegion="Rule"/> | ||
738 | <keyword context="_rule_mount" attribute="Rule" String="rule_name_mount" beginRegion="Rule"/> | 513 | <keyword context="_rule_mount" attribute="Rule" String="rule_name_mount" beginRegion="Rule"/> | ||
739 | <keyword context="_default_rule_with_comments" attribute="Rule" String="rule_name_alias" beginRegion="Rule"/> | 514 | <keyword context="_default_rule_with_comments" attribute="Rule" String="rule_name_alias" beginRegion="Rule"/> | ||
740 | <keyword context="_rule_capability" attribute="Rule" String="rule_name_capability" beginRegion="Rule"/> | 515 | <keyword context="_rule_capability" attribute="Rule" String="rule_name_capability" beginRegion="Rule"/> | ||
741 | <keyword context="_rule_network" attribute="Rule" String="rule_name_network" beginRegion="Rule"/> | 516 | <keyword context="_rule_network" attribute="Rule" String="rule_name_network" beginRegion="Rule"/> | ||
742 | <keyword context="_rule_pivotroot" attribute="Rule" String="rule_name_pivotroot" beginRegion="Rule"/> | 517 | <keyword context="_rule_pivotroot" attribute="Rule" String="rule_name_pivotroot" beginRegion="Rule"/> | ||
743 | <keyword context="_rule_ptrace" attribute="Rule" String="rule_name_ptrace" beginRegion="Rule"/> | 518 | <keyword context="_rule_ptrace" attribute="Rule" String="rule_name_ptrace" beginRegion="Rule"/> | ||
744 | <keyword context="_rule_signal" attribute="Rule" String="rule_name_signal" beginRegion="Rule"/> | 519 | <keyword context="_rule_signal" attribute="Rule" String="rule_name_signal" beginRegion="Rule"/> | ||
745 | <keyword context="_rule_dbus" attribute="Rule" String="rule_name_dbus" beginRegion="Rule"/> | 520 | <keyword context="_rule_dbus" attribute="Rule" String="rule_name_dbus" beginRegion="Rule"/> | ||
746 | <keyword context="_rule_unix" attribute="Rule" String="rule_name_unix" beginRegion="Rule"/> | 521 | <keyword context="_rule_unix" attribute="Rule" String="rule_name_unix" beginRegion="Rule"/> | ||
747 | <keyword context="_rule_link" attribute="Rule" String="rule_name_link" beginRegion="Rule"/> | 522 | <keyword context="_rule_link" attribute="Rule" String="rule_name_link" beginRegion="Rule"/> | ||
748 | <keyword context="_rule_changeprofile" attribute="Rule" String="rule_name_changeprofile" beginRegion="Rule"/> | 523 | <keyword context="_rule_changeprofile" attribute="Rule" String="rule_name_changeprofile" beginRegion="Rule"/> | ||
749 | <keyword context="_rule_rlimit" attribute="Rule Error" String="rule_name_rlimit" beginRegion="Rule"/> <!-- set rlimit --> | 524 | <keyword context="_rule_rlimit" attribute="Rule Error" String="rule_name_rlimit" beginRegion="Rule"/> <!-- set rlimit --> | ||
750 | <keyword context="_rule_set" attribute="Rule" String="rule_name_set"/> | 525 | <keyword context="_rule_set" attribute="Rule" String="rule_name_set"/> | ||
751 | 526 | | |||
527 | <IncludeRules context="_operators"/> | ||||
752 | <IncludeRules context="_path"/> | 528 | <IncludeRules context="_path"/> | ||
753 | <IncludeRules context="_text_quoted"/> | 529 | <IncludeRules context="_text_quoted"/> | ||
754 | <IncludeRules context="_operators"/> | | |||
755 | <keyword context="#stay" attribute="Normal Text" String="default_variables"/> | | |||
756 | <IncludeRules context="_file_rule_permissions"/> | 530 | <IncludeRules context="_file_rule_permissions"/> | ||
757 | </context> | 531 | </context> | ||
758 | 532 | | |||
759 | <context name="_common" attribute="Normal Text" lineEndContext="#stay"> | 533 | <context name="_common" attribute="Normal Text" lineEndContext="#stay"> | ||
760 | <StringDetect context="#stay" attribute="Error" String="#include" insensitive="true"/> | 534 | <StringDetect context="#stay" attribute="Error" String="#include" insensitive="true"/> | ||
761 | <RegExpr context="#stay" attribute="Error" String="include(?=\s)" firstNonSpace="true"/> | 535 | <RegExpr context="#stay" attribute="Error" String="include(?=\s)" firstNonSpace="true"/> | ||
762 | 536 | | |||
763 | <Detect2Chars context="_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> | 537 | <Detect2Chars context="_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> | ||
764 | <Detect2Chars context="_boolean" attribute="Variable" char="$" char1="{" lookAhead="true"/> | 538 | <Detect2Chars context="_boolean" attribute="Variable" char="$" char1="{" lookAhead="true"/> | ||
765 | <keyword context="#stay" attribute="Other Option" String="boolean"/> | | |||
766 | <IncludeRules context="_brackets_error"/> | 539 | <IncludeRules context="_brackets_error"/> | ||
767 | </context> | 540 | </context> | ||
768 | <context name="_comment" attribute="Comment" lineEndContext="#pop"> | 541 | <context name="_comment" attribute="Comment" lineEndContext="#pop"> | ||
769 | <LineContinue context="#pop" attribute="Comment"/> | | |||
770 | <DetectSpaces /> | 542 | <DetectSpaces /> | ||
771 | <IncludeRules context="##Alerts"/> | 543 | <IncludeRules context="##Alerts"/> | ||
772 | <IncludeRules context="##Modelines"/> | 544 | <IncludeRules context="##Modelines"/> | ||
773 | </context> | 545 | </context> | ||
774 | 546 | | |||
547 | <context name="_operators" attribute="Normal Text" lineEndContext="#stay"> | ||||
548 | <Detect2Chars context="_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | ||||
549 | <DetectChar context="#stay" attribute="Operator 1" char="="/> | ||||
550 | <Detect2Chars context="#stay" attribute="Operator 1" char="+" char1="="/> | ||||
551 | <Detect2Chars context="#stay" attribute="Operator 2" char="-" char1=">"/> | ||||
552 | </context> | ||||
553 | <context name="_operators_keywords" attribute="Normal Text" lineEndContext="#stay"> | ||||
554 | <RegExpr context="#stay" attribute="Operator 2" String="(^|\s)(in|to)\b"/> | ||||
555 | </context> | ||||
556 | | ||||
775 | <!-- Profile Header: | 557 | <!-- Profile Header: | ||
776 | Highlight the name of the profile. | 558 | Highlight the name of the profile. | ||
777 | The profile name label is optional. This is written after the hat character (^) or a profile keyword. --> | 559 | The profile name label is optional. This is written after the hat character (^) or a profile keyword. --> | ||
778 | <context name="_profile_name" attribute="Profile Name" lineEndContext="#stay" fallthrough="true" fallthroughContext="#pop"> | 560 | <context name="_profile_name" attribute="Profile Name" lineEndContext="#stay" fallthrough="true" fallthroughContext="#pop"> | ||
779 | <DetectSpaces context="#stay" attribute="Normal Text"/> | 561 | <DetectSpaces context="#stay" attribute="Normal Text"/> | ||
780 | <!-- Not highlighting paths and paths quoted --> | 562 | <!-- Not highlighting paths and paths quoted --> | ||
781 | <RegExpr context="#pop" attribute="Normal Text" String=""[^/"]*/" lookAhead="true"/> | 563 | <RegExpr context="#pop" attribute="Normal Text" String=""[^/"]*/" lookAhead="true"/> | ||
782 | <DetectChar context="#pop!_profile_name_quoted" attribute="Profile Name" char="""/> | 564 | <DetectChar context="#pop!_profile_name_quoted" attribute="Profile Name" char="""/> | ||
Show All 13 Lines | |||||
796 | <context name="_profile_name_quoted" attribute="Profile Name" lineEndContext="#stay"> | 578 | <context name="_profile_name_quoted" attribute="Profile Name" lineEndContext="#stay"> | ||
797 | <DetectChar context="#pop" attribute="Profile Name" char="""/> | 579 | <DetectChar context="#pop" attribute="Profile Name" char="""/> | ||
798 | <IncludeRules context="_variable_simple"/> | 580 | <IncludeRules context="_variable_simple"/> | ||
799 | <IncludeRules context="_pcre_escape_str"/> | 581 | <IncludeRules context="_pcre_escape_str"/> | ||
800 | </context> | 582 | </context> | ||
801 | 583 | | |||
802 | <!-- Include Rule: include <abstraction/path> --> | 584 | <!-- Include Rule: include <abstraction/path> --> | ||
803 | <context name="_include" attribute="Preprocessor" lineEndContext="#pop"> | 585 | <context name="_include" attribute="Preprocessor" lineEndContext="#pop"> | ||
804 | <RegExpr context="#pop!_include_preplib_t" attribute="Prep. Lib" String="<(?![\s<>])"/> <!-- <magic/path> --> | 586 | <keyword context="#stay" attribute="Preprocessor" String="rule_include"/> | ||
805 | <RegExpr context="#pop!_include_preplib_q" attribute="Prep. Lib" String=""(?!")"/> <!-- "/abs/path" --> | 587 | <Detect2Chars context="#pop" attribute="Error" char=""" char1="""/> | ||
588 | <Detect2Chars context="#pop" attribute="Error" char="<" char1=">"/> | ||||
589 | <RegExpr context="#stay" attribute="Error" String="<+(?=[<\s])"/> | ||||
590 | <DetectChar context="#pop!_include_preplib_t" attribute="Prep. Lib" char="<"/> <!-- <magic/path> --> | ||||
591 | <DetectChar context="#pop!_include_preplib_q" attribute="Prep. Lib" char="""/> <!-- "/abs/path" --> | ||||
