Warning, /frameworks/syntax-highlighting/data/syntax/apparmor.xml is written in an unsupported language. File is not indexed.
0001 <?xml version="1.0" encoding="UTF-8"?> 0002 <!DOCTYPE language 0003 [ 0004 <!ENTITY varName "[A-Za-z]\w*"> 0005 <!ENTITY variable "@\{&varName;\}"> 0006 <!ENTITY exec "[pPcC]?[iuU]?x"> 0007 <!ENTITY globbChars "*?"> 0008 <!-- Characters not allowed in a path --> 0009 <!ENTITY noPathChar "\s\)""> 0010 <!ENTITY noPathCharWithoutSpace ")""> 0011 <!ENTITY endPath ",(?:[\s"]|$)"> 0012 <!ENTITY url "\bhttps?://[^\s<>"'`]*[^\s<>"'`\}\)\]\.,;\|]"> 0013 <!-- Email (Source: http://emailregex.com) --> 0014 <!ENTITY email "(?:(?:[^<>\(\)\[\]\\\.,;:\s@"]+(?:\.[^<>\(\)\[\]\\\.,;:\s@"]+)*)|(?:"[^"]+"))@(?:(?:\[\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}])|(?:(?:[a-zA-Z\-\d]+\.)+[a-zA-Z]{2,}))\b"> 0015 0016 <!ENTITY _perm_correction_in_p "p[iUu]?x(?:[rwakml]|p[iUu]?x)*[PcC]?[iUu]?"> 0017 <!ENTITY _perm_correction_in_P "P[iUu]?x(?:[rwakml]|P[iUu]?x)*[pcC]?[iUu]?"> 0018 <!ENTITY _perm_correction_in_c "c[iUu]?x(?:[rwakml]|c[iUu]?x)*[PpC]?[iUu]?"> 0019 <!ENTITY _perm_correction_in_C "C[iUu]?x(?:[rwakml]|C[iUu]?x)*[Ppc]?[iUu]?"> 0020 <!ENTITY _perm_correction_in_i "[PpCc]?ix(?:[rwakml]|[PpCc]?ix)*[PpCc]?[Uu]?"> 0021 <!ENTITY _perm_correction_in_u "[PpCc]?ux(?:[rwakml]|[PpCc]?ux)*[PpCc]?[iU]?"> 0022 <!ENTITY _perm_correction_in_U "[PpCc]?Ux(?:[rwakml]|[PpCc]?Ux)*[PpCc]?[iu]?"> 0023 <!ENTITY _perm_correction_in_x1 "[iuU]?x(?:[rwakml]|[iuU]?x)*[PpCc][iuU]?"> <!-- x, ix, ux or Ux followed by P, p, C or c --> 0024 <!ENTITY _perm_correction_in_x2 "x[rwakmlx]*[iuU]"> <!-- x followed by ix, ux or Ux --> 0025 <!ENTITY perm_correction_in "(?:^|\s)[rwakml]*(?:&_perm_correction_in_p;|&_perm_correction_in_P;|&_perm_correction_in_c;|&_perm_correction_in_C;|&_perm_correction_in_i;|&_perm_correction_in_u;|&_perm_correction_in_U;|&_perm_correction_in_x1;|&_perm_correction_in_x2;)x(?:[rwakml]|&exec;)*(?:[\s,]|$)"> <!-- x followed by ix, ux or Ux --> 0026 0027 <!ENTITY _path "(?:[^\s/\[\\]|//|\\.|\[(?:[^\s\]\\]|\\.)*\])*"> 0028 <!ENTITY _path_quoted ""(?:[^/"\[\\]|//|\\.|\[(?:[^"\]\\]|\\.)*\])*"> 0029 <!ENTITY path "(?:&_path;|&_path_quoted;)/(?:$|[^/])"> 0030 ]> 0031 0032 <!-- 0033 AppArmor Profiles Syntax Highlighting Definition 0034 =========================================================================== 0035 0036 This file is part of the KDE's KSyntaxHighlighting framework. 0037 0038 SPDX-FileCopyrightText: 2017-2020 Nibaldo González S. <nibgonz@gmail.com> 0039 0040 SPDX-License-Identifier: MIT 0041 0042 =========================================================================== 0043 0044 Last update: 0045 Syntax highlighting based on AppArmor 3.0.0 0046 For more details about the syntax of AppArmor profiles, visit: 0047 https://gitlab.com/apparmor/apparmor/wikis/Documentation 0048 https://manpages.ubuntu.com/manpages/focal/en/man5/apparmor.d.5.html 0049 0050 Change log: 0051 * Version 12 [02-Oct-2020]: (AppArmor 3.0) Add ABI rules and new profile flags. 0052 * Version 11 [30-Sep-2020]: Update itemData's and rule_mount_fstypes list. 0053 * Version 10 [25-Oct-2019]: Use non-capturing groups in RegExpr. 0054 * Version 9 [20-Jun-2019]: (AppArmor 2.13.3): 0055 - Add new network domain keywords. 0056 - Fixes: drop unsupported 'to' operator for link rules and only highlight the 'in' 0057 operator in mount rules. Only highlight valid numbers in rlimit rules. 0058 * Version 8 [02-Apr-2019]: (AppArmor 2.13.2) 0059 - Do not highlight variable assignments and alias rules within profiles. 0060 - Add keywords of "tunables/share" variables. 0061 - Change style of "Other Option" attribute and remove one indentation. 0062 * Version 7 [15-Sep-2018]: 0063 - Update itemData's style for the new Solarized color schemes. 0064 - Fixes in "_end_rule_irnc". 0065 * Version 6 [24-Jul-2018, by Nibaldo G.]: (AppArmor 2.13.0) 0066 - Fixes for Include rules, add 'if exists'. Fix escapes & globbing in text quoted. 0067 - Improvements in paths that start with variables, hats, comments and variable 0068 assignments and others. Add some abstractions & filesystems. 0069 * Version 4 [25-Jan-2018, by Nibaldo G.]: (AppArmor 2.12.0) 0070 - New keywords: network and mount rules, default abstractions, variables and others. 0071 - Multiple improvements and fixes. 0072 - Do not allow comments within rules and in variable assignment lines. 0073 * Version 3 [24-Sep-2017, by Nibaldo G.]: 0074 - Fix incorrect highlighting of the DBus rule 'name' keyword. 0075 * Version 2 [29-Aug-2017, by Nibaldo G.]: 0076 - Improvements and bug fixes. 0077 - Each rule has its own context. 0078 - The profile name is highlighted in the profile header and profile transition rules. 0079 * Version 1 [22-Feb-2017, by Nibaldo González]: 0080 - Initial version. Support for profile syntax of Apparmor 2.11. 0081 --> 0082 0083 <language name="AppArmor Security Profile" 0084 version="16" 0085 kateversion="5.0" 0086 section="Markup" 0087 extensions="usr.bin.*;usr.sbin.*;bin.*;sbin.*;usr.lib.*;usr.lib64.*;usr.lib32.*;usr.libx32.*;usr.libexec.*;usr.local.bin.*;usr.local.sbin.*;usr.local.lib*;opt.*;etc.cron.*;snap.*;snap-update-ns.*;snap-confine.*" 0088 priority="0" 0089 mimetype="" 0090 author="Nibaldo González (nibgonz@gmail.com)" 0091 license="MIT"> 0092 0093 <highlighting> 0094 0095 <!-- Profile Header --> 0096 <list name="profile_head"> 0097 <item>profile</item> 0098 <item>hat</item> 0099 </list> 0100 <list name="profile_options"> 0101 <item>flags</item> 0102 <item>xattrs</item> 0103 </list> 0104 <list name="profile_flags"> 0105 <item>audit</item> 0106 <item>complain</item> 0107 <item>enforce</item> 0108 <item>kill</item> 0109 <item>unconfined</item> 0110 <item>mediate_deleted</item> 0111 <item>attach_disconnected</item> 0112 <item>chroot_relative</item> 0113 <!-- Others --> 0114 <item>chroot_attach</item> 0115 <item>chroot_no_attach</item> 0116 <item>delegate_deleted</item> 0117 <item>no_attach_disconnected</item> 0118 <item>namespace_relative</item> 0119 </list> 0120 0121 <!-- Rule Qualifiers --> 0122 <list name="rule_access_qualifiers"> 0123 <item>allow</item> 0124 <item>deny</item> 0125 </list> 0126 <list name="file_rule_qualifiers"> 0127 <item>owner</item> 0128 <item>other</item> 0129 </list> 0130 <list name="rule_qualifiers"> 0131 <item>audit</item> 0132 <!-- noaudit/quiet, defined, not --> 0133 </list> 0134 <!-- Conditional: if, else --> 0135 0136 <!-- Capabilities, Capability Rule. 0137 Lowercase capability name without 'CAP_' prefix. 0138 http://man7.org/linux/man-pages/man7/capabilities.7.html --> 0139 <list name="rule_capability"> 0140 <item>audit_control</item> 0141 <item>audit_read</item> 0142 <item>audit_write</item> 0143 <item>block_suspend</item> 0144 <item>chown</item> 0145 <item>dac_override</item> 0146 <item>dac_read_search</item> 0147 <item>fowner</item> 0148 <item>fsetid</item> 0149 <item>ipc_lock</item> 0150 <item>ipc_owner</item> 0151 <item>kill</item> 0152 <item>lease</item> 0153 <item>linux_immutable</item> 0154 <item>mac_admin</item> 0155 <item>mac_override</item> 0156 <item>mknod</item> 0157 <item>net_admin</item> 0158 <item>net_bind_service</item> 0159 <item>net_broadcast</item> 0160 <item>net_raw</item> 0161 <item>setgid</item> 0162 <item>setfcap</item> 0163 <item>setpcap</item> 0164 <item>setuid</item> 0165 <item>sys_admin</item> 0166 <item>sys_boot</item> 0167 <item>sys_chroot</item> 0168 <item>sys_module</item> 0169 <item>sys_nice</item> 0170 <item>sys_pacct</item> 0171 <item>sys_ptrace</item> 0172 <item>sys_rawio</item> 0173 <item>sys_resource</item> 0174 <item>sys_time</item> 0175 <item>sys_tty_config</item> 0176 <item>syslog</item> 0177 <item>wake_alarm</item> 0178 </list> 0179 0180 <!-- Network Rule --> 0181 <list name="rule_network"> 0182 <!-- Domain. 0183 Also: unix --> 0184 <item>inet</item> 0185 <item>ax25</item> 0186 <item>ipx</item> 0187 <item>appletalk</item> 0188 <item>netrom</item> 0189 <item>bridge</item> 0190 <item>atmpvc</item> 0191 <item>x25</item> 0192 <item>inet6</item> 0193 <item>rose</item> 0194 <item>netbeui</item> 0195 <item>security</item> 0196 <item>key</item> 0197 <item>packet</item> 0198 <item>ash</item> 0199 <item>econet</item> 0200 <item>atmsvc</item> 0201 <item>sna</item> 0202 <item>irda</item> 0203 <item>pppox</item> 0204 <item>wanpipe</item> 0205 <item>bluetooth</item> 0206 <item>netlink</item> 0207 <item>rds</item> 0208 <item>llc</item> 0209 <item>can</item> 0210 <item>tipc</item> 0211 <item>iucv</item> 0212 <item>rxrpc</item> 0213 <item>isdn</item> 0214 <item>phonet</item> 0215 <item>ieee802154</item> 0216 <item>caif</item> 0217 <item>alg</item> 0218 <item>nfc</item> 0219 <item>vsock</item> 0220 <item>mpls</item> 0221 <item>ib</item> 0222 <item>kcm</item> 0223 <item>smc</item> 0224 <item>qipcrtr</item> 0225 <item>xdp</item> 0226 0227 <!-- Type. 0228 Also: packet --> 0229 <item>stream</item> 0230 <item>dgram</item> 0231 <item>seqpacket</item> 0232 <item>rdm</item> 0233 <item>raw</item> 0234 0235 <!-- Protocol --> 0236 <item>tcp</item> 0237 <item>udp</item> 0238 <item>icmp</item> 0239 </list> 0240 <list name="rule_network_unix"> 0241 <!-- NOTE: This keyword is placed in a separate list, 0242 to avoid conflicts with the 'unix' rule name. --> 0243 <item>unix</item> 0244 </list> 0245 0246 <!