Re: [Libguestfs] [PATCH v5 3/7] New API: yara_load

The yara_load API allows to load a set of Yara rules contained within a file on the host. Rules can be in binary format, as when compiled with yarac command, or in source code format. In the latter case, the rules will be first compiled and then loaded. Subsequent calls of the yara_load API will result in the discard of the previously loaded rules.

+let daemon_functions = [ + { defaults with + name = "yara_load"; added = (1, 37, 9); + style = RErr, [FileIn "filename";], [OString "namespace"]; + progress = true; cancellable = true; + optional = Some "libyara"; + shortdesc = "load yara rules within libguestfs"; + longdesc = "\ +Load a set of Yara rules from F<filename> within libguestfs appliance. +Rules can be in binary format, as when compiled with yarac command, or +in source code format. In the latter case, the rules will be first +compiled and then loaded. +Rules in source code format cannot include external files. In such cases, +it is recommended to compile them first. +Different rules files can be loaded sequentially. The optional parameter +C<namespace> can be used to distinguish rules with the same identifier +but belonging to different files." };