806 | <RegExpr context="#pop" attribute="Prep. Lib" String="/\S*(?=(\s|$))"/> <!-- /abs/path --> | 592 | <RegExpr context="#pop" attribute="Prep. Lib" String="/\S*(?=(\s|$))"/> <!-- /abs/path --> | ||
807 | <RegExpr context="#stay" attribute="Error" String="[^\s/<"]+"/> | | |||
808 | </context> | 593 | </context> | ||
809 | <context name="_include_preplib_t" attribute="Prep. Lib" lineEndContext="#pop"> | 594 | <context name="_include_preplib_t" attribute="Prep. Lib" lineEndContext="#pop"> | ||
810 | <DetectChar context="#pop" attribute="Prep. Lib" char=">"/> | 595 | <DetectChar context="#pop" attribute="Prep. Lib" char=">"/> | ||
811 | <keyword context="#stay" attribute="Prep. Lib" String="default_abstractions"/> | 596 | <keyword context="#stay" attribute="Prep. Lib" String="default_abstractions"/> | ||
812 | <RegExpr context="#pop" attribute="Open Prep. Lib" String="[^<>\s](?=($|\s))" insensitive="true"/> | 597 | <RegExpr context="#pop" attribute="Open Prep. Lib" String="[^<>\s](?=($|\s))" insensitive="true"/> | ||
813 | 598 | | |||
814 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | 599 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | ||
815 | <RegExpr context="#pop" attribute="Error" String="<"/> | 600 | <DetectChar context="#pop" attribute="Error" char="<"/> | ||
816 | </context> | 601 | </context> | ||
817 | <context name="_include_preplib_q" attribute="Prep. Lib" lineEndContext="#pop"> | 602 | <context name="_include_preplib_q" attribute="Prep. Lib" lineEndContext="#pop"> | ||
818 | <DetectChar context="#pop" attribute="Prep. Lib" char="""/> | 603 | <DetectChar context="#pop" attribute="Prep. Lib" char="""/> | ||
819 | <keyword context="#stay" attribute="Prep. Lib" String="default_abstractions"/> | 604 | <keyword context="#stay" attribute="Prep. Lib" String="default_abstractions"/> | ||
820 | <RegExpr context="#pop" attribute="Open Prep. Lib" String="[^"\s](?=\s*$)" insensitive="true"/> | 605 | <RegExpr context="#pop" attribute="Open Prep. Lib" String="[^"\s](?=\s*$)" insensitive="true"/> | ||
821 | </context> | 606 | </context> | ||
822 | 607 | | |||
823 | <!-- Variables: @{VAR} --> | 608 | <!-- Variables: @{VAR} --> | ||
824 | <context name="_variable" attribute="Variable" lineEndContext="#pop"> | 609 | <context name="_variable" attribute="Variable" lineEndContext="#pop"> | ||
610 | <!-- Text after variable is highlighted as path --> | ||||
611 | <RegExpr context="#pop!_path_content" attribute="Variable" String="\}(?=[^&noaftervar;])" insensitive="true"/> | ||||
612 | <IncludeRules context="_variable_common"/> | ||||
613 | </context> | ||||
614 | <context name="_variable_common" attribute="Variable" lineEndContext="#pop"> | ||||
825 | <!-- Invalid character or open brackets --> | 615 | <!-- Invalid character or open brackets --> | ||
826 | <RegExpr context="#pop" attribute="Error" String="@(?=\{([^a-zA-Z]|&varname;[^\w\}]|[^\}]*$))" insensitive="true"/> | 616 | <RegExpr context="_default_variables" attribute="Error" String="@(?=\{([^a-zA-Z]|&varname;[^\w\}]|[^\}]*$))" insensitive="true"/> | ||
827 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | 617 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | ||
828 | <!-- Text after variable is highlighted as path --> | | |||
829 | <RegExpr context="#pop!_path_content" attribute="Variable" String="\}(?=[&pathchar;\[\{\(#])" insensitive="true"/> | | |||
830 | <DetectChar context="#pop" attribute="Variable" char="}"/> | 618 | <DetectChar context="#pop" attribute="Variable" char="}"/> | ||
831 | </context> | 619 | </context> | ||
620 | <context name="_default_variables" attribute="Normal Text" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop#pop"> | ||||
621 | <DetectChar context="#stay" attribute="Operator 1" char="{" beginRegion="Profile"/> | ||||
622 | <keyword context="#pop" attribute="Normal Text" String="default_variables"/> | ||||
623 | </context> | ||||
832 | <context name="_variable_simple" attribute="Normal Text" lineEndContext="#stay"> | 624 | <context name="_variable_simple" attribute="Normal Text" lineEndContext="#stay"> | ||
833 | <RegExpr context="#stay" attribute="Variable" String="@\{&varname;\}" insensitive="true"/> | 625 | <RegExpr context="#stay" attribute="Variable" String="@\{&varname;\}" insensitive="true"/> | ||
834 | </context> | 626 | </context> | ||
835 | <!-- @{VARIABLE} = A B C --> | 627 | <!-- @{VARIABLE} = A B C --> | ||
836 | <context name="_variable_assignment" attribute="Variable" lineEndContext="#pop"> | 628 | <context name="_variable_assignment" attribute="Variable" lineEndContext="#pop"> | ||
837 | <RegExpr context="#pop!_variable_assignment_operator" attribute="Variable" String="\}(?=\s*\+?\=)"/> | 629 | <RegExpr context="#pop!_variable_assignment_operator" attribute="Variable" String="\}(?=\s*\+?\=)"/> | ||
838 | <IncludeRules context="_variable"/> | 630 | <IncludeRules context="_variable"/> | ||
839 | </context> | 631 | </context> | ||
840 | <context name="_variable_assignment_operator" attribute="Operator 1" lineEndContext="#pop"> <!-- '=' or '+=' --> | 632 | <context name="_variable_assignment_operator" attribute="Operator 1" lineEndContext="#pop"> <!-- '=' or '+=' --> | ||
841 | <!-- After the operator, highlighting as "Path" the entire line, from the first non-space character --> | 633 | <!-- After the operator, highlighting as "Path" the entire line, from the first non-space character --> | ||
842 | <RegExpr context="#pop!_variable_assignment_line" attribute="Operator 1" String="\=(\s*)"/> | 634 | <RegExpr context="#pop!_variable_assignment_line" attribute="Operator 1" String="\=(\s*)"/> | ||
843 | </context> | 635 | </context> | ||
844 | <context name="_variable_assignment_line" attribute="Path" lineEndContext="#pop"> | 636 | <context name="_variable_assignment_line" attribute="Path" lineEndContext="#pop"> | ||
845 | <IncludeRules context="_path_globbing_chars"/> | 637 | <IncludeRules context="_path_globbing"/> | ||
846 | <IncludeRules context="_common"/> | | |||
847 | <IncludeRules context="_path"/> | | |||
848 | <IncludeRules context="_text_quoted"/> | 638 | <IncludeRules context="_text_quoted"/> | ||
849 | <IncludeRules context="_globbrackets_rule"/> | 639 | <IncludeRules context="_variable_simple"/> | ||
850 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | 640 | <RegExpr context="#stay" attribute="Variable" String="\$\{&varname;\}"/> | ||
851 | <Detect2Chars context="_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | 641 | <Detect2Chars context="_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | ||
852 | <RegExpr context="#stay" attribute="Error" String=",(?=(\s|$))"/> <!-- End of rule comma --> | 642 | <RegExpr context="#stay" attribute="Error" String=",(?=(\s|$))"/> <!-- End of rule comma --> | ||
643 | <StringDetect context="#stay" attribute="Error" String="#include" insensitive="true"/> | ||||
853 | 644 | | |||
854 | <!-- NOTE: [V4][Jan 06, 2018] AppArmor does not detect comments in variable assignment lines | 645 | <!-- NOTE: [V4][Jan 06, 2018] AppArmor does not detect comments in variable assignment lines | ||
855 | (these are carried through to the policy). This is an AppArmor bug, therefore, comments are | 646 | (these are carried through to the policy). This is an AppArmor bug, therefore, comments are | ||
856 | highlighted, but only when these are written after a space. Check this when the bug has been fixed. --> | 647 | highlighted, but only when these are written after a space. Check this when the bug has been fixed. --> | ||
857 | <RegExpr context="_comment_variable_assignment_line" attribute="Path" String="\s(?=#)"/> | 648 | <RegExpr context="_comment_variable_assignment_line" attribute="Path" String="\s(?=#)"/> | ||
858 | </context> | 649 | </context> | ||
859 | <context name="_comment_variable_assignment_line" attribute="Error" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop"> | 650 | <context name="_comment_variable_assignment_line" attribute="Error" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop"> | ||
860 | <DetectChar context="#pop!_comment" attribute="Error" char="#"/> | 651 | <DetectChar context="#pop" attribute="Error" char="#"/> | ||
861 | </context> | 652 | </context> | ||
653 | | ||||
862 | <!-- ${BOOLEAN} --> | 654 | <!-- ${BOOLEAN} --> | ||
863 | <context name="_boolean" attribute="Variable" lineEndContext="#pop"> | 655 | <context name="_boolean" attribute="Variable" lineEndContext="#pop"> | ||
864 | <RegExpr context="#pop" attribute="Error" String="\$(?=\{([^a-zA-Z]|&varname;[^\w\}]|[^\}]*$))" insensitive="true"/> | 656 | <RegExpr context="#pop" attribute="Error" String="\$(?=\{([^a-zA-Z]|&varname;[^\w\}]|[^\}]*$))" insensitive="true"/> | ||
