logo
Free, unlimited AI code reviews that run on commit
git-lrc git-lrc GitHub Install Now We'd appreciate a star git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt git-lrc - Free, unlimited AI code reviews that run on commit | Product Hunt

fapolicyd-filter.conf - fapolicyd filter configuration file

Contents

Author

Radovan Sroka Red Hat June 2023 FAPOLICYD_FILTER.CONF:(5)

Description

The file /etc/fapolicyd/fapolicyd-filter.conf contains configuration of the filter for the application allowlisting daemon. This filter specifies an allow or exclude list of files from a trust source. Valid line starts with character '+', '-' or '#' for comments. The rest of the line contains a path specification. Space can be used as indentation to add more specific filters to the previous one. Note, that only one space is required for one level of an indent. If there are multiple specifications on the same indentation level they extend the previous line with lower indentation, usually a directory. The path may be specified using the glob pattern. A directory specification has to end with a slash ‘/’. The filters are processed as follows: Starting from the up the to bottom while in case of a match the result (+/-) is set unless there is an indented block which describes more detailed specification of the parent level match. The same processing logic is applied to the inner filters definitions. If there is no match, the parent’s result is set. If there is no match at all, the default result is minus (-). If the result was a plus (+), the respective file from a trust source is imported to the TrustDB. Vice versa, if the result was a minus (-), the respective file is not imported. From a performance point of view it is better to design an indented filter because in the ideal situation each component of the path is compared only once. In contrast to it, a filter without any indentation has to contain a full path which makes the pattern more complicated and thus slower to process. The motivation behind this is to have a flexible configuration and keep the TrustDB as small as possible to make the look-ups faster. #thisissimpleallowlist-/usr/bin/some_binary1-/usr/bin/some_binary2+/#thisisthesame+/+usr/bin/-some_binary1-some_binary2#thisissimilarallowlistwithawildcard-/usr/bin/some_binary?+/#thisissimilarwithanotherwildcard+/-usr/bin/some_binary*#keepseverythingexceptusr/shareexceptpythonandperlfiles#/usr/bin/ls-resultis'+'#/usr/share/something-resultis'-'#/usr/share/abcd.py-resultis'+'+/-usr/share/+*.py+*.pl

Name

fapolicyd-filter.conf - fapolicyd filter configuration file

See Also

fapolicyd(8), fapolicyd-cli(1) fapolicy.rules(5) and glob(7)

See Also

Filters
Filters PNG Icons
Man Pages
fapolicyd Man Pages
Filing
Filing PNG Icons
Man Pages
conf Man Pages
Results
Results PNG Icons
Man Pages
Path Man Pages
Man Pages
Tirex::Config Man Pages
Match
Match PNG Icons
Man Pages
ntextIndent Man Pages
← View File formats Category← Back to Firewall configuration🙏  Credits & Acknowledgments