used perltidy to clean up the formatting for the perl scripts in the

utils package and manually fixed some places where perltidy's reformatting made it harder to read. the options used were-- -i=4 # 4-space indentation -l=0 # unlimited line length (for now) -pt=2 # slightly tightened parens -ce # cuddled elses -nolq # don't outdent long quotes -nsfs # don't add spaces in front of semi-colons in for ( ) statements -isbc # only indent block comments that have whitespace in front of them -otr # don't place a break between a comma and an opening brace the code will be refactored to make it possible to switch to using 80-column line-breaks without resorting to really nasty formatting constructs.
2025-08-30 13:58:22 +00:00 · 2007-03-20 21:58:38 +00:00
parent f29097e401
commit d8ae032328
11 changed files with 5115 additions and 4774 deletions
--- a/utils/Reports.pm
+++ b/utils/Reports.pm
@@ -44,10 +44,21 @@ my $eventDb = '/var/log/apparmor/events.db';
 my $numEvents = 1000;

 sub month2Num {
-
    my $lexMon = shift;
-    my $months = { "Jan" =>'01', "Feb"=>'02', "Mar"=>'03', "Apr"=>'04', "May"=>'05', "Jun"=>'06',
-                    "Jul"=>'07', "Aug"=>'08', "Sep"=>'09', "Oct"=>'10',  "Nov"=>'11', "Dec"=>'12' };
+    my $months = {
+        "Jan" => '01',
+        "Feb" => '02',
+        "Mar" => '03',
+        "Apr" => '04',
+        "May" => '05',
+        "Jun" => '06',
+        "Jul" => '07',
+        "Aug" => '08',
+        "Sep" => '09',
+        "Oct" => '10',
+        "Nov" => '11',
+        "Dec" => '12'
+    };

    my $numMonth = $months->{$lexMon};

@@ -55,7 +66,6 @@ sub month2Num {
 }

 sub num2Month {
-
    my $monthNum = shift;

    my @months = ("Jan", "Feb", "Mar", "Apr", "May", "Jun", "Jul", "Aug", "Sep", "Oct", "Nov", "Dec");
@@ -66,7 +76,6 @@ sub num2Month {

 # Converts Epoch Time to Formatted Date String
 sub getDate {
-
    my $epTime = shift;

    my $date = localtime($epTime);
@@ -90,10 +99,8 @@ sub round {
    return ("$num");
 }

-
 # round up
 sub pageRound {
-
    my $num  = shift;
    my $pnum = int($num);

@@ -105,7 +112,6 @@ sub pageRound {
 }

 sub checkFileExists {
-
    my $file = shift;

    if ($file && -e $file) {
@@ -113,12 +119,10 @@ sub checkFileExists {
    } else {
        return 0;
    }
-
 }

 # Translate mode & sdmode for parsing
 sub rewriteModes {
-
    my $filts = shift;

    # Mode wrangling - Rewrite for better matches
@@ -138,7 +142,6 @@ sub rewriteModes {
        if ($tmpMode) {
            $filts->{'mode'} = $tmpMode;
        }
-
    }

    # Rewrite sdmode for more flexible matches
@@ -158,12 +161,14 @@ sub rewriteModes {
 }

 sub enableEventD {
+
    # make sure the eventd is enabled before we do any reports
    my $need_enable = 0;
    if (open(SDCONF, "/etc/apparmor/subdomain.conf")) {
        while (<SDCONF>) {
            if (/^\s*APPARMOR_ENABLE_AAEVENTD\s*=\s*(\S+)\s*$/) {
                my $flag = lc($1);
+
                # strip quotes from the value if present
                $flag = $1 if $flag =~ /^"(\S+)"$/;
                $need_enable = 1 if $flag ne "yes";
@@ -221,7 +226,6 @@ sub enableEventD {
 # Check that events db exists and is populated
 #	- Returns 1 for good db, 0 for bad db
 sub checkEventDb {
-
    my $count   = undef;
    my $eventDb = '/var/log/apparmor/events.db';

@@ -268,7 +272,6 @@ sub checkEventDb {

    $dbh->disconnect();

-
    if ($count && $count > 0) {
        return 1;
    } else {
@@ -278,8 +281,8 @@ sub checkEventDb {

 # Called from ag_reports_parse
 sub getNumPages {
-
    my $args     = shift;
+
    my $db       = ();
    my $numPages = 0;
    my $count    = 0;
@@ -324,7 +327,8 @@ sub getNumPages {

    if ($type && $type eq 'db') {

-		my $start = undef;	my $end = undef;
+        my $start = undef;
+        my $end   = undef;

        if ($args->{'startTime'} && $args->{'startTime'} > 0) {
            $start = $args->{'startTime'};
@@ -416,7 +420,6 @@ sub getNumPages {
 }

 sub getEpochFromNum {
-
    my $date = shift;
    my $place = shift || undef;    # Used to set default $sec if undef