865 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | 657 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | ||
866 | <DetectChar context="#pop" attribute="Variable" char="}"/> | 658 | <DetectChar context="#pop" attribute="Variable" char="}"/> | ||
867 | </context> | 659 | </context> | ||
660 | <context name="_boolean_assignment" attribute="Variable" lineEndContext="#pop"> | ||||
661 | <RegExpr context="#pop!_boolean_assignment_operator" attribute="Variable" String="\}(?=\s*\=)"/> | ||||
662 | <IncludeRules context="_boolean"/> | ||||
663 | </context> | ||||
664 | <context name="_boolean_assignment_operator" attribute="Normal Text" lineEndContext="#pop"> | ||||
665 | <RegExpr context="#pop!_boolean_assignment_line" attribute="Error" String="\=(?=\s*$)"/> | ||||
666 | <DetectChar context="#pop!_boolean_assignment_line" attribute="Operator 1" char="="/> | ||||
667 | </context> | ||||
668 | <context name="_boolean_assignment_line" attribute="Error" lineEndContext="#pop"> | ||||
669 | <DetectSpaces context="#stay" attribute="Normal Text"/> | ||||
670 | <keyword context="#stay" attribute="Permissions" String="boolean"/> | ||||
671 | </context> | ||||
868 | 672 | | |||
869 | <!-- Access Modes / File Permissions --> | 673 | <!-- Access Modes / File Permissions --> | ||
870 | <context name="_permissions" attribute="Normal Text" lineEndContext="#stay"> | 674 | <context name="_permissions" attribute="Normal Text" lineEndContext="#stay"> | ||
871 | <IncludeRules context="_permissions_correction"/> | 675 | <IncludeRules context="_permissions_correction"/> | ||
872 | <RegExpr context="#stay" attribute="Permissions" String="(^|\s)([rwkml]|&exec;)+(?=($|[\s,]))"/> | 676 | <RegExpr context="#stay" attribute="Permissions" String="(^|\s)(([rwkml]|&exec;)+|([rakml]|&exec;)+)(?=($|[\s,]))"/> | ||
873 | <RegExpr context="#stay" attribute="Permissions" String="(^|\s)([rakml]|&exec;)+(?=($|[\s,]))"/> | | |||
874 | </context> | 677 | </context> | ||
875 | <context name="_file_rule_permissions" attribute="Normal Text" lineEndContext="#stay"> | 678 | <context name="_file_rule_permissions" attribute="Normal Text" lineEndContext="#stay"> | ||
876 | <IncludeRules context="_permissions_correction"/> | 679 | <IncludeRules context="_permissions_correction"/> | ||
877 | <RegExpr context="_rule_file" attribute="Permissions" String="(^|\s)([rwkml]|&exec;)+(?=($|[\s,]))"/> | 680 | <RegExpr context="_rule_file" attribute="Permissions" String="(^|\s)(([rwkml]|&exec;)+|([rakml]|&exec;)+)(?=($|[\s,]))"/> | ||
878 | <RegExpr context="_rule_file" attribute="Permissions" String="(^|\s)([rakml]|&exec;)+(?=($|[\s,]))"/> | | |||
879 | </context> | 681 | </context> | ||
880 | <context name="_permissions_correction" attribute="Normal Text" lineEndContext="#stay"> | 682 | <context name="_permissions_correction" attribute="Normal Text" lineEndContext="#stay"> | ||
881 | <!-- Incompatible execution modes --> | 683 | <!-- Incompatible execution modes --> | ||
882 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*p[iUu]?x([rwakml]|p[iUu]?x)*([PcC]?[iUu]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | 684 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*(p[iUu]?x([rwakml]|p[iUu]?x)*([PcC]?[iUu]?x)|P[iUu]?x([rwakml]|P[iUu]?x)*([pcC]?[iUu]?x)|c[iUu]?x([rwakml]|c[iUu]?x)*([PpC]?[iUu]?x)|C[iUu]?x([rwakml]|C[iUu]?x)*([Ppc]?[iUu]?x)|[PpCc]?ix([rwakml]|[PpCc]?ix)*([PpCc]?[Uu]?x)|[PpCc]?ux([rwakml]|[PpCc]?ux)*([PpCc]?[iU]?x)|[PpCc]?Ux([rwakml]|[PpCc]?Ux)*([PpCc]?[iu]?x)|[iuU]?x([rwakml]|[iuU]?x)*([PpCc][iuU]?x)|x[rwakmlx]*[iuU]x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | ||
883 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*P[iUu]?x([rwakml]|P[iUu]?x)*([pcC]?[iUu]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
884 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*c[iUu]?x([rwakml]|c[iUu]?x)*([PpC]?[iUu]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
885 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*C[iUu]?x([rwakml]|C[iUu]?x)*([Ppc]?[iUu]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
886 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*[PpCc]?ix([rwakml]|[PpCc]?ix)*([PpCc]?[Uu]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
887 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*[PpCc]?ux([rwakml]|[PpCc]?ux)*([PpCc]?[iU]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
888 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*[PpCc]?Ux([rwakml]|[PpCc]?Ux)*([PpCc]?[iu]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
889 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*[iuU]?x([rwakml]|[iuU]?x)*([PpCc][iuU]?x)([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
890 | <RegExpr context="#stay" attribute="Normal Text" String="(^|\s)[rwakml]*x[rwakmlx]*[iuU]x([rwakml]|&exec;)*(?=($|[\s,]))"/> | | |||
891 | </context> | | |||
892 | | ||||
893 | <!-- Operators --> | | |||
894 | <context name="_operators" attribute="Normal Text" lineEndContext="#stay"> | | |||
895 | <Detect2Chars context="_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | | |||
896 | <DetectChar context="#stay" attribute="Operator 1" char="="/> | | |||
897 | <Detect2Chars context="#stay" attribute="Operator 1" char="+" char1="="/> | | |||
898 | <Detect2Chars context="#stay" attribute="Operator 2" char="-" char1=">"/> | | |||
899 | <RegExpr context="#stay" attribute="Operator 2" String="(^|\s)(in|to)(?=($|\s))"/> | | |||
900 | </context> | 685 | </context> | ||
901 | 686 | | |||
902 | <!-- RULES --> | 687 | <!-- RULES --> | ||
903 | 688 | | |||
904 | <!-- For all rules --> | 689 | <!-- For all rules --> | ||
905 | <context name="_default_rule_without_parentheses" attribute="Normal Text" lineEndContext="#stay"> | 690 | <context name="_default_rule_without_parentheses" attribute="Normal Text" lineEndContext="#stay"> | ||
906 | <IncludeRules context="_common"/> | 691 | <IncludeRules context="_common"/> | ||
907 | <!-- Highlight as path the text after the '=' operator, except keywords or simple words --> | 692 | <!-- Highlight as path the text after the '=' operator, except keywords or simple words ([\w\-\+]+) --> | ||
908 | <RegExpr context="#stay" attribute="Error" String="\=(?=\s*$)"/> | 693 | <RegExpr context="#stay" attribute="Error" String="\=(?=\s*$)"/> | ||
909 | <RegExpr context="_path_content" attribute="Operator 1" String="\=\s*(?=[^\s\(]*[\.\*\?@\\/\[\{#&%$!~])" insensitive="true"/> | 694 | <RegExpr context="_path_content" attribute="Operator 1" String="\=\s*(?=[^\s\(]*[^&noaftervar;\w\+\-\(,])" insensitive="true"/> | ||
910 | <IncludeRules context="_operators"/> | 695 | <IncludeRules context="_operators"/> | ||
911 | <IncludeRules context="_path"/> | 696 | <IncludeRules context="_path"/> | ||
912 | <IncludeRules context="_text_quoted"/> | 697 | <IncludeRules context="_text_quoted"/> | ||
913 | <IncludeRules context="_globbrackets_rule"/> | | |||
914 | <IncludeRules context="_pcre_escape_str"/> | 698 | <IncludeRules context="_pcre_escape_str"/> | ||
915 | <keyword context="#stay" attribute="Other Data" String="other_words" insensitive="true"/> | 699 | <keyword context="#stay" attribute="Other Data" String="other_words" insensitive="true"/> | ||
700 | <DetectChar context="_r_curly_brackets" attribute="Globbing Brackets" char="{"/> | ||||
701 | <DetectChar context="_r_square_brackets" attribute="Globbing Brackets" char="["/> | ||||
702 | <IncludeRules context="_operators_keywords"/> | ||||
916 | 703 | | |||
917 | <!-- AppArmor does not detect comments within rules (except in file & alias rules) --> | 704 | <!-- AppArmor does not detect comments within rules (except in file & alias rules) --> | ||
918 | <IncludeRules context="_rule_comment_not_allowed"/> | 705 | <IncludeRules context="_comment_not_allowed"/> | ||
919 | <!-- This must be at the end of each context (to avoid conflicts with some keywords) --> | 706 | <!-- This must be at the end of each context (to avoid conflicts with some keywords) --> | ||
920 | <IncludeRules context="_end_rule"/> | 707 | <IncludeRules context="_end_rule"/> | ||
921 | </context> | 708 | </context> | ||
922 | <context name="_default_rule" attribute="Normal Text" lineEndContext="#stay"> | 709 | <context name="_default_rule" attribute="Normal Text" lineEndContext="#stay"> | ||
923 | <IncludeRules context="_default_rule_without_parentheses"/> | 710 | <IncludeRules context="_default_rule_without_parentheses"/> | ||
924 | <DetectChar context="_default_parentheses_block" attribute="Normal Text" char="("/> | 711 | <DetectChar context="_default_parentheses_block" attribute="Normal Text" char="("/> | ||
925 | </context> | 712 | </context> | ||
