[grsec] learn_config: high-reduce-path does not work for subdirectories?

[Marc Schiffbauer]

Hi Brad,

it seems like only files get reduced inside a high-reduce-path, not
directories.

In the learn_config I set:

high-reduce-path /var/lib/amavis

(I removed the default high-reduce-path /var/lib entry)


The policy after full learning contains the following which I wanted to
suppress with the high-reduce-path entry:

/var/lib/amavis                 rwcd
/var/lib/amavis/amavis-20050314T215044-02710
/var/lib/amavis/amavis-20050314T215044-02710/parts
/var/lib/amavis/amavis-20050314T215044-02710/parts/part-00001 r
/var/lib/amavis/amavis-20050314T223005-13473
/var/lib/amavis/amavis-20050314T223005-13473/parts
/var/lib/amavis/amavis-20050314T223005-13473/parts/part-00001 r
/var/lib/amavis/amavis-20050314T223005-13473/parts/part-00002 r
/var/lib/amavis/amavis-20050314T223005-13473/parts/part-00003 r
/var/lib/amavis/amavis-20050314T225102-04427
/var/lib/amavis/amavis-20050314T225102-04427/parts      r
/var/lib/amavis/amavis-20050314T232649-01212
/var/lib/amavis/amavis-20050314T232649-01212/parts
/var/lib/amavis/amavis-20050314T232649-01212/parts/part-00001 r
/var/lib/amavis/amavis-20050314T232649-01212/parts/part-00002 r
/var/lib/amavis/amavis-20050314T233656-09527
/var/lib/amavis/amavis-20050314T233656-09527/parts
/var/lib/amavis/amavis-20050314T233656-09527/parts/part-00001 r
/var/lib/amavis/amavis-20050314T233656-09527/parts/part-00002 r
/var/lib/amavis/amavis-20050314T233656-09527/parts/part-00003 r
[...]

May this be caused by "dont-reduce-path /var" so that 
"high-reduce-path /var/lib/amavis" does not match
"/var/lib/amavis/*" and therefore directories in "/var/lib/amavis" ?

-Marc
-- 
°    <M3rlin-> what is the legal age to buy alcoholic in england ? °
°  <p5Ds13a06> you cant buy alcoholics                             °
°  <p5Ds13a06> but if you wink the right way,                      °
°              some of them will follow you home for free          °