diff options
| author | Niels Provos <provos@cvs.openbsd.org> | 2002-06-05 18:58:08 +0000 |
|---|---|---|
| committer | Niels Provos <provos@cvs.openbsd.org> | 2002-06-05 18:58:08 +0000 |
| commit | bf25e3be19dae34e7edb1d58cd7025eed11ab205 (patch) | |
| tree | aaa984541b20a2de4a4144eeae6e33712f63b8e0 /bin | |
| parent | 7bb42c532b65da68fc3e8f06462186fb0d522cb9 (diff) | |
stab at describing grammar
Diffstat (limited to 'bin')
| -rw-r--r-- | bin/systrace/systrace.1 | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/bin/systrace/systrace.1 b/bin/systrace/systrace.1 index 794d7de4165..379e29dfaae 100644 --- a/bin/systrace/systrace.1 +++ b/bin/systrace/systrace.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: systrace.1,v 1.9 2002/06/05 16:51:08 provos Exp $ +.\" $OpenBSD: systrace.1,v 1.10 2002/06/05 18:58:07 provos Exp $ .\" .\" Copyright 2002 Niels Provos <provos@citi.umich.edu> .\" All rights reserved. @@ -76,6 +76,26 @@ are added to the policies that .Nm knows about. .El +.Pp +.Sh POLICY +The policy is specified via the following grammar: +.Bd -literal +filter = expression "then" action errorcode +expression = symbol | "not" expression | "(" expression ")" | + expression "and" expression | expression "or" expression +symbol = string typeoff "match" cmdstring | + string typeoff "eq" cmdstring | string typeoff "neq" cmdstring | + string typeoff "sub" cmdstring | string typeoff "nsub" cmdstring | + string typeoff "inpath" cmdstring | "true" +typeoff = /* empty */ | "[" number "]" +action = "permit" | "deny" +errorcode = /* empty */ | "[" string "]" +.Ed +.Pp +The +.Va cmd-string +is an arbitrary string enclosed with quotation marks. + .Sh FILES .Bl -tag -width xHOME/xsystrace -compact .It Pa /dev/systrace |