@@ -446,10 +449,10 @@ sub getEpochFromNum {
 }

 sub getEpochFromStr {
-
    my $lexDate = shift;

    my ($lexMonth, $dateDay, $fullTime, $year) = split(/\s+/, $lexDate);
+
    #my ($lexDay, $lexMonth, $dateDay, $fullTime, $year) = split(/\s+/, $lexDate);
    my ($hour, $min, $sec) = split(/\:/, $fullTime);

@@ -464,7 +467,6 @@ sub getEpochFromStr {

 # Replaces old files with new files
 sub updateFiles {
-
    my ($oldFile, $newFile) = @_;

    if (unlink("$oldFile")) {
@@ -485,7 +487,6 @@ sub updateFiles {
 # This is a holder, that was originally part of exportLog()
 # Used by /usr/bin/reportgen.pl
 sub exportFormattedText {
-
    my ($repName, $logFile, $db) = @_;

    my $date = localtime;
@@ -501,12 +502,10 @@ sub exportFormattedText {
        print LOG "$_->{'pid'},$_->{'severity'},$->{'mode'},$_->{'resource'},$_->{'sdmode'}\n";
    }

-
    close LOG;
 }

 sub exportLog {
-
    my ($exportLog, $db, $header) = @_;

    if (open(LOG, ">$exportLog")) {
@@ -541,9 +540,10 @@ sub exportLog {
            }

            print LOG "<hr><br><table border='1' cellpadding='2'>\n";
+
 #print LOG "<tr bgcolor='edefff'><th>Date</th><th>Profile</th><th>PID</th><th>Message</th></tr>\n";
-			print LOG "<tr bgcolor='edefff'><th>Host</th><th>Date</th><th>Program</th><th>Profile</th><th>PID</th>" .
-						"<th>Severity</th><th>Mode</th><th>Detail</th><th>Access Type</th></tr>\n";
+            print LOG "<tr bgcolor='edefff'><th>Host</th><th>Date</th><th>Program</th><th>Profile</th><th>PID</th>"
+              . "<th>Severity</th><th>Mode</th><th>Detail</th><th>Access Type</th></tr>\n";

            my $idx = 1;

@@ -553,27 +553,28 @@ sub exportLog {
                if ($idx % 2 == 0) {

                    #"<td>&nbsp;$_->{'time'}&nbsp;</td>" .
-					print LOG "<tr><td>&nbsp;$_->{'host'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'date'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'prog'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'profile'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'pid'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'severity'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'mode'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'resource'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'sdmode'}&nbsp;</td></tr>\n";
+                    print LOG "<tr><td>&nbsp;$_->{'host'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'date'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'prog'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'profile'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'pid'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'severity'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'mode'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'resource'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'sdmode'}&nbsp;</td></tr>\n";

                } else {
+
                    # Shade every other row
-					print LOG "<tr='edefef'><td>&nbsp;$_->{'host'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'date'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'prog'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'profile'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'pid'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'severity'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'mode'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'resource'}&nbsp;</td>" .
-							"<td>&nbsp;$_->{'sdmode'}&nbsp;</td></tr>\n";
+                    print LOG "<tr='edefef'><td>&nbsp;$_->{'host'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'date'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'prog'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'profile'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'pid'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'severity'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'mode'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'resource'}&nbsp;</td>"
+                      . "<td>&nbsp;$_->{'sdmode'}&nbsp;</td></tr>\n";

                }
            }
@@ -585,15 +586,15 @@ sub exportLog {
    } else {
        ycp::y2error(sprintf(gettext("Export Log Error: Couldn't open %s"), $exportLog));
    }
+
    # return($error);
 }

 # Pulls info on single report from apparmor xml file
 sub getXmlReport {
-
    my ($repName, $repConf) = @_;
-	my $repFlag = 0;

+    my $repFlag = 0;
    my %rep     = ();

    if (defined($repName) && ref($repName)) {
@@ -603,7 +604,6 @@ sub getXmlReport {
        } elsif ($repName->{'name'}) {
            $repName = $repName->{'name'};
        }
-
    }

    if (!$repName) {
@@ -613,8 +613,16 @@ sub getXmlReport {
    if (!$repConf || !-e $repConf) {
        $repConf = '/etc/apparmor/reports.conf';
        if (!-e $repConf) {
-            ycp::y2error(sprintf(gettext("Unable to get configuration info for %s.
-                Unable to find %s."), $repName, $repConf));
+            ycp::y2error(
+                sprintf(
+                    gettext(
+                        "Unable to get configuration info for %s.
+                Unable to find %s."
+                    ),
+                    $repName,
+                    $repConf
+                )
+            );
            exit 1;
        }
    }
@@ -626,6 +634,7 @@ sub getXmlReport {
            chomp;

            if (/\<name\>/) {
+
                #my $name = (split(/\"/, $_))[1];
                /\<name\>(.+)\<\/name\>/;
                my $name = $1;
@@ -644,6 +653,7 @@ sub getXmlReport {
                    chomp($attrs);
                    my @attrlist = split(/\s+/, $attrs);
                    for (@attrlist) {
+
                        #Match attributes
                        if (/\s*(\S+)=\"(\S+)\"/) {
                            $rep{$1} = $2 unless $2 eq '-';
@@ -721,7 +731,6 @@ sub getCfInfo {

