3 "\t|--rbce_info - read only file detailing how to setup and use RBCE.\n\n"
4 "\t|--rbce_reclassify - contains nothing. Writing a pid to it"
6 "\tthe given task according to the current set of rules.\n"
7 "\tWriting 0 to it reclassifies all tasks in the system according to the \n"
8 "\tsurrent set of rules. This is typically done by the user/sysadmin \n"
9 "\tafter changing/creating rules. \n\n"
10 "\t|--rbce_state - determines whether RBCE is currently active"
12 "\tWriting 1 (0) activates (deactivates) the CE. Reading the file\n"
13 "\treturns the current state.\n\n"
14 "\t|--rbce_tag - set tag of the given pid, syntax - \"pid tag\"\n\n"
15 "2. Rules subdirectory: Each rule of the RBCE is represented by a file in\n"
17 "Following are the different attr/value pairs that can be specified.\n\n"
18 "Note: attr/value pairs must be separated by commas(,) with no space"
20 "\t<*id> <OP> number where <OP>={>,<,=,!}\n"
21 "\t<*id>={uid,euid,gid,egid}\n\n"
22 "\tcmd=\"string\" // basename of the command\n\n"
23 "\tpath=\"/path/to/string\" // full pathname of the command\n\n"
24 "\targs=\"string\" // argv[1] - argv[argc] of command\n\n"
25 "\ttag=\"string\" // application tag of the task\n\n"
26 "\t[+,-]depend=rule_filename\n"
27 "\t\t\t// used to chain a rule's terms with existing rules\n"
28 "\t\t\t// to avoid respecifying the latter's rule terms.\n"
29 "\t\t\t// A rule's dependent rules are evaluated before \n"
30 "\t\t\t// its rule terms get evaluated.\n"
32 "\t\t\t// An optional + or - can precede the depend keyword.\n"
33 "\t\t\t// +depend adds a dependent rule to the tail of the\n"
34 "\t\t\t// current chain, -depend removes an existing \n"
35 "\t\t\t// dependent rule\n\n"
36 "\torder=number // order in which this rule is executed relative to\n"
37 "\t\t\t// other independent rules.\n"
38 "\t\t\t// rule with order 1 is checked first and so on.\n"
39 "\t\t\t// As soon as a rule matches, the class of that rule\n"
40 "\t\t\t// is returned to Core. So, order really matters.\n"
41 "\t\t\t// If no order is specified by the user, the next\n"
42 "\t\t\t// highest available order number is assigned to\n"
43 "\t\t\t// the rule.\n\n"
44 "\tclass=\"/rcfs/.../classname\" // target class of this rule.\n"
45 "\t\t\t// /rcfs all by itself indicates the\n"
46 "\t\t\t// systemwide default class\n\n"
47 "\tstate=number // 1 or 0, provides the ability to deactivate a\n"
48 "\t\t\t// specific rule, if needed.\n\n"
49 "\tipv4=\"string\" // ipv4 address in dotted decimal and port\n"
50 "\t\t\t// e.g. \"127.0.0.1\\80\"\n"
51 "\t\t\t// e.g. \"*\\80\" for CE to match any address\n"
52 "\t\t\t// used in socket accept queue classes\n\n"
53 "\tipv6=\"string\" // ipv6 address in hex and port\n"
54 "\t\t\t// e.g. \"fe80::4567\\80\"\n"
55 "\t\t\t// e.g. \"*\\80\" for CE to match any address \n"
56 "\t\t\t// used in socket accept queue classes\n\n"
58 "\techo \"uid=100,euid<200,class=/rcfs\" > /rcfs/ce/rules/rule1\n";