Novell APPARMOR Admin Manual page 67

Two Methods of Profiling
Subdomain.vim
A syntax coloring file for the vim text editor highlights various features
of an Novell AppArmor profile with colors. Using vim and the Novell
AppArmor syntax mode for vim, you can see the semantic implications
of your profiles with color highlighting. Use vim to view and edit your
profile by typing vim at a terminal window.
To enable the syntax coloring, when you edit an Novell AppArmor pro-
f i l e i n v i m, u s e t h e c o mma n d " :syntax on" a n d t h e n " :set syn-
tax=subdomain" . A l t e r n a t e l y , y o u c a n p l a c e t h e s e l i n e s i n y o u r
~/.vimrc file:
syntax on
set modeline
set modelines=5
Wh e n v i m o p e n s t h e p r o f i l e , f i r s t e n t e r " :syntax on" a n d t h e n " :set
syntax=subdomain" a n d v i m w i l l c o l o r t h e l i n e s o f t h e p r o f i l e f o r y o u :
blue: #include lines that pull in other Novell AppArmor rules, and
comments that begin with #
white: ordinary read access lines
brown: capability statements and complain flags
yellow: lines that grant write access.
green: lines that grant execute permission, either ix or px
red: lines that grant unconfined access, ux
red background: syntax errors that will not load properly into the
SubDomain module.
Note:
There is a security risk to using these lines in your .vimrc file,
as it causes vim to trust the syntax mode presented in files you are
editing. It may enable an attacker to send you a file to be opened with
vim that may do something unsafe.
ma n s u b d o ma i n . v i m, ma n v i m, a n d " :help syntax" f r o m w i t h i n t h e
vim editor for particulars. The Novell AppArmor syntax is stored in
/usr/share/vim/vim61/syntax/subdomain.vim
67