-- Mount Rule --> 0247 <list name="rule_mount_options"> 0248 <item>fstype</item> 0249 <item>vfstype</item> 0250 <item>options</item> 0251 <item>option</item> 0252 </list> 0253 <list name="rule_mount_flags"> 0254 <item>r</item> 0255 <item>w</item> 0256 <item>rw</item> 0257 <item>ro</item> 0258 <item>read-only</item> 0259 <item>suid</item> 0260 <item>nosuid</item> 0261 <item>dev</item> 0262 <item>nodev</item> 0263 <item>exec</item> 0264 <item>noexec</item> 0265 <item>sync</item> 0266 <item>async</item> 0267 <item>remount</item> 0268 <item>mand</item> 0269 <item>nomand</item> 0270 <item>dirsync</item> 0271 <item>atime</item> 0272 <item>noatime</item> 0273 <item>diratime</item> 0274 <item>nodiratime</item> 0275 <item>bind</item> 0276 <item>B</item> 0277 <item>move</item> 0278 <item>M</item> 0279 <item>rbind</item> 0280 <item>R</item> 0281 <item>verbose</item> 0282 <item>silent</item> 0283 <item>loud</item> 0284 <item>acl</item> 0285 <item>noacl</item> 0286 <item>unbindable</item> 0287 <item>make-unbindable</item> 0288 <item>runbindable</item> 0289 <item>make-runbindable</item> 0290 <item>private</item> 0291 <item>make-private</item> 0292 <item>rprivate</item> 0293 <item>make-rprivate</item> 0294 <item>slave</item> 0295 <item>make-slave</item> 0296 <item>rslave</item> 0297 <item>make-rslave</item> 0298 <item>shared</item> 0299 <item>make-shared</item> 0300 <item>rshared</item> 0301 <item>make-rshared</item> 0302 <item>relatime</item> 0303 <item>norelatime</item> 0304 <item>iversion</item> 0305 <item>noiversion</item> 0306 <item>strictatime</item> 0307 <item>user</item> 0308 <item>nouser</item> 0309 </list> 0310 <list name="rule_mount_fstypes"> 0311 <!-- Stackable FS --> 0312 <item>ecryptfs</item> 0313 <item>cryfs</item> 0314 <item>encfs</item> 0315 <item>overlayfs</item> 0316 <item>unionfs</item> 0317 <!-- Specialpurpose FS --> 0318 <item>devtmpfs</item> 0319 <item>ramfs</item> 0320 <item>tmpfs</item> 0321 <!-- Block-based, Network & Pseudo FS --> 0322 <item>adfs</item> 0323 <item>affs</item> 0324 <item>afs</item> 0325 <item>apfs</item> 0326 <item>apparmorfs</item> 0327 <item>autofs</item> 0328 <item>bdev</item> 0329 <item>bfs</item> 0330 <item>bpf</item> 0331 <item>btrfs</item> 0332 <item>cachefs</item> 0333 <item>ceph</item> 0334 <item>cgroup2</item> 0335 <item>cgroup</item> 0336 <item>cifs</item> 0337 <item>coda</item> 0338 <item>coherent</item> 0339 <item>configfs</item> 0340 <item>cpuset</item> 0341 <item>cramfs</item> 0342 <item>debugfs</item> 0343 <item>devfs</item> 0344 <item>devpts</item> 0345 <item>efs</item> 0346 <item>exfat</item> 0347 <item>ext2</item> 0348 <item>ext3</item> 0349 <item>ext4</item> 0350 <item>f2fs</item> 0351 <item>fatx</item> 0352 <item>functionfs</item> 0353 <item>fuse</item> 0354 <item>fuseblk</item> 0355 <item>fusectl</item> 0356 <item>futexfs</item> 0357 <item>gfs</item> 0358 <item>hfs</item> 0359 <item>hfsplus</item> 0360 <item>hpfs</item> 0361 <item>hugetlbfs</item> 0362 <item>ifs</item> 0363 <item>inotifyfs</item> 0364 <item>iso9660</item> 0365 <item>jffs2</item> 0366 <item>jffs</item> 0367 <item>jfs</item> 0368 <item>kernfs</item> 0369 <item>labeledfs</item> 0370 <item>lvm2</item> 0371 <item>minix</item> 0372 <item>mqueue</item> 0373 <item>msdos</item> 0374 <item>ncpfs</item> 0375 <item>nfs4</item> 0376 <item>nfs</item> 0377 <item>nilfs2</item> 0378 <item>nilfs</item> 0379 <item>ntfs-3g</item> 0380 <item>ntfs</item> 0381 <item>ocfs</item> 0382 <item>oemfs</item> 0383 <item>pipefs</item> 0384 <item>proc</item> 0385 <item>procfs</item> 0386 <item>pstore</item> 0387 <item>pstorefs</item> 0388 <item>qnx4</item> 0389 <item>qnx6</item> 0390 <item>reiser4</item> 0391 <item>reiserfs</item> 0392 <item>romfs</item> 0393 <item>rootfs</item> 0394 <item>sdcardfs</item> 0395 <item>securityfs</item> 0396 <item>selinuxfs</item> 0397 <item>shm</item> 0398 <item>smbfs</item> 0399 <item>sockfs</item> 0400 <item>specfs</item> 0401 <item>squashfs</item> 0402 <item>swap</item> 0403 <item>swapfs</item> 0404 <item>sysfs</item> 0405 <item>sysv</item> 0406 <item>tracefs</item> 0407 <item>ubifs</item> 0408 <item>udf</item> 0409 <item>ufs</item> 0410 <item>umsdos</item> 0411 <item>urefs</item> 0412 <item>usbfs</item> 0413 <item>vfat</item> 0414 <item>xenix</item> 0415 <item>xfs</item> 0416 <item>yaffs2</item> 0417 <item>yaffs</item> 0418 <item>zfs</item> 0419 <!-- Not included: ext, usbdevfs, xiafs --> 0420 </list> 0421 0422 <!-- Pivot Root Rule --> 0423 <list name="rule_pivotroot_options"> 0424 <item>oldroot</item> 0425 </list> 0426 0427 <!-- Ptrace Rule --> 0428 <list name="rule_ptrace_options"> 0429 <item>peer</item> 0430 </list> 0431 <list name="rule_ptrace_access"> 0432 <!-- Also: r, w, rw, read --> 0433 <item>readby</item> 0434 <item>trace</item> 0435 <item>tracedby</item> 0436 </list> 0437 0438 <!-- Signal Rule --> 0439 <list name="rule_signal_options"> 0440 <item>set</item> 0441 <item>peer</item> 0442 </list> 0443 <list name="rule_signal"> 0444 <!-- Also: rtmin+0 ... rtmin+32 --> 0445 <item>bus</item> 0446 <item>hup</item> 0447 <item>int</item> 0448 <item>quit</item> 0449 <item>ill</item> 0450 <item>trap</item> 0451 <item>abrt</item> 0452 <item>fpe</item> 0453 <item>kill</item> 0454 <item>usr1</item> 0455 <item>segv</item> 0456 <item>usr2</item> 0457 <item>pipe</item> 0458 <item>alrm</item> 0459 <item>term</item> 0460 <item>stkflt</item> 0461 <item>chld</item> 0462 <item>cont</item> 0463 <item>stop</item> 0464 <item>stp</item> 0465 <item>ttin</item> 0466 <item>ttou</item> 0467 <item>urg</item> 0468 <item>xcpu</item> 0469 <item>xfsz</item> 0470 <item>vtalrm</item> 0471 <item>prof</item> 0472 <item>winch</item> 0473 <item>io</item> 0474 <item>pwr</item> 0475 <item>sys</item> 0476 <item>emt</item> 0477 <item>exists</item> 0478 </list> 0479 <list name="rule_signal_access"> 0480 <!-- Also: r, w, rw, read, write --> 0481 <item>send</item> 0482 <item>receive</item> 0483 </list> 0484 0485 <!-- DBus Rule --> 0486 <list name="rule_dbus_options"> 0487 <item>peer</item> 0488 <item>bus</item> 0489 <item>path</item> 0490 <item>interface</item> 0491 <item>member</item> 0492 <item>name</item> 0493 </list> 0494 <list name="rule_dbus_peer"> 0495 <item>name</item> 0496 <item>label</item> 0497 </list> 0498 <list name="rule_dbus_access"> 0499 <!-- Also: r, w, rw, read, write --> 0500 <item>send</item> 0501 <item>receive</item> 0502 <item>bind</item> 0503 <item>eavesdrop</item> 0504 </list> 0505 <list name="rule_dbus_bus"> 0506 <item>system</item> 0507 <item>session</item> 0508 </list> 0509 0510 <!-- Unix Rule --> 0511 <list name="rule_unix_options"> 0512 <item>peer</item> 0513 <item>set</item> 0514 <item>label</item> 0515 <item>type</item> 0516 <item>protocol</item> 0517 <item>addr</item> 0518 <item>attr</item> 0519 <item>opt</item> 0520 </list> 0521 <list name="rule_unix_access"> 0522 <!-- Also: r, w, rw, read, write --> 0523 <item>send</item> 0524 <item>receive</item> 0525 <item>bind</item> 0526 <item>create</item> 0527 <item>listen</item> 0528 <item>accept</item> 0529 <item>connect</item> 0530 <item>shutdown</item> 0531 <item>getattr</item> 0532 <item>setattr</item> 0533 <item>getopt</item> 0534 <item>setopt</item> 0535 </list> 0536 0537 <!-- Rlimit Rule --> 0538 <list name="rule_rlimit"> 0539 <item>cpu</item> 0540 <item>fsize</item> 0541 <item>data</item> 0542 <item>stack</item> 0543 <item>core</item> 0544 <item>rss</item> 0545 <item>nofile</item> 0546 <item>ofile</item> 0547 <item>as</item> 0548 <item>nproc</item> 0549 <item>memlock</item> 0550 <item>locks</item> 0551 <item>sigpending</item> 0552 <item>msgqueue</item> 0553 <item>nice</item> 0554 <item>rtprio</item> 0555 <item>rttime</item> 0556 </list> 0557 0558 <!-- Link Rule --> 0559 <list name="rule_link"> 0560 <item>subset</item> 0561 </list> 0562 0563 <!-- Change Profile Rule --> 0564 <list name="rule_changeprofile"> 0565 <item>safe</item> 0566 <item>unsafe</item> 0567 </list> 0568 0569 <!-- Include Rule --> 0570 <list name="rule_include"> 0571 <item>if</item> 0572 <item>exists</item> 0573 </list> 0574 0575 <!-- Permissions --> 0576 <list name="base_accesses"> 0577 <item>rw</item> 0578 <item>r</item> 0579 <item>w</item> 0580 <item>read</item> 0581 <item>write</item> 0582 </list> 0583 0584 <!-- Abstractions and variables defined in the provided AppArmor policy. 0585 NOTE: The following keywords are not used for highlighting. The purpose of these 0586 is to provide autocomplete suggestions when writing Include rules and variables. --> 0587 <list name="default_variables"> 0588 <item>profile_name</item> <!-- Special variable --> 0589 0590 <item>HOME</item> 0591 <item>HOMEDIRS</item> 0592 <item>multiarch</item> 0593 <item>pid</item> 0594 <item>pids</item> 0595 <item>PROC</item> 0596 <item>securityfs</item> 0597 <item>apparmorfs</item> 0598 <item>sys</item> 0599 <item>tid</item> 0600 <item>XDG_DESKTOP_DIR</item> 0601 <item>XDG_DOWNLOAD_DIR</item> 0602 <item>XDG_TEMPLATES_DIR</item> 0603 <item>XDG_PUBLICSHARE_DIR</item> 0604 <item>XDG_DOCUMENTS_DIR</item> 0605 <item>XDG_MUSIC_DIR</item> 0606 <item>XDG_PICTURES_DIR</item> 0607 <item>XDG_VIDEOS_DIR</item> 0608 <item>flatpak_exports_root</item> 0609 <item>system_share_dirs</item> 0610 <item>user_share_dirs</item> 0611 </list> 0612 <list name="default_abstractions"> 0613 <item>abstractions/</item> 0614 <item>apache2-common</item> 0615 <item>aspell</item> 0616 <item>audio</item> 0617 <item>authentication</item> 0618 <item>base</item> 0619 <item>bash</item> 0620 <item>consoles</item> 0621 <item>cups-client</item> 0622 <item>dbus</item> 0623 <item>dbus-accessibility</item> 0624 <item>dbus-accessibility-strict</item> 0625 <item>dbus-session</item> 0626 <item>dbus-session-strict</item> 0627 <item>dbus-strict</item> 0628 <item>dconf</item> 0629 <item>dovecot-common</item> 0630 <item>dri-common</item> 0631 <item>dri-enumerate</item> 0632 <item>enchant</item> 0633 <item>fcitx</item> 0634 <item>fcitx-strict</item> 0635 <item>fonts</item> 0636 <item>freedesktop.org</item> 0637 <item>gnome</item> 0638 <item>gnupg</item> 0639 <item>ibus</item> 0640 <item>kde-icon-cache-write</item> 0641 <item>kde-globals-write</item> 0642 <item>kde-language-write</item> 0643 <item>kde</item> 0644 <item>kerberosclient</item> 0645 <item>launchpad-integration</item> 0646 <item>ldapclient</item> 0647 <item>libpam-systemd</item> 0648 <item>likewise</item> 0649 <item>mdns</item> 0650 <item>mesa</item> 0651 <item>mir</item> 0652 <item>mozc</item> 0653 <item>mysql</item> 0654 <item>nameservice</item> 0655 <item>nis</item> 0656 <item>nvidia</item> 0657 <item>opencl</item> 0658 <item>opencl-common</item> 0659 <item>opencl-intel</item> 0660 <item>opencl-mesa</item> 0661 <item>opencl-nvidia</item> 0662 <item>opencl-pocl</item> 