 # generate stats for ESS reports
 sub getEssStats {
-
    my $args = shift;

    #my ($host, $targetDir, $startdate, $enddate) = @_;
@@ -759,9 +768,10 @@ sub getEssStats {
    # Max Sev, Ave. Sev, Num. Rejects, Start Time, End Time
    my $ctQuery = "SELECT count(*) FROM events WHERE time >= $startdate AND time <= $enddate";

-    my $query = "SELECT MAX(severity), AVG(severity), COUNT(id), MIN(time), " .
-                "MAX(time) FROM events WHERE sdmode='REJECTING' AND " .
-                "time >= $startdate AND time <= $enddate";
+    my $query = "SELECT MAX(severity), AVG(severity), COUNT(id), MIN(time), "
+      . "MAX(time) FROM events WHERE sdmode='REJECTING' AND "
+      . "time >= $startdate AND time <= $enddate";
+
 #                "MAX(time) FROM events join info WHERE sdmode='REJECTING' AND " .

    # Get list of hosts to scan
@@ -783,6 +793,7 @@ sub getEssStats {
        my $ess   = undef;
        my $ret   = undef;
        my $count = undef;
+
        #my $eventDb = '/var/log/apparmor/events.db';

        my $dbh = DBI->connect("dbi:SQLite:dbname=$eventDb", "", "", { RaiseError => 1, AutoCommit => 1 });
@@ -817,9 +828,7 @@ sub getEssStats {
        }

        # Get rest of stats
-        eval {
-            $ret = $dbh->selectall_arrayref("$query");
-        };
+        eval { $ret = $dbh->selectall_arrayref("$query"); };

        if ($@) {
            ycp::y2error(sprintf(gettext("DBI Execution failed: %s"), $DBI::errstr));
@@ -868,11 +877,9 @@ sub getEssStats {
    return \@hostDb;
 }

-
 # get ESS stats for archived reports (warning -- this can be slow for large files
 # debug -- not fully functional yet
 sub getArchEssStats {
-
    my $args = shift;

    my $prevTime  = '0';
@@ -904,16 +911,24 @@ sub getArchEssStats {

                    if ($_->{'host'} eq $ev->{'host'}) {

+                        # Find earliest start date
                        if ($_->{'startdate'} > $ev->{'date'}) {
-							$_->{'startdate'} = $ev->{'date'};			# Find earliest start date
+                            $_->{'startdate'} = $ev->{'date'};
                        }

-						$_->{'numEvents'}++;			# tally all events reported for host
+                        # tally all events reported for host
+                        $_->{'numEvents'}++;

                        if ($ev->{'sdmode'}) {
-							if ( $ev->{'sdmode'} =~ /PERMIT/ ) { $_->{'numPermits'}++; }
-							if ( $ev->{'sdmode'} =~ /REJECT/ ) { $_->{'numRejects'}++; }
-							if ( $ev->{'sdmode'} =~ /AUDIT/ ) { $_->{'numAudits'}++; }
+                            if ($ev->{'sdmode'} =~ /PERMIT/) {
+                                $_->{'numPermits'}++;
+                            }
+                            if ($ev->{'sdmode'} =~ /REJECT/) {
+                                $_->{'numRejects'}++;
+                            }
+                            if ($ev->{'sdmode'} =~ /AUDIT/) {
+                                $_->{'numAudits'}++;
+                            }
                        }

                        # Add stats to host entry
@@ -940,6 +955,7 @@ sub getArchEssStats {

                $rec->{'host'}      = $ev->{'host'};
                $rec->{'startdate'} = $startDate;
+
                #$rec->{'startdate'} = $ev->{'date'};

                if ($endDate) {
@@ -957,10 +973,12 @@ sub getArchEssStats {
                    $rec->{'unknown'}  = 0;

                } else {
+
                    $rec->{'sevHi'}    = 0;
                    $rec->{'sevTotal'} = 0;
                    $rec->{'sevNum'}   = 0;
                    $rec->{'unknown'}  = 1;
+
                }

