Allow rules to express paths using globbing (fnmatch)

[skosachiov]

The second implementation of fnmatch support, which works with trusted base. Briefly:

• all paths from rules with "*?" fill the wildcards llist
• the llist is sorted by bubble
• the comparison function during sorting is the difference in greed of wildcards
• the operations of filling the base and processing events with wildcard /home//.wine/ change the path from /home/jdoe/.wine/drive_c/windows/notepad.exe to /home/*/.wine/drive_c/windows/notepad.exe
• the operations of processing rules change the path from /home/jdoe/.wine/drive_c/windows/notepad.exe to /home/*/.wine/*

[skosachiov]

Steps to check:

• file /etc/fapolicyd/rules.d/78-known-wine.rules

  
  allow perm=any auid=0 : ftype=application/vnd.microsoft.portable-executable
  allow perm=open all : path=/home/*/.wine/* ftype=application/vnd.microsoft.portable-executable trust=1
  allow perm=open all : ftype=application/vnd.microsoft.portable-executable trust=1
  deny_syslog perm=any all : ftype=application/vnd.microsoft.portable-executable

- add trust 

/usr/local/sbin/fapolicyd-cli -f add /home/jdoe/.wine/ --trust-file wine-home.trust

- reload fapolicyd

- grep db

/usr/local/sbin/fapolicyd-cli -D | grep wine | grep notepad

- check output

filedb /home//.wine/drive_c/windows/notepad.exe 490403 338780f0cd76c8c04fb536c9397c32ae5f944e6750c87f087e455e4bda389abe filedb /home//.wine/drive_c/windows/system32/notepad.exe 490403 338780f0cd76c8c04fb536c9397c32ae5f944e6750c87f087e455e4bda389abe