NAME¶
tomoyo-patternize - utility to convert pathnames in policy into patterns
SYNOPSIS¶
tomoyo-patternize
tomoyo-patternize [
configfile]
DESCRIPTION¶
This program reads domain policy from standard input and replaces pathnames with
patterns. Replacement rules are defined in
/etc/tomoyo/tools/patternize.conf. The resulting policy is sent to
standard output and is useful to shorten and simplify domain or exception
policy.
Pathnames used for domain names themselves will not be replaced. Only the first
matching rule is used for any particular pathname. If a pathname does not
match any rules, it is left unchanged.
EXAMPLES¶
- Replace "proc:/self/fd/0" with
"proc:/self/fd/\$"
-
rewrite path_pattern proc:/self/fd/\$
- Replace "proc:/123/status" with
"proc/\$/status"
-
rewrite head_pattern proc:/\$
- Replace "dev(8,1):/etc/mtab~456" with
"dev(8,1):/etc/mtab~\$"
-
rewrite tail_pattern /etc/mtab~\$
- Replace "/tmp/phpZjk1k3" with
@GROUP1
-
rewrite path_pattern /tmp/php\?\?\?\?\?\? @GROUP1
- Replace integers between 0-100 or 100-200 with
@GROUP2
-
rewrite number_pattern 0-100 @GROUP2
rewrite number_pattern 100-200 @GROUP2
- Replace loopback addresses with @LOCALHOST
-
rewrite address_pattern 127.0.0.1 @LOCALHOST
rewrite address_pattern 0:0:0:0:0:0:0:1 @LOCALHOST
See the configuration file for more information on rule syntax.
BUGS¶
If you find any bugs, send an email to
<tomoyo-users-en@lists.sourceforge.jp>.
AUTHORS¶
- Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
- Main author.
- Jamie Nguyen <jamie@tomoyolinux.co.uk>
- Documentation and website.
SEE ALSO¶
tomoyo-findtemp(8),
tomoyo-diffpolicy(8)
See <
http://tomoyo.sourceforge.jp> for more information.