                # Start sdmode stats
@@ -996,10 +1014,15 @@ sub getArchEssStats {
        }

        # Convert dates
-		if ($_->{'startdate'} !~ /:/) {$_->{'startdate'} = getDate($startDate); }
-		if ($_->{'enddate'} !~ /:/) { $_->{'enddate'} = getDate($_->{'enddate'}); }
+        if ($_->{'startdate'} !~ /:/) {
+            $_->{'startdate'} = getDate($startDate);
+        }
+        if ($_->{'enddate'} !~ /:/) {
+            $_->{'enddate'} = getDate($_->{'enddate'});
+        }

-		# Delete stuff that we may use in later versions (YaST is a silly, silly data handler)
+        # Delete stuff that we may use in later versions (YaST is a silly,
+        # silly data handler)
        delete($_->{'sevTotal'});
        delete($_->{'sevNum'});
        delete($_->{'numPermits'});
@@ -1013,8 +1036,8 @@ sub getArchEssStats {

 # special version of getEvents() for /usr/bin/reportgen.pl
 sub grabEvents {
-
    my ($rep, $start, $end) = @_;
+
    my $db       = undef;
    my $prevDate = "0";
    my $prevTime = "0";
@@ -1037,13 +1060,17 @@ sub grabEvents {
    if ($rep->{'sev'} && ($rep->{'sev'} eq "-" || $rep->{'sev'} eq "All")) {
        delete($rep->{'sev'});
    }
-    if ($rep->{'resource'} && $rep->{'resource'} eq "-") { delete($rep->{'resource'}); }
+    if ($rep->{'resource'} && $rep->{'resource'} eq "-") {
+        delete($rep->{'resource'});
+    }

    if ($rep->{'mode'} && ($rep->{'mode'} eq "-" || $rep->{'mode'} eq "All")) {
        delete($rep->{'mode'});
    }

-    if ($rep->{'sdmode'} && ($rep->{'sdmode'} eq "-" || $rep->{'sdmode'} eq "All") ) {
+    if ($rep->{'sdmode'}
+        && ($rep->{'sdmode'} eq "-" || $rep->{'sdmode'} eq "All"))
+    {
        delete($rep->{'sdmode'});
    }

@@ -1066,7 +1093,6 @@ sub grabEvents {
 }

 sub getQueryFilters {
-
    my ($filts, $start, $end) = @_;

    my $query = undef;
@@ -1102,7 +1128,9 @@ sub getQueryFilters {
        if ($filts->{'severity'}) {
            if ($filts->{'severity'} eq "-" || $filts->{'severity'} eq "All") {
                delete($filts->{'severity'});
-			} elsif ( $filts->{'severity'} eq "-1" || $filts->{'severity'} eq "U" ) {
+            } elsif ($filts->{'severity'} eq "-1"
+                || $filts->{'severity'} eq "U")
+            {
                if ($wFlag == 1) {
                    $query .= "AND events.severity = '-1' ";
                } else {
@@ -1180,9 +1208,7 @@ sub getQueryFilters {
    return $query;
 }

-
 sub getQuery {
-
    my ($filts, $page, $sortKey, $numEvents) = @_;

    if (!$page || $page < 1 || $page !~ /\d+/) { $page = 1; }
@@ -1209,8 +1235,8 @@ sub getQuery {
 # - There may be a way to do this with a creative query statement generator

 sub queryPostProcess {
-
    my $db       = shift;
+
    my @newDb    = ();
    my $prevTime = 0;
    my $prevDate = 0;
@@ -1224,8 +1250,10 @@ sub queryPostProcess {
        if ($_->{'type'}) {

            if ($_->{'type'} eq 'control_variable') {
+
                # OWLSM gets special treatment
                if ($_->{'variable'} eq 'owlsm') {
+
                    #if ( $_->{'value'} ) {}
                    if ($_->{'value'} == '0') {
                        $_->{'resource'} = "GLOBAL MODULE CHANGE: OWLSM DISABLED";
@@ -1246,12 +1274,15 @@ sub queryPostProcess {
                $_->{'resource'} = "AppArmor Started";
            } elsif ($_->{'type'} eq 'subdomain_rmmod') {
                $_->{'resource'} = "AppArmor Stopped";
+
                # DROP logprof-hints
            } elsif ($_->{'type'} eq 'unknown_hat') {
                next;
+
                # DROP logprof-hints
            } elsif ($_->{'type'} eq 'changing_profile') {
                next;
+
                # DROP logprof-hints
            } elsif ($_->{'type'} eq 'fork') {
                next;
@@ -1271,6 +1302,7 @@ sub queryPostProcess {
        } else {
            $_->{'date'} = "0000-00-00 00:00:00";
        }
+
        # $_->{'time'} = undef;         # Don't need 'time', only 'date'
        if (!$_->{'host'})     { $_->{'host'}     = "-"; }
        if (!$_->{'date'})     { $_->{'date'}     = "-"; }
@@ -1294,13 +1326,12 @@ sub queryPostProcess {
    }

    return \@newDb;
-
 }

 # Creates single hashref for the various filters
 sub setFormFilters {
-
    my $args  = shift;
+
    my $filts = undef;

    if ($args) {
@@ -1321,25 +1352,40 @@ sub setFormFilters {
 # helper for getSirFilters()
 # Makes gui-centric filters querying-friendly
 sub rewriteFilters {
-
    my $filts = shift;