926 | <context name="_default_rule_with_comments" attribute="Normal Text" lineEndContext="#stay"> | 713 | <context name="_default_rule_with_comments" attribute="Normal Text" lineEndContext="#stay"> | ||
927 | <RegExpr context="_comment" attribute="Comment" String="#(?!include)" insensitive="true"/> | 714 | <RegExpr context="_comment" attribute="Comment" String="#(?!include)" insensitive="true"/> | ||
928 | <IncludeRules context="_default_rule"/> | 715 | <IncludeRules context="_default_rule"/> | ||
929 | </context> | 716 | </context> | ||
930 | <context name="_rule_comment_not_allowed" attribute="Normal Text" lineEndContext="#stay"> | 717 | | ||
718 | <context name="_comment_not_allowed" attribute="Normal Text" lineEndContext="#stay"> | ||||
931 | <DetectChar context="_comment" attribute="Error" char="#" firstNonSpace="true"/> | 719 | <DetectChar context="_comment" attribute="Error" char="#" firstNonSpace="true"/> | ||
932 | <DetectChar context="#stay" attribute="Error" char="#"/> | 720 | <DetectChar context="#stay" attribute="Error" char="#"/> | ||
933 | </context> | 721 | </context> | ||
722 | <context name="_r_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | ||||
723 | <RegExpr context="#pop!_path_content" attribute="Globbing Brackets" String="\}(?=[^&noaftervar;])" insensitive="true"/> | ||||
724 | <IncludeRules context="_curly_brackets"/> | ||||
725 | </context> | ||||
726 | <context name="_r_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | ||||
727 | <RegExpr context="#pop!_path_content" attribute="Globbing Brackets" String="\](?=[^&noaftervar;])" insensitive="true"/> | ||||
728 | <IncludeRules context="_square_brackets"/> | ||||
729 | </context> | ||||
934 | 730 | | |||
935 | <!-- Network Rule --> | 731 | <!-- Network Rule --> | ||
936 | <context name="_rule_network" attribute="Normal Text" lineEndContext="#stay"> | 732 | <context name="_rule_network" attribute="Normal Text" lineEndContext="#stay"> | ||
937 | <keyword context="#stay" attribute="Data" String="rule_network"/> | 733 | <keyword context="#stay" attribute="Data" String="rule_network"/> | ||
938 | <keyword context="#stay" attribute="Data" String="rule_network_unix"/> | 734 | <keyword context="#stay" attribute="Data" String="rule_network_unix"/> | ||
939 | <IncludeRules context="_default_rule"/> | 735 | <IncludeRules context="_default_rule"/> | ||
940 | </context> | 736 | </context> | ||
941 | 737 | | |||
▲ Show 20 Lines • Show All 107 Lines • ▼ Show 20 Line(s) | |||||
1049 | </context> | 845 | </context> | ||
1050 | <context name="_rule_rlimit" attribute="Normal Text" lineEndContext="#stay"> | 846 | <context name="_rule_rlimit" attribute="Normal Text" lineEndContext="#stay"> | ||
1051 | <keyword context="#stay" attribute="Data" String="rule_rlimit"/> | 847 | <keyword context="#stay" attribute="Data" String="rule_rlimit"/> | ||
1052 | <Detect2Chars context="#stay" attribute="Operator 2" char="<" char1="="/> | 848 | <Detect2Chars context="#stay" attribute="Operator 2" char="<" char1="="/> | ||
1053 | <Float context="#stay" attribute="Number"/> | 849 | <Float context="#stay" attribute="Number"/> | ||
1054 | <Int context="#stay" attribute="Number"/> | 850 | <Int context="#stay" attribute="Number"/> | ||
1055 | <HlCOct context="#stay" attribute="Number"/> | 851 | <HlCOct context="#stay" attribute="Number"/> | ||
1056 | <HlCHex context="#stay" attribute="Number"/> | 852 | <HlCHex context="#stay" attribute="Number"/> | ||
1057 | <RegExpr context="#stay" attribute="Number" String="[\-\+]\s*(?=[\d\.])"/> | 853 | <AnyChar context="#stay" attribute="Number" String="-+"/> | ||
1058 | <RegExpr context="#stay" attribute="Flags" String="([KMG]B?|[shd]|us|ms|min|sec|(minute|day|hour|week|second)(s?)|(milli|micro)second(s?))\b"/> | 854 | <RegExpr context="#stay" attribute="Flags" String="([KMG]B?|[shd]|us|ms|min|sec|(minute|day|hour|week|second)(s?)|(milli|micro)second(s?))\b"/> | ||
1059 | <WordDetect context="#stay" attribute="Other Data" String="infinity"/> | 855 | <keyword context="#stay" attribute="Number" String="numbers"/> | ||
1060 | <IncludeRules context="_default_rule"/> | 856 | <IncludeRules context="_default_rule"/> | ||
1061 | </context> | 857 | </context> | ||
1062 | 858 | | |||
1063 | <!-- Link Rule --> | 859 | <!-- Link Rule --> | ||
1064 | <context name="_rule_link" attribute="Normal Text" lineEndContext="#stay"> | 860 | <context name="_rule_link" attribute="Normal Text" lineEndContext="#stay"> | ||
1065 | <keyword context="#stay" attribute="Data" String="rule_link"/> | 861 | <keyword context="#stay" attribute="Data" String="rule_link"/> | ||
1066 | <IncludeRules context="_default_rule"/> | 862 | <IncludeRules context="_default_rule"/> | ||
1067 | </context> | 863 | </context> | ||
Show All 33 Lines | 890 | <context name="_profile_transition_content" attribute="Transition Profile Name" lineEndContext="#pop!_default_rule_with_comments"> | |||
1101 | <IncludeRules context="_default_profile_transition"/> | 897 | <IncludeRules context="_default_profile_transition"/> | ||
1102 | </context> | 898 | </context> | ||
1103 | <context name="_t_profile_name_quoted" attribute="Transition Profile Name" lineEndContext="#pop!_default_rule_with_comments"> | 899 | <context name="_t_profile_name_quoted" attribute="Transition Profile Name" lineEndContext="#pop!_default_rule_with_comments"> | ||
1104 | <DetectChar context="#pop!_default_rule_with_comments" attribute="Transition Profile Name" char="""/> | 900 | <DetectChar context="#pop!_default_rule_with_comments" attribute="Transition Profile Name" char="""/> | ||
1105 | <IncludeRules context="_default_profile_transition"/> | 901 | <IncludeRules context="_default_profile_transition"/> | ||
1106 | </context> | 902 | </context> | ||
1107 | <context name="_default_profile_transition" attribute="Normal Text" lineEndContext="#stay"> | 903 | <context name="_default_profile_transition" attribute="Normal Text" lineEndContext="#stay"> | ||
1108 | <IncludeRules context="_variable_simple"/> | 904 | <IncludeRules context="_variable_simple"/> | ||
1109 | <AnyChar context="#stay" attribute="Globbing Char 3" String="*?"/> | 905 | <AnyChar context="#stay" attribute="Globbing Char in Tran. Prof." String="*?"/> | ||
1110 | <RegExpr context="#stay" attribute="Globbing Char 3" String="\\[\s\{\}\[\]\(\)\|\*\?\-\^,]"/> | 906 | <HlCStringChar context="#stay" attribute="Globbing Char in Tran. Prof."/> | ||
1111 | <HlCStringChar context="#stay" attribute="Globbing Char 3"/> | 907 | <RegExpr context="#stay" attribute="Globbing Char in Tran. Prof." String="\\."/> | ||
1112 | </context> | 908 | </context> | ||
1113 | 909 | | |||
1114 | <!-- //SubProfile --> | 910 | <!-- //SubProfile --> | ||
1115 | <context name="_subprofile" attribute="SubProfile" lineEndContext="#pop"> | 911 | <context name="_subprofile" attribute="SubProfile" lineEndContext="#pop"> | ||
1116 | <RegExpr context="#pop" attribute="SubProfile" String="([&nopathchar;/\{\}\(]|,[&nopathchar;/\{\}\(#]|,$|$)" lookAhead="true"/> | 912 | <RegExpr context="#pop" attribute="SubProfile" String=",([&nopathchar;/\{\}\(#]|$)" lookAhead="true"/> | ||
913 | <DetectSpaces context="#pop" attribute="SubProfile" lookAhead="true"/> | ||||
914 | <AnyChar context="#pop" attribute="SubProfile" String="&nopathchar_simple;/{}(" lookAhead="true"/> | ||||
1117 | <IncludeRules context="_variable_simple"/> | 915 | <IncludeRules context="_variable_simple"/> | ||
1118 | <IncludeRules context="_path_globbing_chars"/> | 916 | <IncludeRules context="_path_globbing_chars"/> | ||
1119 | </context> | 917 | </context> | ||
1120 | 918 | | |||
1121 | <!-- Parentheses Block: ( ) --> | 919 | <!-- Parentheses Block: ( ) --> | ||
1122 | <context name="_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> | 920 | <context name="_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> | ||
1123 | <DetectChar context="#pop" attribute="Normal Text" char=")"/> | 921 | <DetectChar context="#pop" attribute="Normal Text" char=")"/> | ||
1124 | <!-- Highlight as path the text after the '=' operator, except keywords or simple words --> | 922 | <!-- Highlight as path the text after the '=' operator, except keywords or simple words ([\w\-\+]+) --> | ||
1125 | <RegExpr context="#stay" attribute="Error" String="\=(?=\s*$)"/> | 923 | <RegExpr context="#stay" attribute="Error" String="\=(?=\s*$)"/> | ||
1126 | <RegExpr context="_parentheses_path_content" attribute="Operator 1" String="\=\s*(?=[^\s\(\),]*[\.\*\?@\\/\[\{#&%$!~])" insensitive="true"/> | 924 | <RegExpr context="_parentheses_path_content" attribute="Operator 1" String="\=\s*(?=[^\s\(\),]*[^&noaftervar;\w\+\-\(,])" insensitive="true"/> | ||
1127 | 925 | | |||
1128 | <IncludeRules context="_operators"/> | 926 | <IncludeRules context="_operators"/> | ||