0663 <item>openssl</item> 0664 <item>orbit2</item> 0665 <item>p11-kit</item> 0666 <item>perl</item> 0667 <item>php</item> 0668 <item>php5</item> 0669 <item>postfix-common</item> 0670 <item>private-files</item> 0671 <item>private-files-strict</item> 0672 <item>python</item> 0673 <item>qt5-compose-cache-write</item> 0674 <item>qt5-settings-write</item> 0675 <item>qt5</item> 0676 <item>recent-documents-write</item> 0677 <item>ruby</item> 0678 <item>samba</item> 0679 <item>smbpass</item> 0680 <item>ssl_certs</item> 0681 <item>ssl_keys</item> 0682 <item>svn-repositories</item> 0683 <item>ubuntu-bittorrent-clients</item> 0684 <item>ubuntu-browsers</item> 0685 <item>ubuntu-console-browsers</item> 0686 <item>ubuntu-console-email</item> 0687 <item>ubuntu-email</item> 0688 <item>ubuntu-feed-readers</item> 0689 <item>ubuntu-gnome-terminal</item> 0690 <item>ubuntu-helpers</item> 0691 <item>ubuntu-konsole</item> 0692 <item>ubuntu-media-players</item> 0693 <item>ubuntu-unity7-base</item> 0694 <item>ubuntu-unity7-launcher</item> 0695 <item>ubuntu-unity7-messaging</item> 0696 <item>ubuntu-xterm</item> 0697 <item>user-download</item> 0698 <item>user-mail</item> 0699 <item>user-manpages</item> 0700 <item>user-tmp</item> 0701 <item>user-write</item> 0702 <item>video</item> 0703 <item>vulkan</item> 0704 <item>wayland</item> 0705 <item>web-data</item> 0706 <item>winbind</item> 0707 <item>wutmp</item> 0708 <item>X</item> 0709 <item>xad</item> 0710 <item>xdg-desktop</item> 0711 0712 <item>ubuntu-browsers.d/</item> 0713 <item>java</item> 0714 <item>mailto</item> 0715 <item>multimedia</item> 0716 <item>plugins-common</item> 0717 <item>productivity</item> 0718 <item>text-editors</item> 0719 <item>ubuntu-integration</item> 0720 <item>ubuntu-integration-xul</item> 0721 <item>user-files</item> 0722 0723 <item>apparmor_api/</item> 0724 <item>change_profile</item> 0725 <item>examine</item> 0726 <item>find_mountpoint</item> 0727 <item>introspect</item> 0728 <item>is_enabled</item> 0729 0730 <item>tunables/</item> 0731 <item>alias</item> 0732 <item>apparmorfs</item> 0733 <item>dovecot</item> 0734 <item>global</item> 0735 <item>home</item> 0736 <item>kernelvars</item> 0737 <item>multiarch</item> 0738 <item>ntpd</item> 0739 <item>proc</item> 0740 <item>securityfs</item> 0741 <item>sys</item> 0742 <item>xdg-user-dirs</item> 0743 <item>home.d/</item> 0744 <item>multiarch.d/</item> 0745 <item>xdg-user-dirs.d/</item> 0746 <item>site.local</item> 0747 0748 <item>local/</item> 0749 </list> 0750 0751 <list name="boolean"> 0752 <item>true</item> 0753 <item>false</item> 0754 </list> 0755 <list name="other_words"> 0756 <item>unspec</item> 0757 <item>none</item> 0758 <item>unconfined</item> 0759 </list> 0760 0761 <!-- Rule Names. 0762 NOTE: 0763 - Each rule name is a keyword in separate lists, since each 0764 has a different context and for a correct delimitation of the words. 0765 - The content of a rule is found in the contexts "_default_rule" 0766 and "_default_rule_with_comments". 0767 - When adding a new rule, add it also in "_end_rule_irnc"! --> 0768 <list name="rule_name_mount"> 0769 <item>mount</item> 0770 <item>remount</item> 0771 <item>umount</item> 0772 </list> 0773 <list name="rule_name_abi"><item>abi</item></list> 0774 <list name="rule_name_alias"><item>alias</item></list> 0775 <list name="rule_name_file"><item>file</item></list> 0776 <list name="rule_name_capability"><item>capability</item></list> 0777 <list name="rule_name_network"><item>network</item></list> 0778 <list name="rule_name_pivotroot"><item>pivot_root</item></list> 0779 <list name="rule_name_ptrace"><item>ptrace</item></list> 0780 <list name="rule_name_signal"><item>signal</item></list> 0781 <list name="rule_name_dbus"><item>dbus</item></list> 0782 <list name="rule_name_unix"><item>unix</item></list> 0783 <list name="rule_name_link"><item>link</item></list> 0784 <list name="rule_name_changeprofile"><item>change_profile</item></list> 0785 <list name="rule_name_rlimit"><item>rlimit</item></list> 0786 <list name="rule_name_set"><item>set</item></list> 0787 0788 <contexts> 0789 0790 <context name="_normal" attribute="Normal Text" lineEndContext="#stay"> 0791 <!-- Preamble --> 0792 0793 <!-- Variable Assignment. 0794 NOTE: 0795 - Variable assignments are not allowed within profiles (when writing assignments within 0796 profiles, the parser shows an error because it does not allow + or = after a variable). 0797 - [Jul 24, 2018] Variables of type "@VAR" will only be highlighted in assignments, as long 0798 as they are not fully supported (apparently, they will be used in conditional expressions). --> 0799 <Detect2Chars context="_variable_assignment" attribute="Variable" char="@" char1="{" lookAhead="true" firstNonSpace="true"/> 0800 <RegExpr context="_variable_assignment_operator" attribute="Variable" String="@&varName;(?=\s*(?:\+?\=|$|\s#))" firstNonSpace="true"/> 0801 <DetectChar context="_variable_assignment_line_general" attribute="Operator 1" char="=" firstNonSpace="true"/> 0802 <Detect2Chars context="_variable_assignment_line" attribute="Operator 1" char="+" char1="=" firstNonSpace="true"/> 0803 <!-- Alias rule --> 0804 <keyword context="_default_rule_with_comments" attribute="Rule" String="rule_name_alias" beginRegion="Rule"/> 0805 0806 <!-- Profile Content (also highlight rules, for abstractions) --> 0807 <IncludeRules context="_default_profile"/> 0808 </context> 0809 0810 <!-- Profile Content, within { ... } --> 0811 <context name="_profile" attribute="Normal Text" lineEndContext="#stay"> 0812 <DetectChar context="#pop" attribute="Operator 1" char="}" endRegion="Profile"/> 0813 <Detect2Chars context="_variable_assignment_error" attribute="Variable" char="@" char1="{" lookAhead="true" firstNonSpace="true"/> 0814 <IncludeRules context="_default_profile"/> 0815 <WordDetect context="#stay" attribute="Error" String="alias"/> <!-- rule_name_alias --> 0816 </context> 0817 0818 <context name="_default_profile" attribute="Normal Text" lineEndContext="#stay"> 0819 <!-- Profile Header --> 0820 <keyword context="_profile_name" attribute="Profile Head" String="profile_head"/> 0821 <RegExpr context="_profile_name" attribute="Profile Head" String="(?:^|\s)\^(?=\S)"/> 0822 <keyword context="#stay" attribute="Option" String="profile_options"/> 0823 0824 <!-- Line Rules --> 0825 <StringDetect context="_include" attribute="Preprocessor" String="#include" insensitive="true"/> 0826 <RegExpr context="_include" attribute="Preprocessor" String="(?:^|\s)include(?=\s)"/> 0827 <DetectChar context="_comment" attribute="Comment" char="#"/> 0828 0829 <!-- Variables --> 0830 <Detect2Chars context="_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> 0831 <Detect2Chars context="_boolean" attribute="Variable" char="$" char1="{" lookAhead="true"/> 0832 <keyword context="#stay" attribute="Other Option" String="boolean" insensitive="true"/> 0833 <RegExpr context="#stay" attribute="Variable" String="\$&varName;(?=[\s\(\)\{\}"@\$#\=\+]|$)"/> 0834 0835 <!-- Brackets --> 0836 <IncludeRules context="_brackets_error"/> <!-- {} --> 0837 <DetectChar context="_profile" attribute="Operator 1" char="{" beginRegion="Profile"/> 0838 <DetectChar context="_parentheses_block_profile" attribute="Normal Text" char="("/> 0839 <DetectChar context="_r_square_brackets" attribute="Globbing Brackets" char="["/> 0840 0841 <!-- Rule Qualifiers --> 0842 <keyword context="#stay" attribute="Rule Access Qualifier" String="rule_access_qualifiers"/> 0843 <keyword context="#stay" attribute="Rule Qualifier" String="rule_qualifiers"/> 0844 <keyword context="#stay" attribute="File Rule Qualifier" String="file_rule_qualifiers"/> 0845 0846 <!-- Rules --> 0847 <keyword context="_rule_abi" attribute="Rule" String="rule_name_abi" beginRegion="Rule"/> 0848 <keyword context="_rule_file" attribute="Rule" String="rule_name_file" beginRegion="Rule"/> 0849 <keyword context="_rule_mount" attribute="Rule" String="rule_name_mount" beginRegion="Rule"/> 0850 <keyword context="_rule_capability" attribute="Rule" String="rule_name_capability" beginRegion="Rule"/> 0851 <keyword context="_rule_network" attribute="Rule" String="rule_name_network" beginRegion="Rule"/> 0852 <keyword context="_rule_pivotroot" attribute="Rule" String="rule_name_pivotroot" beginRegion="Rule"/> 0853 <keyword context="_rule_ptrace" attribute="Rule" String="rule_name_ptrace" beginRegion="Rule"/> 0854 <keyword context="_rule_signal" attribute="Rule" String="rule_name_signal" beginRegion="Rule"/> 0855 <keyword context="_rule_dbus" attribute="Rule" String="rule_name_dbus" beginRegion="Rule"/> 0856 <keyword context="_rule_unix" attribute="Rule" String="rule_name_unix" beginRegion="Rule"/> 0857 <keyword context="_rule_link" attribute="Rule" String="rule_name_link" beginRegion="Rule"/> 0858 <keyword context="_rule_changeprofile" attribute="Rule" String="rule_name_changeprofile" beginRegion="Rule"/> 0859 <keyword context="_rule_rlimit" attribute="Rule Error" String="rule_name_rlimit" beginRegion="Rule"/> <!-- set rlimit --> 0860 <keyword context="_rule_set" attribute="Rule" String="rule_name_set"/> 0861 0862 <!-- Paths, text in quotes, file permissions and others --> 0863 <IncludeRules context="_operators"/> 0864 <IncludeRules context="_find_path"/> 0865 <IncludeRules context="_find_text_quoted"/> 0866 <IncludeRules context="_file_rule_permissions"/> 0867 <keyword context="#stay" String="default_variables"/> 0868 </context> 0869 0870 <!-- Within rules and blocks of parentheses --> 0871 <context name="_common" attribute="Normal Text" lineEndContext="#stay"> 0872 <StringDetect context="#stay" attribute="Error" String="#include" insensitive="true"/> 0873 <RegExpr context="#stay" attribute="Error" String="include(?=\s)" firstNonSpace="true"/> 0874 <IncludeRules context="_brackets_error"/> 0875 0876 <IncludeRules context="_operators"/> 0877 <IncludeRules context="_find_text_quoted"/> 0878 <keyword context="#stay" attribute="Other Data" String="other_words" insensitive="true"/> 0879 <keyword context="#stay" attribute="Other Data" String="boolean" insensitive="true"/> 0880 </context> 0881 0882 <!