    # Clear unnecessary filters
-	for (keys(%$filts)) { if ( $filts->{$_} eq "All" ) { delete($filts->{$_}); } }
+    for (keys(%$filts)) {
+        if ($filts->{$_} eq "All") { delete($filts->{$_}); }
+    }

-    if ($filts->{'prog'} && ($filts->{'prog'} eq "-" || $filts->{'prog'} eq "All") ) {
+    if ($filts->{'prog'}
+        && ($filts->{'prog'} eq "-" || $filts->{'prog'} eq "All"))
+    {
        delete($filts->{'prog'});
    }
-    if ($filts->{'profile'} && ($filts->{'profile'} eq "-") ) { delete($filts->{'profile'}); }
-    if ($filts->{'pid'} && ($filts->{'pid'} eq "-") ) { delete($filts->{'pid'}); }
-    if ($filts->{'severity'} && ($filts->{'severity'} eq "-") ) { delete($filts->{'severity'}); }
-    if ($filts->{'resource'} && ($filts->{'resource'} eq "-") ) { delete($filts->{'resource'}); }
+    if ($filts->{'profile'} && ($filts->{'profile'} eq "-")) {
+        delete($filts->{'profile'});
+    }
+    if ($filts->{'pid'} && ($filts->{'pid'} eq "-")) {
+        delete($filts->{'pid'});
+    }
+    if ($filts->{'severity'} && ($filts->{'severity'} eq "-")) {
+        delete($filts->{'severity'});
+    }
+    if ($filts->{'resource'} && ($filts->{'resource'} eq "-")) {
+        delete($filts->{'resource'});
+    }

-    if ($filts->{'mode'} && ($filts->{'mode'} eq "-" || $filts->{'mode'} eq "All") ) {
+    if ($filts->{'mode'}
+        && ($filts->{'mode'} eq "-" || $filts->{'mode'} eq "All"))
+    {
        delete($filts->{'mode'});
    }

-    if ($filts->{'sdmode'} && ($filts->{'sdmode'} eq "-" || $filts->{'sdmode'} eq "All") ) {
+    if ($filts->{'sdmode'}
+        && ($filts->{'sdmode'} eq "-" || $filts->{'sdmode'} eq "All"))
+    {
        delete($filts->{'sdmode'});
    }
    ############################################################
@@ -1351,8 +1397,8 @@ sub rewriteFilters {

 # returns ref to active filters for the specific SIR report
 sub getSirFilters {
-
    my $args    = shift;
+
    my $repName = undef;

    if ($args && $args->{'name'}) {
@@ -1392,8 +1438,8 @@ sub getSirFilters {

 # deprecated (pre-xml)
 sub OldgetSirFilters {
-
    my $args    = shift;
+
    my $repName = undef;

    if ($args && $args->{'name'}) {
@@ -1424,12 +1470,13 @@ sub OldgetSirFilters {
            $info =~ s/\s+//g;
            $name =~ s/^\s+//;
            $name =~ s/\s+$//;
-            my ($mailtype, $filters, $email, $lastRun) = split(/\s*:\s*/, $info, 4);
+            my ($mailtype, $filters, $email, $lastRun) =
+              split(/\s*:\s*/, $info, 4);

            $rec->{'name'} = $name;
            $rec->{'name'} =~ s/\"//g;
-            ($rec->{'prog'}, $rec->{'profile'}, $rec->{'pid'}, $rec->{'resource'},
-            $rec->{'severity'}, $rec->{'sdmode'}, $rec->{'mode'}) = split(/\,/, $filters, 7);
+            ($rec->{'prog'}, $rec->{'profile'}, $rec->{'pid'}, $rec->{'resource'}, $rec->{'severity'}, $rec->{'sdmode'}, $rec->{'mode'}) =
+              split(/\,/, $filters, 7);

