Adds a parser and evaluator for the fapolicyd filter config
The public api here is not integrated into the system in this PR. A later commit will integrate it as the backend of the editor.
The evaluation function implemented here can be used to enhance the analysis view by tying a trust decision back to a line from rpm filter, similar to how rules are referenced. A difference between rules and trust here is that the trust relation may not exist, where the rule relation always exists.
The impl uses a trie to map characterwise for searching. The impl supports the same wildcard characters as the fapolicyd impl. There is decent test coverage, but likely more corner cases. Configurations from the wild, mapped into tests, would be useful. The examples from the fapolicyd man pages are mapped to tests.
Adds a parser and evaluator for the fapolicyd filter config
The public api here is not integrated into the system in this PR. A later commit will integrate it as the backend of the editor.
The evaluation function implemented here can be used to enhance the analysis view by tying a trust decision back to a line from rpm filter, similar to how rules are referenced. A difference between rules and trust here is that the trust relation may not exist, where the rule relation always exists.
The impl uses a trie to map characterwise for searching. The impl supports the same wildcard characters as the fapolicyd impl. There is decent test coverage, but likely more corner cases. Configurations from the wild, mapped into tests, would be useful. The examples from the fapolicyd man pages are mapped to tests.
758