-- Comment --> 0883 <context name="_comment" attribute="Comment" lineEndContext="#pop"> 0884 <DetectSpaces /> 0885 <LineContinue context="#pop" attribute="Comment"/> 0886 <IncludeRules context="##Comments"/> 0887 <RegExpr context="#stay" attribute="URL in Comment" String="&url;|&email;"/> 0888 </context> 0889 0890 <!-- Profile Header: 0891 Highlight the name of the profile. 0892 The profile name label is written after the hat character (^) or a profile keyword. 0893 AppArmor 3.0 deprecates the use of pathnames as the profiles name. --> 0894 <context name="_profile_name" attribute="Profile Name" lineEndContext="#stay" fallthrough="true" fallthroughContext="#pop"> 0895 <DetectSpaces context="#stay" attribute="Normal Text"/> 0896 <!-- Not highlighting paths and paths quoted. 0897 NOTE: Some profile labels may contain "/" (like [/]). These cases are not considered. --> 0898 <RegExpr context="#pop" attribute="Normal Text" String=""(?:[^/"\\]|\\.)*/" lookAhead="true"/> 0899 <RegExpr context="#pop!_path_content" attribute="Path" String="(?:[^\s"\\]|\\.)*/" lookAhead="true"/> 0900 <DetectChar context="#pop!_profile_name_quoted" attribute="Profile Name" char="""/> 0901 <!-- First word (the profile name) --> 0902 <RegExpr context="#pop!_profile_name_content" attribute="Normal Text" String="[^\s/\^\{]" lookAhead="true"/> 0903 </context> 0904 <context name="_profile_name_content" attribute="Profile Name" lineEndContext="#pop"> 0905 <!-- NOTE: "(" generates errors when calling "get_profiles()" (apparmor_status). This forces to put a space before. --> 0906 <RegExpr context="#pop" attribute="Error" String="\(\S*\)?"/> 0907 <!-- End of the profile name label --> 0908 <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> 0909 <!-- The quote ends the profile name, but it is ideal to put a space before --> 0910 <DetectChar context="#pop" attribute="Normal Text" char=""" lookAhead="true"/> 0911 <RegExpr context="#stay" attribute="Profile Name Error" String="[^\s\(\\](?=["\(])"/> 0912 0913 <StringDetect context="#pop" attribute="Error" String="#include" insensitive="true"/> 0914 <IncludeRules context="_variable_simple"/> 0915 <IncludeRules context="_escape"/> 0916 </context> 0917 <context name="_profile_name_quoted" attribute="Profile Name" lineEndContext="#stay"> 0918 <DetectChar context="#pop" attribute="Profile Name" char="""/> 0919 <IncludeRules context="_variable_simple"/> 0920 <IncludeRules context="_escape"/> 0921 </context> 0922 0923 <!-- Include Rule: include <abstraction/path> --> 0924 <context name="_include" attribute="Preprocessor" lineEndContext="#pop"> 0925 <Detect2Chars context="#pop" attribute="Error" char=""" char1="""/> 0926 <Detect2Chars context="#pop" attribute="Error" char="<" char1=">"/> 0927 <RegExpr context="#stay" attribute="Error" String="<+(?=[<\s])"/> 0928 <RegExpr context="#pop!_include_preplib_thanquot" attribute="Prep. Lib" String="<\s*(?=")"/> <!-- <"path"> --> 0929 <DetectChar context="#pop!_include_preplib_than" attribute="Prep. Lib" char="<" lookAhead="true"/> <!-- <magic/path> --> 0930 <DetectChar context="#pop!_include_preplib_quot" attribute="Prep. Lib" char="""/> <!-- "/abs/path" --> 0931 <keyword context="#stay" attribute="Preprocessor" String="rule_include"/> 0932 <RegExpr context="#pop" attribute="Prep. Lib" String="[^\s/"<>]*/\S*(?=\s|$)"/> <!-- /abs/path --> 0933 </context> 0934 <context name="_include_preplib_than" attribute="Prep. Lib" lineEndContext="#pop"> 0935 <DetectChar context="#pop" attribute="Prep. Lib" char=">"/> 0936 <keyword context="#stay" attribute="Prep. Lib" String="default_abstractions"/> 0937 <RegExpr context="#pop" attribute="Open Prep. Lib" String="[^>\s](?=\s*$)"/> 0938 </context> 0939 <context name="_include_preplib_quot" attribute="Prep. Lib" lineEndContext="#pop"> 0940 <DetectChar context="#pop" attribute="Prep. Lib" char="""/> 0941 <keyword context="#stay" attribute="Prep. Lib" String="default_abstractions"/> 0942 <RegExpr context="#pop" attribute="Open Prep. Lib" String="[^"\s](?=\s*$)"/> 0943 </context> 0944 <context name="_include_preplib_thanquot" attribute="Prep. Lib" lineEndContext="#pop"> 0945 <DetectChar context="_include_preplib_quot" attribute="Prep. Lib" char="""/> 0946 <IncludeRules context="_include_preplib_than"/> 0947 </context> 0948 0949 <!-- ABI Rule --> 0950 <context name="_rule_abi" attribute="Error" lineEndContext="#stay"> 0951 <DetectSpaces attribute="Normal Text"/> 0952 <RegExpr context="#pop!_abi_path_thanquot" attribute="Prep. Lib" String="<\s*(?=")"/> <!-- <"path"> --> 0953 <DetectChar context="#pop!_abi_path_than" attribute="Prep. Lib" char="<" lookAhead="true"/> <!-- <magic/path> --> 0954 <DetectChar context="#pop!_abi_path_quot" attribute="Prep. Lib" char="""/> <!-- "/abs/path" --> 0955 <IncludeRules context="_end_rule"/> 0956 <DetectChar context="_comment" attribute="Comment" char="#"/> 0957 <!-- /abs/path --> 0958 <RegExpr context="#stay" attribute="Error" String="[^\s"<]+(?=["<])"/> 0959 <RegExpr context="#pop!_abi_path_text" attribute="Prep. Lib" String="[^\s"<]" lookAhead="true"/> 0960 </context> 0961 0962 <context name="_abi_path_text" attribute="Prep. Lib" lineEndContext="#pop!_rule_abi_after_path"> 0963 <RegExpr context="#pop!_rule_abi_after_path" String="&endPath;" lookAhead="true"/> 0964 <DetectSpaces context="#pop!_rule_abi_after_path" lookAhead="true"/> 0965 <AnyChar context="#stay" attribute="Error" String=""<>"/> 0966 </context> 0967 <context name="_abi_path_quot" attribute="Prep. Lib" lineEndContext="#stay"> 0968 <DetectChar context="#pop!_rule_abi_after_path" attribute="Prep. Lib" char="""/> 0969 <IncludeRules context="_escape"/> 0970 </context> 0971 <context name="_abi_path_than" attribute="Prep. Lib" lineEndContext="#pop!_rule_abi_after_path"> 0972 <DetectChar context="#pop!_rule_abi_after_path" attribute="Prep. Lib" char=">"/> 0973 <RegExpr context="#pop!_rule_abi_after_path" attribute="Open Prep. Lib" String="[^>\s](?=\s*$)"/> 0974 </context> 0975 <context name="_abi_path_thanquot" attribute="Prep. Lib" lineEndContext="#pop!_rule_abi_after_path"> 0976 <DetectChar context="_abi_path_thanquot_quot" attribute="Prep. Lib" char="""/> 0977 <IncludeRules context="_abi_path_than"/> 0978 </context> 0979 <context name="_abi_path_thanquot_quot" attribute="Prep. Lib" lineEndContext="#stay"> 0980 <DetectChar context="#pop" attribute="Prep. Lib" char="""/> 0981 <IncludeRules context="_escape"/> 0982 </context> 0983 0984 <context name="_rule_abi_after_path" attribute="Error" lineEndContext="#stay"> 0985 <DetectSpaces attribute="Normal Text"/> 0986 <IncludeRules context="_end_rule"/> 0987 <DetectChar context="_comment" attribute="Comment" char="#"/> 0988 </context> 0989 0990 <!-- @{VARIABLE} --> 0991 <context name="_variable" attribute="Variable" lineEndContext="#pop"> 0992 <RegExpr context="#pop!_find_path_after_variable" attribute="Variable" String="&variable;"/> 0993 <DetectChar context="#pop" attribute="Error" char="@"/> 0994 </context> 0995 <context name="_parentheses_variable" attribute="Variable" lineEndContext="#pop"> 0996 <RegExpr context="#pop!_parentheses_find_path_after_variable" attribute="Variable" String="&variable;"/> 0997 <DetectChar context="#pop" attribute="Error" char="@"/> 0998 </context> 0999 <context name="_variable_simple" attribute="Normal Text" lineEndContext="#stay"> 1000 <RegExpr context="#stay" attribute="Variable" String="&variable;"/> 1001 </context> 1002 1003 <!-- Find path after a variable --> 1004 <context name="_find_path_after_variable" attribute="Path" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop!_path_content"> 1005 <DetectSpaces context="#pop" lookAhead="true"/> 1006 <AnyChar context="#pop" String="&noPathCharWithoutSpace;]}=" lookAhead="true"/> 1007 <RegExpr context="#pop" String="[[:cntrl:]]" lookAhead="true"/> <!-- It is necessary? --> 1008 </context> 1009 <context name="_parentheses_find_path_after_variable" attribute="Path" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop!_parentheses_path_content"> 1010 <DetectChar context="#pop" char="," lookAhead="true"/> 1011 <IncludeRules context="_find_path_after_variable"/> 1012 </context> 1013 1014 <!-- @{VARIABLE} = A B C --> 1015 <context name="_variable_assignment" attribute="Variable" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop"> 1016 <RegExpr context="#pop!_variable_assignment_operator" attribute="Variable" String="&variable;"/> 1017 <DetectChar context="#pop" attribute="Error" char="@"/> 1018 </context> 1019 <context name="_variable_assignment_operator" attribute="Normal Text" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop!_path_content"> 1020 <!-- After the operator, highlighting as "Path" the entire line --> 1021 <RegExpr context="#pop!_variable_assignment_line" attribute="Operator 1" String="\s*\+?\="/> 1022 <DetectChar context="#pop!_path_content" attribute="Error" char="+"/> 1023 <IncludeRules context="_find_path_after_variable"/> 1024 </context> 1025 <context name="_variable_assignment_line" attribute="Path" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop!_variable_assignment_line_content"> 1026 <DetectChar context="#pop!_variable_assignment_line_content" attribute="Error" char="#"/> <!-- Comment --> 1027 </context> 1028 <context name="_variable_assignment_line_content" attribute="Path" lineEndContext="#pop"> 1029 <LineContinue context="#stay" attribute="Escape Char"/> 1030 <IncludeRules context="_path_globbing"/> 1031 <IncludeRules context="_find_text_quoted"/> 1032 <IncludeRules context="_variable_simple"/> 1033 <Detect2Chars context="_hat_path" char="/" char1="/" lookAhead="true"/> 1034 <RegExpr context="#stay" attribute="Error" String=",(?=[\s"]|$)"/> <!-- End of rule comma (&endPath;) --> 1035 <StringDetect context="#stay" attribute="Error" String="#include" insensitive="true"/> 1036 1037 <!