        }

@@ -1457,8 +1504,8 @@ sub OldgetSirFilters {

 # Main SIR report generator
 sub getEvents {
-
    my ($query, $start, $end, $dbFile) = @_;
+
    my @events   = ();
    my $prevTime = 0;
    my $prevDate = '0';
@@ -1481,9 +1528,7 @@ sub getEvents {
    # Pull stuff from db
    my $dbh = DBI->connect("dbi:SQLite:dbname=$eventDb", "", "", { RaiseError => 1, AutoCommit => 1 });
    my $all = undef;
-	eval {
-	    $all = $dbh->selectall_arrayref("$query");
-	};
+    eval { $all = $dbh->selectall_arrayref("$query"); };

    if ($@) {
        ycp::y2error(sprintf(gettext("DBI Execution failed: %s."), $DBI::errstr));
@@ -1494,12 +1539,13 @@ sub getEvents {

    for my $row (@$all) {
        my $rec = undef;
-        ($rec->{'id'}, $rec->{'time'}, $rec->{'counter'}, $rec->{'pid'}, $rec->{'sdmode'}, $rec->{'type'},
-            $rec->{'mode'}, $rec->{'resource'}, $rec->{'target'}, $rec->{'profile'}, $rec->{'prog'}, $rec->{'severity'} ) = @$row;
+        ($rec->{'id'}, $rec->{'time'}, $rec->{'counter'}, $rec->{'pid'}, $rec->{'sdmode'}, $rec->{'type'}, $rec->{'mode'}, $rec->{'resource'}, $rec->{'target'}, $rec->{'profile'}, $rec->{'prog'}, $rec->{'severity'}) = @$row;

        # Give empty record values a default value
        if (!$rec->{'host'}) { $rec->{'host'} = $hostName; }
-		for (keys(%$rec)) { if ( !$rec->{$_} ) { $rec->{$_} = '-'; } } 
+        for (keys(%$rec)) {
+            if (!$rec->{$_}) { $rec->{$_} = '-'; }
+        }

        # Change 'time' to date
        if ($rec->{'time'} && $rec->{'time'} == $prevTime) {
@@ -1529,8 +1575,8 @@ sub getEvents {
 # Archived Reports Stuff -- Some of this would go away in an ideal world
 ################################################################################
 sub getArchReport {
-
    my $args     = shift;
+
    my @rec      = ();
    my $eventRep = "/var/log/apparmor/reports/events.rpt";

@@ -1547,6 +1593,7 @@ sub getArchReport {

        my $id    = 1;
        my $slurp = 0;
+
        #my $numPages = 0;

        my $prevTime = undef;
@@ -1558,6 +1605,7 @@ sub getArchReport {

            # Why not get rid of page and just do divide by $i later?
            if (/Page/) {
+
                #		$numPages++;
                chomp;
                if ($_ eq "Page $page") {
@@ -1569,8 +1617,7 @@ sub getArchReport {

                chomp;

-				($db->{'host'}, $db->{'time'}, $db->{'prog'}, $db->{'profile'},  $db->{'pid'},  $db->{'severity'},
-				$db->{'mode'}, $db->{'denyRes'}, $db->{'sdmode'} ) = split(/\,/, $_);
+                ($db->{'host'}, $db->{'time'}, $db->{'prog'}, $db->{'profile'}, $db->{'pid'}, $db->{'severity'}, $db->{'mode'}, $db->{'denyRes'}, $db->{'sdmode'}) = split(/\,/, $_);

                # Convert epoch time to date
                if ($db->{'time'} == $prevTime) {
@@ -1588,7 +1635,6 @@ sub getArchReport {
            }
        }

-
        close REP;

    } else {
@@ -1600,9 +1646,9 @@ sub getArchReport {
 }

 sub writeEventReport {
-
    my ($db, $args) = @_;    # Filters for date, && regexp
 #    my $type = shift || undef;
+
    my $eventRep = "/var/log/apparmor/reports/events.rpt";

    # Not sure if this is needed anymore, but it messes up archived SIR reports
@@ -1645,7 +1691,6 @@ sub writeEventReport {
 }

 sub prepSingleLog {
-
    my $args = shift;

    my $dir      = '/var/log/apparmor/reports-archived';
@@ -1668,6 +1713,7 @@ sub prepSingleLog {
    if (open(RREP, "<$dir/$readFile")) {

        if (open(WREP, ">$eventRep")) {
+
 #	            print WREP "Page $numPages\n";
            $numPages++;

@@ -1706,7 +1752,6 @@ sub prepSingleLog {

 # Cats files in specified directory for easier parsing
 sub prepArchivedLogs {
-
    my $args = shift;

    my $dir      = '/var/log/apparmor/reports-archived';
@@ -1727,32 +1772,46 @@ sub prepArchivedLogs {
    }