1129 | <IncludeRules context="_text_quoted"/> | 927 | <IncludeRules context="_text_quoted"/> | ||
928 | <DetectChar context="_parentheses_path_content" attribute="Path" char="/"/> | ||||
929 | <Detect2Chars context="_parentheses_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> | ||||
1130 | <keyword context="#stay" attribute="Other Data" String="other_words" insensitive="true"/> | 930 | <keyword context="#stay" attribute="Other Data" String="other_words" insensitive="true"/> | ||
1131 | 931 | | |||
1132 | <RegExpr context="_parentheses_path_content" attribute="Path" String="/(?=[^&nopathchar;/,])" insensitive="true"/> <!-- /my/path --> | | |||
1133 | <RegExpr context="_parentheses_path_content" attribute="Path" String="[&pathchar;]+\.[^&nopathchar;\.,]" lookAhead="true" insensitive="true"/> <!-- my.path --> | | |||
1134 | <IncludeRules context="_path_simple"/> | | |||
1135 | | ||||
1136 | <IncludeRules context="_common"/> | 932 | <IncludeRules context="_common"/> | ||
1137 | <IncludeRules context="_globbrackets_rule"/> | | |||
1138 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | 933 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | ||
1139 | <IncludeRules context="_rule_comment_not_allowed"/> | 934 | <DetectChar context="_p_curly_brackets" attribute="Globbing Brackets" char="{"/> | ||
935 | <DetectChar context="_p_square_brackets" attribute="Globbing Brackets" char="["/> | ||||
936 | <IncludeRules context="_comment_not_allowed"/> | ||||
1140 | <IncludeRules context="_pcre_escape_str"/> | 937 | <IncludeRules context="_pcre_escape_str"/> | ||
938 | <IncludeRules context="_operators_keywords"/> | ||||
1141 | </context> | 939 | </context> | ||
1142 | <context name="_parentheses_path_content" attribute="Path" lineEndContext="#pop"> | 940 | <context name="_parentheses_path_content" attribute="Path" lineEndContext="#pop"> | ||
1143 | <DetectChar context="#pop" attribute="Normal Text" char="," lookAhead="true"/> | 941 | <DetectChar context="#pop" attribute="Normal Text" char="," lookAhead="true"/> | ||
1144 | <Detect2Chars context="_parentheses_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | 942 | <Detect2Chars context="_parentheses_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | ||
1145 | <IncludeRules context="_path_content"/> <!-- End with &nopathchar; --> | 943 | <IncludeRules context="_path_content"/> <!-- End with &nopathchar; --> | ||
1146 | </context> | 944 | </context> | ||
1147 | <context name="_parentheses_subprofile" attribute="SubProfile" lineEndContext="#pop"> | 945 | <context name="_parentheses_subprofile" attribute="SubProfile" lineEndContext="#pop"> | ||
1148 | <DetectChar context="#pop" attribute="Normal Text" char="," lookAhead="true"/> | 946 | <DetectChar context="#pop" attribute="Normal Text" char="," lookAhead="true"/> | ||
1149 | <IncludeRules context="_subprofile"/> <!-- End with &nopathchar; --> | 947 | <IncludeRules context="_subprofile"/> <!-- End with &nopathchar; --> | ||
1150 | </context> | 948 | </context> | ||
949 | <context name="_parentheses_variable" attribute="Variable" lineEndContext="#pop"> | ||||
950 | <RegExpr context="#pop!_parentheses_path_content" attribute="Variable" String="\}(?=[^&noaftervar;,])" insensitive="true"/> | ||||
951 | <IncludeRules context="_variable_common"/> | ||||
952 | </context> | ||||
953 | <context name="_p_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | ||||
954 | <RegExpr context="#pop!_parentheses_path_content" attribute="Globbing Brackets" String="\}(?=[^&noaftervar;,])" insensitive="true"/> | ||||
955 | <IncludeRules context="_curly_brackets"/> | ||||
956 | </context> | ||||
957 | <context name="_p_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | ||||
958 | <RegExpr context="#pop!_parentheses_path_content" attribute="Globbing Brackets" String="\](?=[^&noaftervar;,])" insensitive="true"/> | ||||
959 | <IncludeRules context="_square_brackets"/> | ||||
960 | </context> | ||||
1151 | 961 | | |||
1152 | <context name="_parentheses_block_profile" attribute="Normal Text" lineEndContext="#stay"> | 962 | <context name="_parentheses_block_profile" attribute="Normal Text" lineEndContext="#stay"> | ||
1153 | <keyword context="#stay" attribute="Flags" String="profile_flags"/> | 963 | <keyword context="#stay" attribute="Flags" String="profile_flags"/> | ||
1154 | <IncludeRules context="_default_parentheses_block"/> | 964 | <IncludeRules context="_default_parentheses_block"/> | ||
1155 | </context> | 965 | </context> | ||
1156 | <context name="_default_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> | 966 | <context name="_default_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> | ||
1157 | <IncludeRules context="_parentheses_block"/> | 967 | <IncludeRules context="_parentheses_block"/> | ||
1158 | <IncludeRules context="_end_rule_irnc"/> | 968 | <IncludeRules context="_end_rule_irnc"/> | ||
1159 | </context> | 969 | </context> | ||
1160 | 970 | | |||
1161 | <!-- Finding the end of a rule --> | 971 | <!-- Finding the end of a rule --> | ||
1162 | <context name="_end_rule" attribute="Normal Text" lineEndContext="#stay"> | 972 | <context name="_end_rule" attribute="Normal Text" lineEndContext="#stay"> | ||
1163 | <RegExpr context="#pop" attribute="End of Rule Char" String=",(?=(profile|hat|allow|deny|audit|owner|file|alias|set|capability|network|(u|re)?mount|pivot_root|ptrace|unix|signal|dbus|link|change_profile)\b)" endRegion="Rule"/> | 973 | <RegExpr context="#pop" attribute="End of Rule Char" String=",(?=(profile|hat|allow|deny|audit|owner|file|alias|set|capability|network|(u|re)?mount|pivot_root|ptrace|unix|signal|dbus|link|change_profile)\b)" endRegion="Rule"/> | ||
1164 | <RegExpr context="#stay" attribute="Normal Text" String=",(?=[\w\*\?\[\{])"/> | 974 | <RegExpr context="#stay" attribute="Normal Text" String=",(?=[\w\*\?\[\{])"/> | ||
1165 | <DetectChar context="#pop" attribute="End of Rule Char" char="," endRegion="Rule"/> | 975 | <DetectChar context="#pop" attribute="End of Rule Char" char="," endRegion="Rule"/> | ||
1166 | <IncludeRules context="_end_rule_irnc"/> | 976 | <IncludeRules context="_end_rule_irnc"/> | ||
1167 | </context> | 977 | </context> | ||
1168 | <!-- Rule/Profile on new line, in rule not closed --> | 978 | <!-- Rule/Profile on new line, in rule not closed --> | ||
1169 | <context name="_end_rule_irnc" attribute="Normal Text" lineEndContext="#stay"> | 979 | <context name="_end_rule_irnc" attribute="Normal Text" lineEndContext="#stay"> | ||
1170 | <keyword String="profile_head" context="#pop#pop!_profile_name" attribute="Profile Head Error" firstNonSpace="true" endRegion="Rule"/> | 980 | <!-- Use keyword delimiters! --> | ||
1171 | <DetectChar char="^" context="#pop#pop!_profile_name" attribute="Profile Head Error" firstNonSpace="true" endRegion="Rule"/> | 981 | <RegExpr context="_end_rule_keywords" attribute="Normal Text" String="(profile|hat|allow|deny|audit|owner|file|alias|(set\s+)?rlimit|capability|network|(u|re)?mount|pivot_root|ptrace|unix|signal|dbus|link|change_profile)([\s\.\(\)<>\=/\\\[\]\{\},"'\^;:\|]|$)" firstNonSpace="true" lookAhead="true"/> | ||
1172 | <keyword String="access_types" context="#pop#pop" attribute="Access Qualifier Error" firstNonSpace="true" endRegion="Rule"/> | 982 | </context> | ||
1173 | <keyword String="qualifiers" context="#pop#pop" attribute="Qualifier Error" firstNonSpace="true" endRegion="Rule"/> | 983 | <context name="_end_rule_keywords" attribute="Normal Text" lineEndContext="#pop"> | ||
1174 | <keyword String="file_qualifiers" context="#pop#pop" attribute="File Qualifier Error" firstNonSpace="true" endRegion="Rule"/> | 984 | <keyword String="profile_head" context="#pop#pop#pop!_profile_name" attribute="Profile Head Error" endRegion="Rule"/> | ||
1175 | <RegExpr String="set(?=\s+rlimit\b)" context="#pop#pop" attribute="Rule Error" firstNonSpace="true" endRegion="Rule"/> | 985 | <keyword String="access_types" context="#pop#pop#pop" attribute="Access Qualifier Error" endRegion="Rule"/> | ||
1176 | 986 | <keyword String="qualifiers" context="#pop#pop#pop" attribute="Qualifier Error" endRegion="Rule"/> | |||
1177 | <keyword String="rule_name_file" context="#pop#pop!_rule_file" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 987 | <keyword String="file_qualifiers" context="#pop#pop#pop" attribute="File Qualifier Error" endRegion="Rule"/> | ||
1178 | <keyword String="rule_name_alias" context="#pop#pop!_default_rule_with_comments" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 988 | <RegExpr String="set(?=\s+rlimit\b)" context="#pop#pop#pop" attribute="Rule Error" endRegion="Rule"/> | ||
1179 | <keyword String="rule_name_capability" context="#pop#pop!_rule_capability" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 989 | | ||