-- NOTE: [V4][Jan 06, 2018] AppArmor does not detect comments in variable assignment lines 1038 (these are carried through to the policy). This is an AppArmor bug, therefore, the hash 1039 character after a space is highlighted as "Error". Check this when the bug has been fixed. --> 1040 <RegExpr context="_comment_variable_assignment_line" attribute="Path" String="\s(?=#)"/> 1041 </context> 1042 <context name="_comment_variable_assignment_line" attribute="Error" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop"> 1043 <DetectChar context="#pop" attribute="Error" char="#"/> 1044 </context> 1045 <context name="_variable_assignment_line_general" attribute="Path" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop!_variable_assignment_line"> 1046 <keyword context="#pop!_variable_assignment_line" attribute="Other Option" String="boolean" insensitive="true"/> 1047 <DetectSpaces context="#stay"/> 1048 </context> 1049 1050 <!-- Within the profiles, highlight as "Error" the operators of variable assignment (= and +=) --> 1051 <context name="_variable_assignment_error" attribute="Variable" lineEndContext="#pop"> 1052 <RegExpr context="#pop!_variable_assignment_error_operator" attribute="Variable" String="&variable;"/> 1053 <DetectChar context="#pop" attribute="Error" char="@"/> 1054 </context> 1055 <context name="_variable_assignment_error_operator" attribute="Normal Text" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop!_find_path_after_variable"> 1056 <DetectChar context="#pop!_find_path_after_variable" attribute="Error" char="="/> 1057 <Detect2Chars context="#pop!_find_path_after_variable" attribute="Error" char="+" char1="="/> 1058 <RegExpr context="#pop!_variable_assignment_error_operator_after_spaces" String="\s+(?=\+?\=)"/> 1059 </context> 1060 <context name="_variable_assignment_error_operator_after_spaces" attribute="Normal Text" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop"> 1061 <DetectChar context="#pop" attribute="Error" char="="/> 1062 <Detect2Chars context="#pop" attribute="Error" char="+" char1="="/> 1063 </context> 1064 1065 <!-- ${BOOLEAN} --> 1066 <context name="_boolean" attribute="Variable" lineEndContext="#pop"> 1067 <RegExpr context="#pop" attribute="Variable" String="\$\{&varName;\}"/> 1068 <DetectChar context="#pop" attribute="Error" char="$"/> 1069 </context> 1070 1071 <!-- Access Modes / File Permissions --> 1072 <context name="_permissions" attribute="Normal Text" lineEndContext="#stay"> 1073 <IncludeRules context="_permissions_correction"/> 1074 <RegExpr context="#stay" attribute="Permissions" String="(?:^|\s)(?:(?:[rwkml]|&exec;)+|(?:[rakml]|&exec;)+)(?=[\s,]|$)"/> 1075 </context> 1076 <context name="_file_rule_permissions" attribute="Normal Text" lineEndContext="#stay"> 1077 <IncludeRules context="_permissions_correction"/> 1078 <RegExpr context="_rule_file" attribute="Permissions" String="(?:^|\s)(?:(?:[rwkml]|&exec;)+|(?:[rakml]|&exec;)+)(?=[\s,]|$)"/> 1079 </context> 1080 <context name="_permissions_correction" attribute="Normal Text" lineEndContext="#stay"> 1081 <!-- Incompatible execution modes --> 1082 <RegExpr context="_perm_correction_in" String="&perm_correction_in;" lookAhead="true" minimal="1"/> 1083 </context> 1084 <context name="_perm_correction_in" attribute="Normal Text" lineEndContext="#pop"> 1085 <!-- Highlight the previous space or the full permission --> 1086 <DetectSpaces context="#pop"/> 1087 <DetectIdentifier context="#pop"/> 1088 </context> 1089 1090 <!-- Operators --> 1091 <context name="_operators" attribute="Normal Text" lineEndContext="#stay"> 1092 <DetectChar context="#stay" attribute="Operator 1" char="="/> 1093 <Detect2Chars context="#stay" attribute="Operator 1" char="+" char1="="/> 1094 <Detect2Chars context="#stay" attribute="Operator 2" char="-" char1=">"/> 1095 </context> 1096 <context name="_operators_in" attribute="Normal Text" lineEndContext="#stay"> 1097 <!-- Only in mount rules --> 1098 <RegExpr context="#stay" attribute="Operator 2" String="\b(?:in)(?=[\s\(\{\["/@\$]|$)"/> 1099 </context> 1100 1101 <!-- RULES --> 1102 1103 <!-- For all rules --> 1104 <!-- Also see: _default_parentheses_block_rule --> 1105 <context name="_common_rule" attribute="Normal Text" lineEndContext="#stay"> 1106 <!-- Highlight as path the text after the '=' operator, except keywords or simple words ([\w\-\+]+) --> 1107 <RegExpr context="#stay" attribute="Error" String="\=(?=\s*(?:$|&endPath;))"/> 1108 <RegExpr context="_path_content" attribute="Operator 1" String="\=\s*(?=[^\s"\(]*(?:[^&noPathChar;\]\}\=\w\+\-\(,]|,[^&noPathChar;]))"/> 1109 <Detect2Chars context="_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> 1110 <IncludeRules context="_find_path"/> 1111 1112 <IncludeRules context="_common"/> 1113 <DetectChar context="_r_curly_brackets" attribute="Globbing Brackets" char="{"/> 1114 <DetectChar context="_r_square_brackets" attribute="Globbing Brackets" char="["/> 1115 <!-- This must be at the end of each context (to avoid conflicts with some keywords) --> 1116 <IncludeRules context="_end_rule"/> 1117 </context> 1118 <context name="_default_rule_without_parentheses" attribute="Normal Text" lineEndContext="#stay"> 1119 <IncludeRules context="_common_rule"/> 1120 <!-- AppArmor does not detect comments within rules (except in file & alias rules) --> 1121 <IncludeRules context="_comment_not_allowed"/> 1122 </context> 1123 <context name="_default_rule" attribute="Normal Text" lineEndContext="#stay"> 1124 <IncludeRules context="_default_rule_without_parentheses"/> 1125 <DetectChar context="_default_parentheses_block_rule" attribute="Normal Text" char="("/> 1126 </context> 1127 <context name="_default_rule_with_comments" attribute="Normal Text" lineEndContext="#stay"> 1128 <IncludeRules context="_common_rule"/> 1129 <DetectChar context="_comment" attribute="Comment" char="#"/> 1130 </context> 1131 1132 <context name="_comment_not_allowed" attribute="Normal Text" lineEndContext="#stay"> 1133 <DetectChar context="_comment" attribute="Error" char="#" firstNonSpace="true"/> 1134 <DetectChar context="#stay" attribute="Error" char="#"/> 1135 </context> 1136 1137 <!-- Network Rule --> 1138 <context name="_rule_network" attribute="Normal Text" lineEndContext="#stay"> 1139 <keyword context="#stay" attribute="Data" String="rule_network"/> 1140 <keyword context="#stay" attribute="Data" String="rule_network_unix"/> 1141 <IncludeRules context="_default_rule"/> 1142 </context> 1143 1144 <!-- Capability Rule --> 1145 <context name="_rule_capability" attribute="Normal Text" lineEndContext="#stay"> 1146 <keyword context="#stay" attribute="Data" String="rule_capability"/> 1147 <IncludeRules context="_default_rule"/> 1148 </context> 1149 1150 <!-- Mount Rule --> 1151 <context name="_rule_mount" attribute="Normal Text" lineEndContext="#stay"> 1152 <keyword context="#stay" attribute="Option" String="rule_mount_options"/> 1153 <IncludeRules context="_mount_rule_keywords"/> 1154 <IncludeRules context="_default_rule_without_parentheses"/> 1155 <DetectChar context="_mount_parentheses_block" attribute="Normal Text" char="("/> 1156 </context> 1157 <context name="_mount_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> 1158 <IncludeRules context="_mount_rule_keywords"/> 1159 <IncludeRules context="_default_parentheses_block_rule"/> 1160 </context> 1161 <context name="_mount_rule_keywords" attribute="Normal Text" lineEndContext="#stay"> 1162 <keyword context="#stay" attribute="Permissions" String="rule_mount_flags"/> 1163 <keyword context="#stay" attribute="Flags" String="rule_mount_fstypes"/> 1164 <IncludeRules context="_operators_in"/> 1165 </context> 1166 1167 <!-- Pivot Root Rule --> 1168 <context name="_rule_pivotroot" attribute="Normal Text" lineEndContext="#stay"> 1169 <keyword context="#stay" attribute="Option" String="rule_pivotroot_options"/> 1170 <IncludeRules context="_default_rule"/> 1171 </context> 1172 1173 <!-- Ptrace Rule --> 1174 <context name="_rule_ptrace" attribute="Normal Text" lineEndContext="#stay"> 1175 <keyword context="#stay" attribute="Option" String="rule_ptrace_options"/> 1176 <IncludeRules context="_ptrace_rule_keywords"/> 1177 <IncludeRules context="_default_rule_without_parentheses"/> 1178 <DetectChar context="_ptrace_parentheses_block" attribute="Normal Text" char="("/> 1179 </context> 1180 <context name="_ptrace_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> 1181 <keyword context="#stay" attribute="Other Option" String="rule_ptrace_options"/> 1182 <IncludeRules context="_ptrace_rule_keywords"/> 1183 <IncludeRules context="_default_parentheses_block_rule"/> 1184 </context> 1185 <context name="_ptrace_rule_keywords" attribute="Normal Text" lineEndContext="#stay"> 1186 <keyword context="#stay" attribute="Permissions" String="rule_ptrace_access"/> 1187 <keyword context="#stay" attribute="Permissions" String="base_accesses"/> 1188 </context> 1189 1190 <!-- Signal Rule --> 1191 <context name="_rule_signal" attribute="Normal Text" lineEndContext="#stay"> 1192 <keyword context="#stay" attribute="Option" String="rule_signal_options"/> 1193 <IncludeRules context="_signal_rule_keywords"/> 1194 <IncludeRules context="_default_rule_without_parentheses"/> 1195 <DetectChar context="_signal_parentheses_block" attribute="Normal Text" char="("/> 1196 </context> 1197 <context name="_signal_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> 1198 <IncludeRules context="_signal_rule_keywords"/> 1199 <keyword context="#stay" attribute="Other Option" String="rule_signal_options"/> 1200 <IncludeRules context="_default_parentheses_block_rule"/> 1201 </context> 1202 <context name="_signal_rule_keywords" attribute="Normal Text" lineEndContext="#stay"> 1203 <keyword context="#stay" attribute="Flags" String="rule_signal"/> 1204 <keyword context="#stay" attribute="Permissions" String="rule_signal_access"/> 1205 <keyword context="#stay" attribute="Permissions" String="base_accesses"/> 1206 <RegExpr context="#stay" attribute="Flags" String="\brtmin\+0*(?:3[012]|[12]?