    # Check to see if we need to use filters
-    if ( $args->{'mode'} && ( $args->{'mode'} =~ /All/ || $args->{'mode'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'mode'}
+        && ($args->{'mode'} =~ /All/ || $args->{'mode'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'mode'});
    }
-    if ( $args->{'sdmode'} && ( $args->{'sdmode'} =~ /All/ || $args->{'sdmode'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'sdmode'}
+        && ($args->{'sdmode'} =~ /All/ || $args->{'sdmode'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'sdmode'});
    }
-    if ( $args->{'resource'} && ( $args->{'resource'} =~ /All/ || $args->{'resource'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'resource'}
+        && ($args->{'resource'} =~ /All/ || $args->{'resource'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'resource'});
    }
-    if ( $args->{'sevLevel'} && ( $args->{'sevLevel'} =~ /All/ || $args->{'sevLevel'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'sevLevel'}
+        && ($args->{'sevLevel'} =~ /All/ || $args->{'sevLevel'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'sevLevel'});
    }

-	if ( $args->{'prog'} || $args->{'profile'} || $args->{'pid'} || $args->{'denyRes'} || 
-			$args->{'mode'} || $args->{'sdmode'} || ($args->{'startdate'} && $args->{'enddate'} ) ) { 
+    if (   $args->{'prog'}
+        || $args->{'profile'}
+        || $args->{'pid'}
+        || $args->{'denyRes'}
+        || $args->{'mode'}
+        || $args->{'sdmode'}
+        || ($args->{'startdate'} && $args->{'enddate'}))
+    {

        $useFilters = 1;
    }
    ############################################################

-
    # Get list of files in archived report directory
    if (opendir(RDIR, $dir)) {

        my @firstPass = grep(/csv/, readdir(RDIR));
-        @repList = grep(!/Applications.Audit|Executive.Security.Summary/, @firstPass);
+        @repList =
+          grep(!/Applications.Audit|Executive.Security.Summary/, @firstPass);
        close RDIR;

    } else {
@@ -1831,8 +1890,8 @@ sub prepArchivedLogs {

 # Similar to parseLog(), but expects @db to be passed
 sub parseMultiDb {
-
    my ($args, @db) = @_;
+
    my @newDb = ();

    my $error     = undef;
@@ -1863,9 +1922,7 @@ sub parseMultiDb {
        if ($args->{'profile'}) { next unless /$args->{'profile'}/; }

        # Need (epoch) 'time' element here, do we want to store 'date' instead?
-        ($rec->{'host'},$rec->{'time'},$rec->{'prog'},$rec->{'profile'},
-        $rec->{'pid'},$rec->{'sevLevel'},$rec->{'mode'}, $rec->{'resource'}, $rec->{'sdmode'})
-            = split(/\,/, $_);
+        ($rec->{'host'}, $rec->{'time'}, $rec->{'prog'}, $rec->{'profile'}, $rec->{'pid'}, $rec->{'sevLevel'}, $rec->{'mode'}, $rec->{'resource'}, $rec->{'sdmode'}) = split(/\,/, $_);

 # Make sure we get the time/date ref. name right.  If it's $args->"time",
 # the arg will be converted to a human-friendly "date" ref in writeEventReport().
@@ -1878,7 +1935,10 @@ sub parseMultiDb {
        if ($args->{'pid'} && $args->{'pid'} ne '-') {
            next unless ($args->{'pid'} eq $rec->{'pid'});
        }
-        if ( $args->{'sevLevel'} && $args->{'sevLevel'} ne "00" && $args->{'sevLevel'} ne '-' ) {
+        if (   $args->{'sevLevel'}
+            && $args->{'sevLevel'} ne "00"
+            && $args->{'sevLevel'} ne '-')
+        {
            if ($args->{'sevLevel'} eq "U") { $args->{'sevLevel'} = '-1'; }
            next unless ($args->{'sevLevel'} eq $rec->{'sevLevel'});
        }
@@ -1890,6 +1950,7 @@ sub parseMultiDb {
            next unless ($args->{'denyRes'} eq $rec->{'denyRes'});
        }
        if ($args->{'sdmode'} && $args->{'sdmode'} ne '-') {
+
            # Needs reversal of comparison for sdmode
            next unless ($rec->{'sdmode'} =~ /$args->{'sdmode'}/);
        }
@@ -1903,7 +1964,6 @@ sub parseMultiDb {

 # Grab & filter events from archived reports (.csv files)
 sub parseLog {
-
    my $args = shift;

    my @db       = ();
@@ -1926,16 +1986,24 @@ sub parseLog {
    }

 #if ( $args->{'mode'} && ( $args->{'mode'} =~ /All/ || $args->{'mode'} =~ /\s*\-\s*/) ) {}
-	if ( $args->{'mode'} && ( $args->{'mode'} =~ /All/ || $args->{'mode'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'mode'}
+        && ($args->{'mode'} =~ /All/ || $args->{'mode'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'mode'});
    }
-	if ( $args->{'sdmode'} && ( $args->{'sdmode'} =~ /All/ || $args->{'sdmode'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'sdmode'}
+        && ($args->{'sdmode'} =~ /All/ || $args->{'sdmode'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'sdmode'});
    }
-	if ( $args->{'resource'} && ( $args->{'resource'} =~ /All/ || $args->{'resource'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'resource'}
+        && ($args->{'resource'} =~ /All/ || $args->{'resource'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'resource'});
    }
-	if ( $args->{'sevLevel'} && ( $args->{'sevLevel'} =~ /All/ || $args->{'sevLevel'} =~ /^\s*-\s*$/) ) {
+    if ($args->{'sevLevel'}
+        && ($args->{'sevLevel'} =~ /All/ || $args->{'sevLevel'} =~ /^\s*-\s*$/))
+    {
        delete($args->{'sevLevel'});
    }