1180 | <keyword String="rule_name_network" context="#pop#pop!_rule_network" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 990 | <keyword String="rule_name_file" context="#pop#pop#pop!_rule_file" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1181 | <keyword String="rule_name_pivotroot" context="#pop#pop!_rule_pivotroot" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 991 | <keyword String="rule_name_alias" context="#pop#pop#pop!_default_rule_with_comments" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1182 | <keyword String="rule_name_ptrace" context="#pop#pop!_rule_ptrace" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 992 | <keyword String="rule_name_capability" context="#pop#pop#pop!_rule_capability" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1183 | <keyword String="rule_name_signal" context="#pop#pop!_rule_signal" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 993 | <keyword String="rule_name_network" context="#pop#pop#pop!_rule_network" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1184 | <keyword String="rule_name_dbus" context="#pop#pop!_rule_dbus" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 994 | <keyword String="rule_name_pivotroot" context="#pop#pop#pop!_rule_pivotroot" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1185 | <keyword String="rule_name_link" context="#pop#pop!_rule_link" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 995 | <keyword String="rule_name_ptrace" context="#pop#pop#pop!_rule_ptrace" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1186 | <keyword String="rule_name_changeprofile" context="#pop#pop!_rule_changeprofile" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 996 | <keyword String="rule_name_signal" context="#pop#pop#pop!_rule_signal" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1187 | <keyword String="rule_name_rlimit" context="#pop#pop!_rule_rlimit" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 997 | <keyword String="rule_name_dbus" context="#pop#pop#pop!_rule_dbus" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
998 | <keyword String="rule_name_link" context="#pop#pop#pop!_rule_link" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||||
999 | <keyword String="rule_name_changeprofile" context="#pop#pop#pop!_rule_changeprofile" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||||
1000 | <keyword String="rule_name_rlimit" context="#pop#pop#pop!_rule_rlimit" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||||
1188 | <!-- This must be at the end of each rule context, to avoid replacing the 'unix' & 'remount' keywords | 1001 | <!-- This must be at the end of each rule context, to avoid replacing the 'unix' & 'remount' keywords | ||
1189 | ('unix' is also a domain of the network rule; 'remount' is also a flag of the mount rule). --> | 1002 | ('unix' is also a domain of the network rule; 'remount' is also a flag of the mount rule). --> | ||
1190 | <keyword String="rule_name_mount" context="#pop#pop!_rule_mount" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 1003 | <keyword String="rule_name_mount" context="#pop#pop#pop!_rule_mount" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1191 | <keyword String="rule_name_unix" context="#pop#pop!_rule_unix" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> | 1004 | <keyword String="rule_name_unix" context="#pop#pop#pop!_rule_unix" attribute="Rule Error" endRegion="Rule" beginRegion="Rule"/> | ||
1005 | <RegExpr context="#pop" attribute="Normal Text" String="."/> | ||||
1192 | </context> | 1006 | </context> | ||
1193 | 1007 | | |||
1194 | <!-- Paths & File Globals --> | 1008 | <!-- Paths & File Globals --> | ||
1195 | 1009 | | |||
1196 | <context name="_path" attribute="Normal Text" lineEndContext="#stay"> | 1010 | <context name="_path" attribute="Normal Text" lineEndContext="#stay"> | ||
1197 | <RegExpr context="_path_content" attribute="Path" String="/(?=[^&nopathchar;/])" insensitive="true"/> <!-- /my/path --> | 1011 | <DetectChar context="_path_content" attribute="Path" char="/"/> | ||
1198 | <RegExpr context="_path_content" attribute="Path" String="[&pathchar;]+\.[^&nopathchar;\.]" lookAhead="true" insensitive="true"/> <!-- my.path --> | | |||
1199 | <IncludeRules context="_path_simple"/> | | |||
1200 | </context> | 1012 | </context> | ||
1201 | <context name="_path_content" attribute="Path" lineEndContext="#pop"> | 1013 | <context name="_path_content" attribute="Path" lineEndContext="#pop"> | ||
1202 | <RegExpr context="#pop" attribute="Path" String="([&nopathchar;]|,\s|,$)" lookAhead="true" insensitive="true"/> | 1014 | <RegExpr context="#pop" attribute="Path" String=",(\s|$)" lookAhead="true"/> | ||
1015 | <DetectSpaces context="#pop" attribute="Path" lookAhead="true"/> | ||||
1016 | <AnyChar context="#pop" attribute="Path" String="&nopathchar_simple;" lookAhead="true"/> | ||||
1203 | <Detect2Chars context="_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | 1017 | <Detect2Chars context="_subprofile" attribute="SubProfile Operator" char="/" char1="/"/> | ||
1204 | <IncludeRules context="_variable_simple"/> | 1018 | <IncludeRules context="_variable_simple"/> | ||
1205 | <IncludeRules context="_path_globbing"/> | 1019 | <IncludeRules context="_path_globbing"/> | ||
1206 | </context> | 1020 | </context> | ||
1207 | <context name="_path_simple" attribute="Normal Text" lineEndContext="#stay"> | | |||
1208 | <RegExpr context="#stay" attribute="Path" String="/(?=([&nopathchar;]|,\s|,$|$))"/> <!-- / --> | | |||
1209 | </context> | | |||
1210 | 1021 | | |||
1211 | <!-- Globbing --> | 1022 | <!-- Globbing --> | ||
1212 | <context name="_path_globbing" attribute="Normal Text" lineEndContext="#stay"> | 1023 | <context name="_path_globbing" attribute="Normal Text" lineEndContext="#stay"> | ||
1213 | <IncludeRules context="_brackets_error"/> | 1024 | <IncludeRules context="_brackets_error"/> | ||
1214 | <DetectChar context="_curly_brackets" attribute="Globbing Brackets" char="{"/> | 1025 | <DetectChar context="_curly_brackets" attribute="Globbing Brackets" char="{"/> | ||
1215 | <DetectChar context="_square_brackets" attribute="Globbing Brackets" char="["/> | 1026 | <DetectChar context="_square_brackets" attribute="Globbing Brackets" char="["/> | ||
1216 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | 1027 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | ||
1217 | <IncludeRules context="_path_globbing_chars"/> | 1028 | <IncludeRules context="_path_globbing_chars"/> | ||
1218 | </context> | 1029 | </context> | ||
1219 | <context name="_path_globbing_chars" attribute="Normal Text" lineEndContext="#stay"> | 1030 | <context name="_path_globbing_chars" attribute="Normal Text" lineEndContext="#stay"> | ||
1220 | <IncludeRules context="_globbing_chars"/> | 1031 | <IncludeRules context="_globbing_chars"/> | ||
1221 | <IncludeRules context="_pcre_escape_str"/> | 1032 | <IncludeRules context="_pcre_escape_str"/> | ||
1222 | </context> | 1033 | </context> | ||
1223 | <context name="_globbing_chars" attribute="Normal Text" lineEndContext="#stay"> | 1034 | <context name="_globbing_chars" attribute="Normal Text" lineEndContext="#stay"> | ||
1224 | <AnyChar context="#stay" attribute="Globbing Char 1" String="*?"/> | 1035 | <AnyChar context="#stay" attribute="Globbing Char" String="*?"/> | ||
1225 | </context> | 1036 | </context> | ||
1226 | <context name="_pcre_escape_str" attribute="Normal Text" lineEndContext="#stay"> | 1037 | <context name="_pcre_escape_str" attribute="Normal Text" lineEndContext="#stay"> | ||
1227 | <RegExpr context="#stay" attribute="Escape Expression" String="\\[\s\{\}\[\]\(\)\|\*\?\-\^,]"/> | 1038 | <HlCStringChar context="#stay" attribute="Escape Char"/> | ||
1228 | <HlCStringChar context="#stay" attribute="Escape Expression"/> | 1039 | <RegExpr context="#stay" attribute="Escape Char" String="\\."/> | ||
1229 | </context> | 1040 | </context> | ||
1230 | 1041 | | |||
1231 | <!-- Groups of brackets: { }, [ ] and ( ) --> | 1042 | <!-- Groups of brackets: { }, [ ] and ( ) --> | ||
1232 | <context name="_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | 1043 | <context name="_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | ||
1233 | <DetectChar context="#pop" attribute="Globbing Brackets" char="}"/> | 1044 | <DetectChar context="#pop" attribute="Globbing Brackets" char="}"/> | ||
1234 | <IncludeRules context="_pcre_escape_str"/> | 1045 | <IncludeRules context="_pcre_escape_str"/> | ||
1235 | <RegExpr context="#pop" attribute="Path" String="[&nopathchar;]" lookAhead="true" insensitive="true"/> | 1046 | <DetectSpaces context="#pop" attribute="Path" lookAhead="true"/> | ||