\d)\b"/> <!-- rtmin+0 ... rtmin+32 --> 1207 </context> 1208 1209 <!-- DBus Rule --> 1210 <context name="_rule_dbus" attribute="Normal Text" lineEndContext="#stay"> 1211 <keyword context="#stay" attribute="Option" String="rule_dbus_options"/> 1212 <IncludeRules context="_dbus_rule_keywords"/> 1213 <IncludeRules context="_default_rule_without_parentheses"/> 1214 <DetectChar context="_dbus_parentheses_block" attribute="Normal Text" char="("/> 1215 </context> 1216 <context name="_dbus_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> 1217 <keyword context="#stay" attribute="Other Option" String="rule_dbus_peer"/> 1218 <IncludeRules context="_dbus_rule_keywords"/> 1219 <IncludeRules context="_default_parentheses_block_rule"/> 1220 </context> 1221 <context name="_dbus_rule_keywords" attribute="Normal Text" lineEndContext="#stay"> 1222 <keyword context="#stay" attribute="Other Data" String="rule_dbus_bus"/> 1223 <keyword context="#stay" attribute="Permissions" String="rule_dbus_access"/> 1224 <keyword context="#stay" attribute="Permissions" String="base_accesses"/> 1225 </context> 1226 1227 <!-- Unix Rule --> 1228 <context name="_rule_unix" attribute="Normal Text" lineEndContext="#stay"> 1229 <keyword context="#stay" attribute="Option" String="rule_unix_options"/> 1230 <IncludeRules context="_unix_rule_keywords"/> 1231 <IncludeRules context="_default_rule_without_parentheses"/> 1232 <DetectChar context="_path_content" attribute="Path" char="@" lookAhead="true"/> <!-- Socket --> 1233 <DetectChar context="_unix_parentheses_block" attribute="Normal Text" char="("/> 1234 </context> 1235 <context name="_unix_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> 1236 <IncludeRules context="_unix_rule_keywords"/> 1237 <keyword context="#stay" attribute="Other Option" String="rule_unix_options"/> 1238 <IncludeRules context="_default_parentheses_block_rule"/> 1239 <DetectChar context="_parentheses_path_content" attribute="Path" char="@" lookAhead="true"/> 1240 </context> 1241 <context name="_unix_rule_keywords" attribute="Normal Text" lineEndContext="#stay"> 1242 <keyword context="#stay" attribute="Permissions" String="rule_unix_access"/> 1243 <keyword context="#stay" attribute="Permissions" String="base_accesses"/> 1244 <keyword context="#stay" attribute="Data" String="rule_network"/> 1245 </context> 1246 1247 <!-- Rlimit Rule --> 1248 <context name="_rule_set" attribute="Normal Text" lineEndContext="#stay" fallthrough="true" fallthroughContext="#pop"> 1249 <keyword context="#pop!_rule_rlimit" attribute="Rule" String="rule_name_rlimit" beginRegion="Rule"/> 1250 <DetectSpaces context="#stay" attribute="Normal Text"/> 1251 <RegExpr context="_comment" attribute="Comment" String="#(?!include)" insensitive="true"/> 1252 </context> 1253 <context name="_rule_rlimit" attribute="Normal Text" lineEndContext="#stay"> 1254 <keyword context="#stay" attribute="Data" String="rule_rlimit"/> 1255 <Detect2Chars context="#stay" attribute="Operator 2" char="<" char1="="/> 1256 <RegExpr context="#stay" attribute="Number" String="\-(?:20|1?\d)\b"/> 1257 <RegExpr context="_number_unit" attribute="Number" String="\b\d+"/> <!-- Rules Int don't use '-' as a delimiter --> 1258 <WordDetect context="#stay" attribute="Number" String="infinity"/> 1259 <RegExpr context="#stay" attribute="Numerical Unit" String="\b(?:[KMG]B?|[shd]|us|ms|min|sec|(?:minute|day|hour|week|second)(?:s?)|(?:milli|micro)second(?:s?))\b"/> 1260 <IncludeRules context="_default_rule"/> 1261 </context> 1262 <context name="_number_unit" attribute="Normal Text" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop"> 1263 <RegExpr context="#pop" attribute="Numerical Unit" String="(?:[KMG]B?|[shd]|us|ms|min|sec|(?:minute|day|hour|week|second)(?:s?)|(?:milli|micro)second(?:s?))\b"/> 1264 </context> 1265 1266 <!-- Link Rule --> 1267 <context name="_rule_link" attribute="Normal Text" lineEndContext="#stay"> 1268 <keyword context="#stay" attribute="Data" String="rule_link"/> 1269 <IncludeRules context="_default_rule"/> 1270 </context> 1271 1272 <!-- Change Profile Rule --> 1273 <context name="_rule_changeprofile" attribute="Normal Text" lineEndContext="#stay"> 1274 <Detect2Chars context="#pop!_profile_transition" attribute="Operator 2" char="-" char1=">"/> 1275 <keyword context="#stay" attribute="Data" String="rule_changeprofile"/> 1276 <IncludeRules context="_default_rule"/> 1277 </context> 1278 1279 <!-- File Rule --> 1280 <context name="_rule_file" attribute="Normal Text" lineEndContext="#stay"> 1281 <Detect2Chars context="#pop!_profile_transition" attribute="Operator 2" char="-" char1=">"/> 1282 <IncludeRules context="_default_rule_with_comments"/> 1283 <IncludeRules context="_permissions"/> 1284 </context> 1285 1286 <!-- Profile Transition: 1287 Highlight the profile name in File Rules (Execute Mode) and Change Profile Rules. --> 1288 <context name="_profile_transition" attribute="Transition Profile Name" lineEndContext="#stay" fallthrough="true" fallthroughContext="#pop"> 1289 <DetectSpaces context="#stay" attribute="Normal Text"/> 1290 <!-- Not highlighting paths and paths quoted --> 1291 <RegExpr context="#pop!_default_rule_with_comments" String="&path;" lookAhead="1"/> 1292 1293 <DetectChar context="#pop!_t_profile_name_quoted" attribute="Transition Profile Name" char="""/> 1294 <RegExpr context="#pop!_profile_transition_content" attribute="Normal Text" String="[^\s/]" lookAhead="true"/> <!-- First word --> 1295 </context> 1296 <context name="_profile_transition_content" attribute="Transition Profile Name" lineEndContext="#pop!_default_rule_with_comments"> 1297 <RegExpr context="#pop!_default_rule_with_comments" attribute="Error" String="\(\S*(?=,(?:[&noPathChar;]|$))"/> 1298 <RegExpr context="#pop!_default_rule_with_comments" attribute="Normal Text" String="&endPath;" lookAhead="true"/> <!-- End rule --> 1299 <DetectSpaces context="#pop" attribute="Normal Text" lookAhead="true"/> <!-- End of the profile name --> 1300 1301 <DetectChar context="#stay" attribute="Error" char="""/> 1302 <StringDetect context="#pop!_default_rule_with_comments" attribute="Error" String="#include" insensitive="true"/> 1303 <RegExpr context="#stay" String="//(?=&endPath;)"/> 1304 <IncludeRules context="_default_profile_transition"/> 1305 </context> 1306 <context name="_t_profile_name_quoted" attribute="Transition Profile Name" lineEndContext="#pop!_default_rule_with_comments"> 1307 <DetectChar context="#pop!_default_rule_with_comments" attribute="Transition Profile Name" char="""/> 1308 <IncludeRules context="_default_profile_transition"/> 1309 </context> 1310 <context name="_default_profile_transition" attribute="Transition Profile Name" lineEndContext="#stay"> 1311 <IncludeRules context="_variable_simple"/> 1312 <AnyChar context="#stay" attribute="Globbing Char in Tran. Prof." String="&globbChars;"/> 1313 <IncludeRules context="_profile_transition_escape"/> 1314 <RegExpr context="#stay" attribute="Hat Operator in Tran. Prof." String="//(?=[^&noPathChar;/])"/> 1315 </context> 1316 1317 <!-- Change Hat / Child Profile (name//HAT). 1318 NOTE: Old style (name^HAT) not included --> 1319 <context name="_hat_path" attribute="Path" lineEndContext="#pop"> 1320 <RegExpr context="#pop" attribute="Path" String="/(?=/&endPath;)"/> 1321 <RegExpr context="#pop!_hat_path_content" attribute="SubProfile/Hat Operator" String="//(?=(?:[^\s"/\\]|\\.)+(?:[\s"]|$))"/> 1322 <DetectChar context="#pop" attribute="Path" char="/"/> 1323 </context> 1324 <context name="_hat_path_parentheses" attribute="Path" lineEndContext="#pop"> 1325 <RegExpr context="#pop!_hat_path_parentheses_content" attribute="SubProfile/Hat Operator" String="//(?=(?:[^&noPathChar;/\\,]|\\.)+(?:[&noPathChar;,]|$))"/> 1326 <DetectChar context="#pop" attribute="Path" char="/"/> 1327 </context> 1328 <context name="_hat_path_quoted" attribute="Text Quoted" lineEndContext="#pop"> 1329 <RegExpr context="#pop!_hat_path_quoted_content" attribute="SubProfile/Hat Operator" String="//(?=(?:[^"/\\]|\\.)+")"/> 1330 <DetectChar context="#pop" attribute="Text Quoted" char="/"/> 1331 </context> 1332 1333 <context name="_hat_path_content" attribute="SubProfile/Hat" lineEndContext="#pop"> 1334 <RegExpr context="#pop" String="&endPath;" lookAhead="true"/> <!-- End Path --> 1335 <IncludeRules context="_default_path"/> 1336 </context> 1337 <context name="_hat_path_parentheses_content" attribute="SubProfile/Hat" lineEndContext="#pop"> 1338 <DetectChar context="#pop" char="," lookAhead="true"/> <!-- End Path --> 1339 <IncludeRules context="_default_path"/> 1340 </context> 1341 <context name="_hat_path_quoted_content" attribute="SubProfile/Hat" lineEndContext="#pop"> 1342 <DetectChar context="#pop" char=""" lookAhead="true"/> 1343 <IncludeRules context="_default_quoted"/> 1344 </context> 1345 1346 <!-- Parentheses Block: ( ) 1347 NOTE: Here special contexts are used for paths, strings and brackets. The "," character acts as a delimiter. --> 1348 <context name="_common_parentheses_block" attribute="Normal Text" lineEndContext="#stay"> 1349 <DetectChar context="#pop" attribute="Normal Text" char=")"/> 1350 <!-- Highlight as path the text after the '=' operator, except keywords or simple words ([\w\-\+]+) --> 1351 <RegExpr context="#stay" attribute="Error" String="\=(?=\s*(?:$|[,\)]))"/> 1352 <RegExpr context="_parentheses_path_content" attribute="Operator 1" String="\=\s*(?=[^\s"\(\),]*[^&noPathChar;\]\}\=\w\+\-\(,])"/> 1353 <DetectChar context="_parentheses_path_content" attribute="Path" char="/" lookAhead="true"/> 1354 <Detect2Chars context="_parentheses_variable" attribute="Variable" char="@" char1="{" lookAhead="true"/> 1355 1356 <IncludeRules context="_common"/> 1357 <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> 1358 <DetectChar context="_p_curly_brackets" attribute="Globbing Brackets" char="{"/> 1359 <DetectChar context="_p_square_brackets" attribute="Globbing Brackets" char="["/> 1360 <IncludeRules context="_comment_not_allowed"/> 1361 </context> 1362 <context name="_parentheses_block_profile" attribute="Normal Text" lineEndContext="#stay"> 1363 <keyword context="#stay" attribute="Flags" String="profile_flags"/> 1364 <!