From e145fb8f131cc8394af4e56a43db4895ea1890e1 Mon Sep 17 00:00:00 2001
From: John-Paul Robinson <jpr@uab.edu>
Date: Mon, 29 Aug 2022 11:40:07 -0500
Subject: [PATCH] Add policy to limit file search to specific path in the file
 systems

The FILEPATH variable limits included files to only the provided
variable to the policy.
---
 policy/list-path | 26 ++++++++++++++++++++++++++
 1 file changed, 26 insertions(+)
 create mode 100644 policy/list-path

diff --git a/policy/list-path b/policy/list-path
new file mode 100644
index 0000000..23031c3
--- /dev/null
+++ b/policy/list-path
@@ -0,0 +1,26 @@
+/* list of files to include */
+define( include_list,
+  (PATH_NAME LIKE 'FILEPATH%')
+)
+
+/* define access_age */
+define(access_age,
+  (DAYS(CURRENT_TIMESTAMP) - DAYS(ACCESS_TIME))
+)
+
+RULE 'list-path' LIST 'no_extern_list'
+  SHOW ('|size='   || varchar(FILE_SIZE) ||
+        '|kballoc='|| varchar(KB_ALLOCATED) || 
+        '|access=' || varchar(ACCESS_TIME) ||
+        '|create=' || varchar(CREATION_TIME) ||
+        '|modify=' || varchar(MODIFICATION_TIME) ||
+	'|uid='    || varchar(USER_ID) ||
+        '|gid='    || varchar(GROUP_ID) ||
+        '|heat='   || varchar(FILE_HEAT) ||
+        '|pool='   || varchar(POOL_NAME) ||
+        '|path='   || varchar(PATH_NAME) ||
+        '|misc='   || varchar(MISC_ATTRIBUTES) ||
+        '|'
+       )
+  WHERE include_list
+
-- 
GitLab