1047 | <AnyChar context="#pop" attribute="Path" String="&nopathchar_simple;" lookAhead="true"/> | ||||
1236 | 1048 | | |||
1237 | <IncludeRules context="_variable_simple"/> | 1049 | <IncludeRules context="_variable_simple"/> | ||
1238 | <IncludeRules context="_brackets_error"/> | 1050 | <IncludeRules context="_brackets_error"/> | ||
1239 | <DetectChar context="_curly_brackets" attribute="Globbing Brackets" char="{"/> | 1051 | <DetectChar context="_curly_brackets" attribute="Globbing Brackets" char="{"/> | ||
1240 | <DetectChar context="_square_brackets" attribute="Globbing Brackets" char="["/> | 1052 | <DetectChar context="_square_brackets" attribute="Globbing Brackets" char="["/> | ||
1241 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | 1053 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | ||
1242 | <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s\[\]\{\}\(\)](?=([&nopathchar;]|$))"/> | 1054 | <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s\[\]\{\}\(\)](?=([&nopathchar;]|$))"/> | ||
1243 | 1055 | | |||
1244 | <IncludeRules context="_globbing_chars"/> | 1056 | <IncludeRules context="_globbing_chars"/> | ||
1245 | <DetectChar context="#stay" attribute="Globbing Char 2" char=","/> | 1057 | <DetectChar context="#stay" attribute="Globbing Char of Brackets" char=","/> | ||
1246 | <keyword context="#stay" attribute="Globbing Brackets" String="default_variables"/> | 1058 | <keyword context="#stay" attribute="Globbing Brackets" String="default_variables"/> | ||
1247 | </context> | 1059 | </context> | ||
1248 | <context name="_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | 1060 | <context name="_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | ||
1249 | <DetectChar context="#pop" attribute="Globbing Brackets" char="]"/> | 1061 | <DetectChar context="#pop" attribute="Globbing Brackets" char="]"/> | ||
1250 | <IncludeRules context="_pcre_escape_str"/> | 1062 | <IncludeRules context="_pcre_escape_str"/> | ||
1251 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | 1063 | <DetectSpaces context="#pop" attribute="Path" lookAhead="true"/> | ||
1252 | <DetectChar context="#pop" attribute="Path" char=""" lookAhead="true"/> | 1064 | <DetectChar context="#pop" attribute="Path" char=""" lookAhead="true"/> <!-- &nopathchar; --> | ||
1253 | 1065 | | |||
1254 | <IncludeRules context="_variable_simple"/> | 1066 | <IncludeRules context="_variable_simple"/> | ||
1255 | <DetectChar context="#stay" attribute="Error" char="["/> | 1067 | <DetectChar context="#stay" attribute="Error" char="["/> | ||
1256 | <RegExpr context="#stay" attribute="Open Globbing Brackets" String="\S(?=([\s"]|$))"/> | 1068 | <RegExpr context="#stay" attribute="Open Globbing Brackets" String="\S(?=(["\s]|$))"/> <!-- &nopathchar; --> | ||
1257 | 1069 | | |||
1258 | <IncludeRules context="_globbing_chars"/> | 1070 | <IncludeRules context="_globbing_chars"/> | ||
1259 | <AnyChar context="#stay" attribute="Globbing Char 2" String="^-"/> | 1071 | <AnyChar context="#stay" attribute="Globbing Char of Brackets" String="^-"/> | ||
1260 | </context> | 1072 | </context> | ||
1261 | <context name="_round_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | 1073 | <context name="_round_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | ||
1262 | <DetectChar context="#pop" attribute="Globbing Brackets" char=")"/> | 1074 | <DetectChar context="#pop" attribute="Globbing Brackets" char=")"/> | ||
1263 | <IncludeRules context="_pcre_escape_str"/> | 1075 | <IncludeRules context="_pcre_escape_str"/> | ||
1264 | <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> | 1076 | <DetectSpaces context="#pop" attribute="Path" lookAhead="true"/> | ||
1265 | <DetectChar context="#pop" attribute="Path" char=""" lookAhead="true"/> | 1077 | <DetectChar context="#pop" attribute="Path" char=""" lookAhead="true"/> <!-- &nopathchar; --> | ||
1266 | 1078 | | |||
1267 | <IncludeRules context="_variable_simple"/> | 1079 | <IncludeRules context="_variable_simple"/> | ||
1268 | <IncludeRules context="_brackets_error"/> | 1080 | <IncludeRules context="_brackets_error"/> | ||
1269 | <DetectChar context="_curly_brackets" attribute="Globbing Brackets" char="{"/> | 1081 | <DetectChar context="_curly_brackets" attribute="Globbing Brackets" char="{"/> | ||
1270 | <DetectChar context="_square_brackets" attribute="Globbing Brackets" char="["/> | 1082 | <DetectChar context="_square_brackets" attribute="Globbing Brackets" char="["/> | ||
1271 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | 1083 | <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> | ||
1272 | <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s\[\]\{\}\(\)](?=([\s"]|$))"/> | 1084 | <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s\[\]\{\}\(\)](?=(["\s]|$))"/> <!-- &nopathchar; --> | ||
1273 | 1085 | | |||
1274 | <IncludeRules context="_globbing_chars"/> | 1086 | <IncludeRules context="_globbing_chars"/> | ||
1275 | <DetectChar context="#stay" attribute="Globbing Char 2" char="|"/> | 1087 | <DetectChar context="#stay" attribute="Globbing Char of Brackets" char="|"/> | ||
1276 | </context> | 1088 | </context> | ||
1277 | <context name="_brackets_error" attribute="Normal Text" lineEndContext="#stay"> | 1089 | <context name="_brackets_error" attribute="Normal Text" lineEndContext="#stay"> | ||
1278 | <StringDetect context="#stay" attribute="Error" String="[]"/> | 1090 | <Detect2Chars context="#stay" attribute="Error" char="[" char1="]"/> | ||
1279 | <StringDetect context="#stay" attribute="Error" String="{}"/> | 1091 | <Detect2Chars context="#stay" attribute="Error" char="{" char1="}"/> | ||
1280 | <StringDetect context="#stay" attribute="Error" String="()"/> | 1092 | <Detect2Chars context="#stay" attribute="Error" char="(" char1=")"/> | ||
1281 | </context> | | |||
1282 | | ||||
1283 | <!-- If the brackets are outside a path --> | | |||
1284 | <context name="_globbrackets_rule" attribute="Normal Text" lineEndContext="#stay"> | | |||
1285 | <DetectChar context="_r_curly_brackets" attribute="Globbing Brackets" char="{"/> | | |||
1286 | <DetectChar context="_r_square_brackets" attribute="Globbing Brackets" char="["/> | | |||
1287 | </context> | | |||
1288 | <context name="_r_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | | |||
1289 | <RegExpr context="#pop!_path_content" attribute="Globbing Brackets" String="\}(?=[&pathchar;\[\{\(#])" insensitive="true"/> | | |||
1290 | <IncludeRules context="_curly_brackets"/> | | |||
1291 | </context> | | |||
1292 | <context name="_r_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> | | |||
1293 | <RegExpr context="#pop!_path_content" attribute="Globbing Brackets" String="\](?=[&pathchar;\[\{\(#])" insensitive="true"/> | | |||
1294 | <IncludeRules context="_square_brackets"/> | | |||
1295 | </context> | 1093 | </context> | ||
1296 | 1094 | | |||
1297 | <!-- Path Quoted --> | 1095 | <!-- Path Quoted --> | ||
1298 | <context name="_text_quoted" attribute="Normal Text" lineEndContext="#stay"> | 1096 | <context name="_text_quoted" attribute="Normal Text" lineEndContext="#stay"> | ||
1299 | <DetectChar context="_quoted" attribute="Text Quoted" char="""/> | 1097 | <DetectChar context="_quoted" attribute="Text Quoted" char="""/> | ||
1300 | </context> | 1098 | </context> | ||
1301 | <context name="_quoted" attribute="Text Quoted" lineEndContext="#stay"> | 1099 | <context name="_quoted" attribute="Text Quoted" lineEndContext="#stay"> | ||
1302 | <DetectChar context="#pop" attribute="Text Quoted" char="""/> | 1100 | <DetectChar context="#pop" attribute="Text Quoted" char="""/> | ||
1303 | <IncludeRules context="_variable_simple"/> | 1101 | <IncludeRules context="_variable_simple"/> | ||
1304 | <IncludeRules context="_path_globbing"/> | 1102 | <IncludeRules context="_path_globbing"/> | ||
1305 | </context> | 1103 | </context> | ||
1306 | 1104 | | |||
1307 | </contexts> | 1105 | </contexts> | ||
1308 | 1106 | | |||
1309 | <itemDatas> | 1107 | <itemDatas> | ||
1310 | <itemData name="Normal Text" defStyleNum="dsNormal" spellChecking="false"/> | 1108 | <itemData name="Normal Text" defStyleNum="dsNormal" spellChecking="false"/> | ||
1311 | <itemData name="Path" defStyleNum="dsNormal" bold="0" italic="0" underline="0" spellChecking="false"/> | 1109 | <itemData name="Path" defStyleNum="dsNormal" bold="0" spellChecking="false"/> | ||
1312 | <itemData name="Text Quoted" defStyleNum="dsString" bold="0" italic="0" underline="0" spellChecking="false"/> | 1110 | <itemData name="Text Quoted" defStyleNum="dsString" bold="0" spellChecking="false"/> | ||
1313 | <itemData name="Comment" defStyleNum="dsComment"/> | 1111 | <itemData name="Comment" defStyleNum="dsComment"/> | ||