-- Used by xattrs --> 1365 <RegExpr context="#stay" attribute="Other Option" String="\b[a-zA-Z](?:\.?[\w\-])*(?=\s*\=)"/> 1366 <IncludeRules context="_common_parentheses_block"/> 1367 <IncludeRules context="_end_rule_irnc"/> 1368 </context> 1369 <!-- Parentheses Block within Rules --> 1370 <context name="_default_parentheses_block_rule" attribute="Normal Text" lineEndContext="#stay"> 1371 <IncludeRules context="_common_parentheses_block"/> 1372 <IncludeRules context="_end_rule_irnc_parentheses_rule"/> 1373 </context> 1374 1375 <!-- Finding the end of a rule --> 1376 <context name="_end_rule" attribute="Normal Text" lineEndContext="#stay"> 1377 <RegExpr context="#stay" attribute="Normal Text" String=",(?=\)|[\w\-]+[^\s\w\-,#\("])"/> <!-- Fix possible incorrect rule closures --> 1378 <DetectChar context="#pop" attribute="End of Rule Char" char="," endRegion="Rule"/> 1379 <IncludeRules context="_end_rule_irnc"/> 1380 </context> 1381 <!-- Rule/Profile on new line, in rule not closed --> 1382 <context name="_end_rule_irnc" attribute="Normal Text" lineEndContext="#stay"> 1383 <keyword String="profile_head" context="#pop!_profile_name" attribute="Profile Head Error" firstNonSpace="true" endRegion="Rule"/> 1384 <keyword String="rule_access_qualifiers" context="#pop" attribute="Rule Access Qualifier Error" firstNonSpace="true" endRegion="Rule"/> 1385 <keyword String="rule_qualifiers" context="#pop" attribute="Rule Qualifier Error" firstNonSpace="true" endRegion="Rule"/> 1386 <keyword String="file_rule_qualifiers" context="#pop" attribute="File Rule Qualifier Error" firstNonSpace="true" endRegion="Rule"/> 1387 <RegExpr String="set(?=\s+rlimit\b)" context="#pop" attribute="Rule Error" firstNonSpace="true" endRegion="Rule"/> 1388 1389 <keyword String="rule_name_abi" context="#pop!_rule_abi" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1390 <keyword String="rule_name_file" context="#pop!_rule_file" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1391 <keyword String="rule_name_capability" context="#pop!_rule_capability" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1392 <keyword String="rule_name_network" context="#pop!_rule_network" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1393 <keyword String="rule_name_pivotroot" context="#pop!_rule_pivotroot" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1394 <keyword String="rule_name_ptrace" context="#pop!_rule_ptrace" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1395 <keyword String="rule_name_signal" context="#pop!_rule_signal" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1396 <keyword String="rule_name_dbus" context="#pop!_rule_dbus" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1397 <keyword String="rule_name_link" context="#pop!_rule_link" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1398 <keyword String="rule_name_changeprofile" context="#pop!_rule_changeprofile" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1399 <keyword String="rule_name_rlimit" context="#pop!_rule_rlimit" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1400 <!-- This must be at the end of each rule context, to avoid replacing the 'unix' & 'remount' keywords 1401 ('unix' is also a domain of the network rule; 'remount' is also a flag of the mount rule). --> 1402 <keyword String="rule_name_mount" context="#pop!_rule_mount" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1403 <keyword String="rule_name_unix" context="#pop!_rule_unix" attribute="Rule Error" firstNonSpace="true" endRegion="Rule" beginRegion="Rule"/> 1404 <!-- Not included: alias rule --> 1405 </context> 1406 <!-- For blocks of parentheses within rules (the same keywords as "_end_rule_irnc"!) --> 1407 <context name="_end_rule_irnc_parentheses_rule" attribute="Normal Text" lineEndContext="#stay"> 1408 <keyword String="profile_head" context="#pop" attribute="Profile Head Error" lookAhead="true" firstNonSpace="true"/> 1409 <keyword String="rule_access_qualifiers" context="#pop" attribute="Rule Access Qualifier Error" lookAhead="true" firstNonSpace="true"/> 1410 <keyword String="rule_qualifiers" context="#pop" attribute="Rule Qualifier Error" lookAhead="true" firstNonSpace="true"/> 1411 <keyword String="file_rule_qualifiers" context="#pop" attribute="File Rule Qualifier Error" lookAhead="true" firstNonSpace="true"/> 1412 <RegExpr String="set(?=\s+rlimit\b)" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1413 <keyword String="rule_name_abi" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1414 <keyword String="rule_name_file" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1415 <keyword String="rule_name_capability" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1416 <keyword String="rule_name_network" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1417 <keyword String="rule_name_pivotroot" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1418 <keyword String="rule_name_ptrace" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1419 <keyword String="rule_name_signal" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1420 <keyword String="rule_name_dbus" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1421 <keyword String="rule_name_link" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1422 <keyword String="rule_name_changeprofile" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1423 <keyword String="rule_name_rlimit" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1424 <!-- Keep at the end to avoid conflicts! --> 1425 <keyword String="rule_name_mount" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1426 <keyword String="rule_name_unix" context="#pop" attribute="Rule Error" lookAhead="true" firstNonSpace="true"/> 1427 <!-- Not included: alias rule --> 1428 </context> 1429 1430 <!-- Paths & File Globals --> 1431 1432 <context name="_find_path" attribute="Normal Text" lineEndContext="#stay"> 1433 <DetectChar context="_path_content" attribute="Path" char="/" lookAhead="true"/> 1434 <RegExpr context="_path_content" String=":(?:[^\:&noPathChar;\(\\]|\\.)+:" lookAhead="true"/> <!-- :namespace: --> 1435 </context> 1436 <context name="_path_content" attribute="Path" lineEndContext="#pop"> 1437 <RegExpr context="#pop" String="&endPath;" lookAhead="true"/> 1438 <IncludeRules context="_default_path"/> 1439 <Detect2Chars context="_hat_path" char="/" char1="/" lookAhead="true"/> 1440 </context> 1441 <context name="_parentheses_path_content" attribute="Path" lineEndContext="#pop"> 1442 <DetectChar context="#pop" char="," lookAhead="true"/> 1443 <IncludeRules context="_default_path"/> 1444 <Detect2Chars context="_hat_path_parentheses" char="/" char1="/" lookAhead="true"/> 1445 </context> 1446 <context name="_default_path" attribute="Path" lineEndContext="#pop"> 1447 <DetectSpaces context="#pop" lookAhead="true"/> 1448 <AnyChar context="#pop" String="&noPathCharWithoutSpace;" lookAhead="true"/> 1449 <IncludeRules context="_variable_simple"/> 1450 <IncludeRules context="_path_globbing"/> 1451 </context> 1452 1453 <!-- Globbing --> 1454 <context name="_path_globbing" attribute="Normal Text" lineEndContext="#stay"> 1455 <IncludeRules context="_brackets_error"/> 1456 <DetectChar context="_curly_brackets" attribute="Globbing Brackets" char="{"/> 1457 <DetectChar context="_square_brackets" attribute="Globbing Brackets" char="["/> 1458 <DetectChar context="_round_brackets" attribute="Globbing Brackets" char="("/> 1459 <IncludeRules context="_path_globbing_chars"/> 1460 </context> 1461 <context name="_path_globbing_chars" attribute="Normal Text" lineEndContext="#stay"> 1462 <AnyChar context="#stay" attribute="Globbing Char" String="&globbChars;"/> 1463 <IncludeRules context="_escape"/> 1464 </context> 1465 <!-- Escapes: Hexadecimal (\xNN), decimal (\dNNN) & octal (\NNN). Also make literal any character. 1466 NOTE: Reserved character escape sequences: \\"aefnrt0 --> 1467 <context name="_escape" attribute="Normal Text" lineEndContext="#stay"> 1468 <RegExpr context="#stay" attribute="Escape Char" String="\\(?:x[a-fA-F\d]{1,2}|d\d{1,3}|[0-3][0-7]{0,2}|[4-7][0-7]?|.)"/> 1469 </context> 1470 <context name="_profile_transition_escape" attribute="Transition Profile Name" lineEndContext="#stay"> 1471 <RegExpr context="#stay" attribute="Globbing Char in Tran. Prof." String="\\(?:x[a-fA-F\d]{1,2}|d\d{1,3}|[0-3][0-7]{0,2}|[4-7][0-7]?|.)"/> 1472 </context> 1473 1474 <!-- Groups of brackets: { }, [ ] and ( ) --> 1475 <context name="_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> 1476 <DetectChar context="#pop" attribute="Globbing Brackets" char="}"/> 1477 <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^&noPathChar;\(\[\{\}\\](?=[&noPathChar;]|$)"/> 1478 <IncludeRules context="_default_path"/> 1479 <IncludeRules context="_default_curly_brackets"/> 1480 </context> 1481 <context name="_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop" fallthrough="true" fallthroughContext="#pop!_square_brackets_content"> 1482 <RegExpr context="#pop!_square_brackets_content" attribute="Globbing Char of Brackets" String="\^(?=[^\s\]"])"/> 1483 </context> 1484 <context name="_square_brackets_content" attribute="Globbing Brackets" lineEndContext="#pop"> 1485 <DetectChar context="#pop" attribute="Globbing Brackets" char="]"/> 1486 <DetectSpaces context="#pop" lookAhead="true"/> 1487 <DetectChar context="#pop" char=""" lookAhead="true"/> <!-- &noPathChar; --> 1488 <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s\[\]\\](?=["\s]|$)"/> <!-- &noPathChar; --> 1489 <IncludeRules context="_default_square_brackets"/> 1490 </context> 1491 <context name="_round_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> 1492 <DetectChar context="#pop" attribute="Globbing Brackets" char=")"/> 1493 <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^&noPathChar;\(\[\{\\](?