summaryrefslogtreecommitdiff
path: root/bin/systrace/parse.y
diff options
context:
space:
mode:
Diffstat (limited to 'bin/systrace/parse.y')
-rw-r--r--bin/systrace/parse.y12
1 files changed, 10 insertions, 2 deletions
diff --git a/bin/systrace/parse.y b/bin/systrace/parse.y
index 8173b8dce94..fdf401122a8 100644
--- a/bin/systrace/parse.y
+++ b/bin/systrace/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.14 2003/05/29 00:39:12 itojun Exp $ */
+/* $OpenBSD: parse.y,v 1.15 2003/07/19 11:48:58 sturm Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
@@ -66,7 +66,7 @@ extern int iamroot;
%}
-%token AND OR NOT LBRACE RBRACE LSQBRACE RSQBRACE THEN MATCH PERMIT DENY
+%token AND OR NOT LBRACE RBRACE LSQBRACE RSQBRACE THEN MATCH PERMIT DENY ASK
%token EQ NEQ TRUE SUB NSUB INPATH LOG COMMA IF USER GROUP EQUAL NEQUAL AS
%token COLON RE LESSER GREATER
%token <string> STRING
@@ -121,6 +121,10 @@ fullexpression : expression THEN action errorcode logcode elevate predicate
if ($5)
flags |= SYSCALL_LOG;
+ /* Special policy that allows only yes or no */
+ if ($3 == ICPOLICY_ASK)
+ flags |= PROCESS_PROMPT;
+
if ($4 != NULL)
free($4);
@@ -445,6 +449,10 @@ action : PERMIT
{
$$ = ICPOLICY_PERMIT;
}
+ | ASK
+{
+ $$ = ICPOLICY_ASK;
+}
| DENY
{
$$ = ICPOLICY_NEVER;
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-29 15:51:19 +0000