1314 | <itemData name="Preprocessor" defStyleNum="dsPreprocessor" spellChecking="false"/> | 1112 | <itemData name="Preprocessor" defStyleNum="dsPreprocessor" spellChecking="false"/> | ||
1315 | <itemData name="Prep. Lib" defStyleNum="dsImport" underline="0" spellChecking="false"/> | 1113 | <itemData name="Prep. Lib" defStyleNum="dsImport" underline="0" spellChecking="false"/> | ||
1316 | <itemData name="Open Prep. Lib" defStyleNum="dsImport" underline="1" spellChecking="false"/> | 1114 | <itemData name="Open Prep. Lib" defStyleNum="dsImport" underline="1" spellChecking="false"/> | ||
1317 | <itemData name="Variable" defStyleNum="dsDecVal" bold="0" italic="0" underline="0" spellChecking="false"/> | 1115 | <itemData name="Variable" defStyleNum="dsDecVal" bold="0" spellChecking="false"/> | ||
1318 | 1116 | | |||
1319 | <itemData name="Profile Head" defStyleNum="dsFunction" bold="1" italic="0" underline="0" spellChecking="false"/> | 1117 | <itemData name="Profile Head" defStyleNum="dsFunction" bold="1" underline="0" spellChecking="false"/> | ||
1320 | <itemData name="Profile Name" defStyleNum="dsFunction" bold="0" italic="0" underline="0" spellChecking="false"/> | 1118 | <itemData name="Profile Name" defStyleNum="dsFunction" bold="0" underline="0" spellChecking="false"/> | ||
1321 | <itemData name="Transition Profile Name" defStyleNum="dsFunction" bold="0" italic="1" underline="0" spellChecking="false"/> | 1119 | <itemData name="Transition Profile Name" defStyleNum="dsFunction" bold="0" italic="1" underline="0" spellChecking="false"/> | ||
1322 | <itemData name="Qualifier" defStyleNum="dsNormal" bold="1" italic="0" underline="0" spellChecking="false"/> | 1120 | <itemData name="Qualifier" defStyleNum="dsNormal" bold="1" underline="0" spellChecking="false"/> | ||
1323 | <itemData name="Access Qualifier" defStyleNum="dsWarning" bold="1" italic="0" underline="0" spellChecking="false"/> | 1121 | <itemData name="Access Qualifier" defStyleNum="dsWarning" bold="1" underline="0" spellChecking="false"/> | ||
1324 | <itemData name="File Qualifier" defStyleNum="dsVariable" bold="1" italic="0" underline="0" spellChecking="false"/> | 1122 | <itemData name="File Qualifier" defStyleNum="dsVariable" bold="1" underline="0" spellChecking="false"/> | ||
1325 | <itemData name="Rule" defStyleNum="dsVariable" bold="1" italic="0" underline="0" spellChecking="false"/> | 1123 | <itemData name="Rule" defStyleNum="dsVariable" bold="1" underline="0" spellChecking="false"/> | ||
1326 | <itemData name="Data" defStyleNum="dsVariable" bold="0" italic="0" underline="0" spellChecking="false"/> | 1124 | <itemData name="Data" defStyleNum="dsVariable" bold="0" spellChecking="false"/> | ||
1327 | <itemData name="Other Data" defStyleNum="dsNormal" bold="0" italic="1" underline="0" spellChecking="false"/> | 1125 | <itemData name="Other Data" defStyleNum="dsNormal" bold="0" italic="1" spellChecking="false"/> | ||
1328 | <itemData name="Permissions" defStyleNum="dsKeyword" bold="1" italic="0" underline="0" spellChecking="false"/> | 1126 | <itemData name="Permissions" defStyleNum="dsKeyword" bold="1" spellChecking="false"/> | ||
1329 | 1127 | | |||
1330 | <itemData name="Option" defStyleNum="dsOthers" bold="0" italic="0" underline="0" spellChecking="false"/> | 1128 | <itemData name="Option" defStyleNum="dsOthers" bold="0" spellChecking="false"/> | ||
1331 | <itemData name="Other Option" defStyleNum="dsDataType" bold="0" italic="0" underline="0" spellChecking="false"/> | 1129 | <itemData name="Other Option" defStyleNum="dsDataType" bold="0" spellChecking="false"/> | ||
1332 | <itemData name="Flags" defStyleNum="dsVerbatimString" italic="0" underline="0" spellChecking="false"/> | 1130 | <itemData name="Flags" defStyleNum="dsVerbatimString" spellChecking="false"/> | ||
1333 | <itemData name="SubProfile" defStyleNum="dsAnnotation" bold="0" italic="0" underline="0" spellChecking="false"/> | 1131 | <itemData name="SubProfile" defStyleNum="dsAnnotation" bold="0" spellChecking="false"/> | ||
1334 | <itemData name="SubProfile Operator" defStyleNum="dsAnnotation" bold="1" italic="0" underline="0" spellChecking="false"/> | 1132 | <itemData name="SubProfile Operator" defStyleNum="dsAnnotation" bold="1" spellChecking="false"/> | ||
1335 | <itemData name="Operator 1" defStyleNum="dsOperator" spellChecking="false"/> | 1133 | <itemData name="Operator 1" defStyleNum="dsOperator" spellChecking="false"/> | ||
1336 | <itemData name="Operator 2" defStyleNum="dsWarning" bold="1" italic="0" underline="0" spellChecking="false"/> | 1134 | <itemData name="Operator 2" defStyleNum="dsWarning" bold="1" spellChecking="false"/> | ||
1337 | <itemData name="Number" defStyleNum="dsDecVal" spellChecking="false"/> | 1135 | <itemData name="Number" defStyleNum="dsDecVal" spellChecking="false"/> | ||
1338 | <itemData name="End of Rule Char" defStyleNum="dsNormal" spellChecking="false"/> | 1136 | <itemData name="End of Rule Char" defStyleNum="dsNormal" spellChecking="false"/> | ||
1339 | 1137 | | |||
1340 | <itemData name="Escape Expression" defStyleNum="dsSpecialChar" bold="0" italic="0" underline="0" spellChecking="false"/> | 1138 | <itemData name="Escape Char" defStyleNum="dsSpecialChar" bold="0" spellChecking="false"/> | ||
1341 | <itemData name="Globbing Char 1" defStyleNum="dsSpecialChar" bold="0" italic="0" underline="0" spellChecking="false"/> | 1139 | <itemData name="Globbing Char" defStyleNum="dsSpecialChar" bold="0" spellChecking="false"/> | ||
1342 | <itemData name="Globbing Char 2" defStyleNum="dsAnnotation" bold="0" italic="0" underline="0" spellChecking="false"/> | 1140 | <itemData name="Globbing Char of Brackets" defStyleNum="dsAnnotation" bold="0" spellChecking="false"/> | ||
1343 | <itemData name="Globbing Char 3" defStyleNum="dsSpecialString" bold="0" italic="1" underline="0" spellChecking="false"/> | 1141 | <itemData name="Globbing Char in Tran. Prof." defStyleNum="dsSpecialString" bold="0" italic="1" spellChecking="false"/> | ||
1344 | <itemData name="Globbing Brackets" defStyleNum="dsSpecialString" bold="0" italic="0" underline="0" spellChecking="false"/> | 1142 | <itemData name="Globbing Brackets" defStyleNum="dsSpecialString" bold="0" underline="0" spellChecking="false"/> | ||
1345 | <itemData name="Open Globbing Brackets" defStyleNum="dsSpecialString" bold="0" italic="0" underline="1" spellChecking="false"/> | 1143 | <itemData name="Open Globbing Brackets" defStyleNum="dsSpecialString" bold="0" underline="1" spellChecking="false"/> | ||
1346 | 1144 | | |||
1347 | <itemData name="Rule Error" defStyleNum="dsVariable" bold="1" italic="0" underline="1" spellChecking="false"/> | 1145 | <itemData name="Rule Error" defStyleNum="dsVariable" bold="1" underline="1" spellChecking="false"/> | ||
1348 | <itemData name="Qualifier Error" defStyleNum="dsNormal" bold="1" italic="0" underline="1" spellChecking="false"/> | 1146 | <itemData name="Qualifier Error" defStyleNum="dsNormal" bold="1" underline="1" spellChecking="false"/> | ||
1349 | <itemData name="Access Qualifier Error" defStyleNum="dsWarning" bold="1" italic="0" underline="1" spellChecking="false"/> | 1147 | <itemData name="Access Qualifier Error" defStyleNum="dsWarning" bold="1" underline="1" spellChecking="false"/> | ||
1350 | <itemData name="File Qualifier Error" defStyleNum="dsVariable" bold="1" italic="0" underline="1" spellChecking="false"/> | 1148 | <itemData name="File Qualifier Error" defStyleNum="dsVariable" bold="1" underline="1" spellChecking="false"/> | ||
1351 | <itemData name="Profile Head Error" defStyleNum="dsFunction" bold="1" italic="0" underline="1" spellChecking="false"/> | 1149 | <itemData name="Profile Head Error" defStyleNum="dsFunction" bold="1" underline="1" spellChecking="false"/> | ||
1352 | <itemData name="Error" defStyleNum="dsError" spellChecking="false"/> | 1150 | <itemData name="Error" defStyleNum="dsError" spellChecking="false"/> | ||
1353 | </itemDatas> | 1151 | </itemDatas> | ||
1354 | 1152 | | |||
1355 | </highlighting> | 1153 | </highlighting> | ||
1356 | 1154 | | |||
1357 | <general> | 1155 | <general> | ||
1358 | <!-- Keyword delimiters: .()<>=/\[]{},"'^;:| --> | 1156 | <!-- Keyword delimiters: .()<>=/\[]{},"'^;:| --> | ||
1359 | <keywords casesensitive="true" additionalDeliminator=""'" weakDeliminator="!+-%*?~&"/> | 1157 | <keywords casesensitive="true" additionalDeliminator=""'" weakDeliminator="!+-%*?~&"/> | ||
1360 | 1158 | | |||
1361 | <comments> | 1159 | <comments> | ||
1362 | <comment name="singleLine" start="#"/> | 1160 | <comment name="singleLine" start="#"/> | ||
1363 | </comments> | 1161 | </comments> | ||
1364 | </general> | 1162 | </general> | ||
1365 | 1163 | | |||
1366 | </language> | 1164 | </language> |