=["\s]|$)"/> <!-- &noPathChar; --> 1494 <IncludeRules context="_default_path"/> 1495 <IncludeRules context="_default_round_brackets"/> 1496 </context> 1497 1498 <!-- Brackets quoted (allow spaces and line breaks) --> 1499 <context name="_curly_brackets_quoted" attribute="Globbing Brackets" lineEndContext="#stay"> 1500 <DetectChar context="#pop" attribute="Globbing Brackets" char="}"/> 1501 <DetectChar context="#pop" char=""" lookAhead="true"/> 1502 <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s"\(\[\{\}\\](?=\s*")"/> 1503 <IncludeRules context="_default_quoted"/> 1504 <IncludeRules context="_default_curly_brackets"/> 1505 </context> 1506 <context name="_square_brackets_quoted" attribute="Globbing Brackets" lineEndContext="#pop!_square_brackets_content_quoted" fallthrough="true" fallthroughContext="#pop!_square_brackets_content_quoted"> 1507 <RegExpr context="#pop!_square_brackets_content_quoted" attribute="Globbing Char of Brackets" String="\^(?=[^\]"])"/> 1508 </context> 1509 <context name="_square_brackets_content_quoted" attribute="Globbing Brackets" lineEndContext="#stay"> 1510 <DetectChar context="#pop" attribute="Globbing Brackets" char="]"/> 1511 <DetectChar context="#pop" char=""" lookAhead="true"/> 1512 <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s"\[\]\\](?=\s*")"/> 1513 <IncludeRules context="_default_square_brackets"/> 1514 </context> 1515 <context name="_round_brackets_quoted" attribute="Globbing Brackets" lineEndContext="#stay"> 1516 <DetectChar context="#pop" attribute="Globbing Brackets" char=")"/> 1517 <DetectChar context="#pop" char=""" lookAhead="true"/> 1518 <RegExpr context="#stay" attribute="Open Globbing Brackets" String="[^\s"\[\{\(\)\\](?=\s*")"/> 1519 <IncludeRules context="_default_quoted"/> 1520 <IncludeRules context="_default_round_brackets"/> 1521 </context> 1522 1523 <context name="_default_curly_brackets" attribute="Globbing Brackets" lineEndContext="#stay"> 1524 <DetectChar context="#stay" attribute="Globbing Char of Brackets" char=","/> 1525 <keyword context="#stay" String="default_variables"/> 1526 </context> 1527 <context name="_default_round_brackets" attribute="Globbing Brackets" lineEndContext="#stay"> 1528 <DetectChar context="#stay" attribute="Globbing Char of Brackets" char="|"/> 1529 </context> 1530 <context name="_default_square_brackets" attribute="Globbing Brackets" lineEndContext="#stay"> 1531 <IncludeRules context="_variable_simple"/> 1532 <DetectChar context="#stay" attribute="Error" char="["/> 1533 <IncludeRules context="_path_globbing_chars"/> 1534 </context> 1535 <context name="_brackets_error" attribute="Normal Text" lineEndContext="#stay"> 1536 <Detect2Chars context="#stay" attribute="Error" char="[" char1="]"/> 1537 <Detect2Chars context="#stay" attribute="Error" char="{" char1="}"/> 1538 <Detect2Chars context="#stay" attribute="Error" char="(" char1=")"/> 1539 </context> 1540 1541 <!-- If the brackets are outside a path --> 1542 <context name="_r_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> 1543 <DetectChar context="#pop!_find_path_after_variable" attribute="Globbing Brackets" char="}"/> 1544 <IncludeRules context="_curly_brackets"/> 1545 </context> 1546 <context name="_r_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> 1547 <DetectChar context="#pop!_find_path_after_variable" attribute="Globbing Brackets" char="]"/> 1548 <IncludeRules context="_square_brackets"/> 1549 </context> 1550 <!-- In block of parentheses... --> 1551 <context name="_p_curly_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> 1552 <DetectChar context="#pop!_parentheses_find_path_after_variable" attribute="Globbing Brackets" char="}"/> 1553 <IncludeRules context="_curly_brackets"/> 1554 </context> 1555 <context name="_p_square_brackets" attribute="Globbing Brackets" lineEndContext="#pop"> 1556 <DetectChar context="#pop!_parentheses_find_path_after_variable" attribute="Globbing Brackets" char="]"/> 1557 <IncludeRules context="_square_brackets"/> 1558 </context> 1559 1560 <!-- Path Quoted --> 1561 <context name="_find_text_quoted" attribute="Normal Text" lineEndContext="#stay"> 1562 <DetectChar context="_quoted" attribute="Text Quoted" char="""/> 1563 </context> 1564 <context name="_quoted" attribute="Text Quoted" lineEndContext="#stay"> 1565 <DetectChar context="#pop" attribute="Text Quoted" char="""/> 1566 <IncludeRules context="_default_quoted"/> 1567 <Detect2Chars context="_hat_path_quoted" char="/" char1="/" lookAhead="true"/> 1568 </context> 1569 <context name="_default_quoted" attribute="Text Quoted" lineEndContext="#stay"> 1570 <IncludeRules context="_variable_simple"/> 1571 <IncludeRules context="_brackets_error"/> 1572 <DetectChar context="_curly_brackets_quoted" attribute="Globbing Brackets" char="{"/> 1573 <DetectChar context="_square_brackets_quoted" attribute="Globbing Brackets" char="["/> 1574 <DetectChar context="_round_brackets_quoted" attribute="Globbing Brackets" char="("/> 1575 <IncludeRules context="_path_globbing_chars"/> 1576 </context> 1577 1578 </contexts> 1579 1580 <itemDatas> 1581 <itemData name="Normal Text" defStyleNum="dsNormal" spellChecking="false"/> 1582 <itemData name="Path" defStyleNum="dsNormal" spellChecking="false"/> 1583 <itemData name="Text Quoted" defStyleNum="dsString" spellChecking="false"/> 1584 <itemData name="Comment" defStyleNum="dsComment"/> 1585 <itemData name="URL in Comment" defStyleNum="dsComment" underline="1" spellChecking="false"/> 1586 <itemData name="Preprocessor" defStyleNum="dsPreprocessor" spellChecking="false"/> 1587 <itemData name="Prep. Lib" defStyleNum="dsImport" underline="0" spellChecking="false"/> 1588 <itemData name="Open Prep. Lib" defStyleNum="dsImport" underline="1" spellChecking="false"/> 1589 <itemData name="Variable" defStyleNum="dsBaseN" bold="0" spellChecking="false"/> 1590 1591 <itemData name="Profile Head" defStyleNum="dsFunction" bold="1" underline="0" spellChecking="false"/> 1592 <itemData name="Profile Name" defStyleNum="dsFunction" bold="0" underline="0" spellChecking="false"/> 1593 <itemData name="Rule Qualifier" defStyleNum="dsKeyword" bold="1" underline="0" spellChecking="false"/> 1594 <itemData name="Rule Access Qualifier" defStyleNum="dsWarning" bold="1" underline="0" italic="0" spellChecking="false"/> 1595 <itemData name="File Rule Qualifier" defStyleNum="dsVariable" bold="1" underline="0" italic="0" spellChecking="false"/> 1596 <itemData name="Rule" defStyleNum="dsVariable" bold="1" underline="0" italic="0" spellChecking="false"/> 1597 <itemData name="Data" defStyleNum="dsVariable" bold="0" underline="0" italic="0" spellChecking="false"/> 1598 <itemData name="Other Data" defStyleNum="dsNormal" italic="1" spellChecking="false"/> 1599 <itemData name="Permissions" defStyleNum="dsNormal" bold="1" spellChecking="false"/> 1600 1601 <itemData name="Option" defStyleNum="dsOthers" spellChecking="false"/> 1602 <itemData name="Other Option" defStyleNum="dsAttribute" spellChecking="false"/> 1603 <itemData name="Flags" defStyleNum="dsVerbatimString" spellChecking="false"/> 1604 <itemData name="SubProfile/Hat" defStyleNum="dsAnnotation" bold="0" underline="0" italic="0" spellChecking="false"/> 1605 <itemData name="SubProfile/Hat Operator" defStyleNum="dsAnnotation" bold="1" underline="0" italic="0" spellChecking="false"/> 1606 <itemData name="Operator 1" defStyleNum="dsOperator" spellChecking="false"/> 1607 <itemData name="Operator 2" defStyleNum="dsWarning" bold="1" underline="0" italic="0" spellChecking="false"/> 1608 <itemData name="Number" defStyleNum="dsDecVal" spellChecking="false"/> 1609 <itemData name="Numerical Unit" defStyleNum="dsDecVal" bold="1" spellChecking="false"/> 1610 <itemData name="End of Rule Char" defStyleNum="dsNormal" spellChecking="false"/> 1611 1612 <itemData name="Escape Char" defStyleNum="dsSpecialChar" spellChecking="false"/> 1613 <itemData name="Globbing Char" defStyleNum="dsSpecialChar" spellChecking="false"/> 1614 <itemData name="Globbing Char of Brackets" defStyleNum="dsBuiltIn" bold="0" underline="0" italic="0" spellChecking="false"/> 1615 <itemData name="Globbing Brackets" defStyleNum="dsVerbatimString" underline="0" spellChecking="false"/> 1616 <itemData name="Open Globbing Brackets" defStyleNum="dsVerbatimString" underline="1" spellChecking="false"/> 1617 1618 <itemData name="Transition Profile Name" defStyleNum="dsFunction" bold="0" italic="1" underline="0" spellChecking="false"/> 1619 <itemData name="Globbing Char in Tran. Prof." defStyleNum="dsSpecialChar" bold="0" italic="1" underline="0" spellChecking="false"/> 1620 <itemData name="Hat Operator in Tran. Prof." defStyleNum="dsAnnotation" bold="1" italic="1" underline="0" spellChecking="false"/> 1621 1622 <itemData name="Rule Error" defStyleNum="dsVariable" bold="1" underline="1" italic="0" spellChecking="false"/> 1623 <itemData name="Rule Qualifier Error" defStyleNum="dsKeyword" bold="1" underline="1" spellChecking="false"/> 1624 <itemData name="Rule Access Qualifier Error" defStyleNum="dsWarning" bold="1" underline="1" italic="0" spellChecking="false"/> 1625 <itemData name="File Rule Qualifier Error" defStyleNum="dsVariable" bold="1" underline="1" italic="0" spellChecking="false"/> 1626 <itemData name="Profile Head Error" defStyleNum="dsFunction" bold="1" underline="1" spellChecking="false"/> 1627 <itemData name="Profile Name Error" defStyleNum="dsFunction" bold="0" underline="1" spellChecking="false"/> 1628 <itemData name="Error" defStyleNum="dsError" spellChecking="false"/> 1629 </itemDatas> 1630 1631 </highlighting> 1632 1633 <general> 1634 <!-- Keyword delimiters: .()<>=/\[]{},"'^;:| --> 1635 <keywords casesensitive="true" additionalDeliminator=""'" weakDeliminator="!+-%*?~&"/> 1636 1637 <comments> 1638 <comment name="singleLine" start="#"/> 1639 </comments> 1640 </general> 1641 1642 </language> 1643 <!-- kate: replace-tabs off; tab-width 3; indent-width 3; remove-trailing-spaces mod; dynamic-word-wrap off; -->