@@ -1959,9 +2027,7 @@ sub parseLog {
            if ($args->{'profile'}) { next unless /$args->{'profile'}/; }

            # Need (epoch) 'time' element here, do we want to store 'date' instead?
-			($rec->{'host'},$rec->{'time'},$rec->{'prog'},$rec->{'profile'},
-			$rec->{'pid'},$rec->{'sevLevel'},$rec->{'mode'}, $rec->{'resource'}, $rec->{'sdmode'}) 
-				= split(/\,/, $_);
+            ($rec->{'host'}, $rec->{'time'}, $rec->{'prog'}, $rec->{'profile'}, $rec->{'pid'}, $rec->{'sevLevel'}, $rec->{'mode'}, $rec->{'resource'}, $rec->{'sdmode'}) = split(/\,/, $_);

 # Make sure we get the time/date ref. name right.  If it's $args->"time",
 # the arg will be converted to a human-friendly "date" ref in writeEventReport().
@@ -1974,7 +2040,10 @@ sub parseLog {
            if ($args->{'pid'} && $args->{'pid'} ne '-') {
                next unless ($args->{'pid'} eq $rec->{'pid'});
            }
-			if ( $args->{'sevLevel'} && $args->{'sevLevel'} ne "00" && $args->{'sevLevel'} ne '-' ) { 
+            if (   $args->{'sevLevel'}
+                && $args->{'sevLevel'} ne "00"
+                && $args->{'sevLevel'} ne '-')
+            {
                next unless ($args->{'sevLevel'} eq $rec->{'sevLevel'});
            }
            if ($args->{'mode'} && $args->{'mode'} ne '-') {
@@ -1984,6 +2053,7 @@ sub parseLog {
                next unless ($args->{'denyRes'} eq $rec->{'denyRes'});
            }
            if ($args->{'sdmode'} && $args->{'sdmode'} ne '-') {
+
                # Needs reversal of comparison for sdmode
                next unless ($rec->{'sdmode'} =~ /$args->{'sdmode'}/);
            }
@@ -2036,7 +2106,6 @@ sub parseLog {

 # deprecated -- replaced by better SQL queries
 sub OLDgetEssStats {
-
    my $args = shift;

    my $prevTime  = '0';
@@ -2077,9 +2146,15 @@ sub OLDgetEssStats {
                        $hdb->{'numEvents'}++;                      # tally all events reported for host

                        if ($ev->{'sdmode'}) {
-                            if ( $ev->{'sdmode'} =~ /PERMIT/ ) { $hdb->{'numPermits'}++; }
-                            if ( $ev->{'sdmode'} =~ /REJECT/ ) { $hdb->{'numRejects'}++; }
-                            if ( $ev->{'sdmode'} =~ /AUDIT/ ) { $hdb->{'numAudits'}++; }
+                            if ($ev->{'sdmode'} =~ /PERMIT/) {
+                                $hdb->{'numPermits'}++;
+                            }
+                            if ($ev->{'sdmode'} =~ /REJECT/) {
+                                $hdb->{'numRejects'}++;
+                            }
+                            if ($ev->{'sdmode'} =~ /AUDIT/) {
+                                $hdb->{'numAudits'}++;
+                            }
                        }

                        # Add stats to host entry
@@ -2106,6 +2181,7 @@ sub OLDgetEssStats {

                $rec->{'host'}      = $ev->{'host'};
                $rec->{'startdate'} = $startDate;
+
                #$rec->{'startdate'} = $ev->{'date'};

                if ($endDate) {
@@ -2162,8 +2238,12 @@ sub OLDgetEssStats {
        }

        # Convert dates
-        if ($_->{'startdate'} !~ /:/) {$_->{'startdate'} = Immunix::Reports::getDate($startDate); }
-        if ($_->{'enddate'} !~ /:/) { $_->{'enddate'} = Immunix::Reports::getDate($_->{'enddate'}); }
+        if ($_->{'startdate'} !~ /:/) {
+            $_->{'startdate'} = Immunix::Reports::getDate($startDate);
+        }
+        if ($_->{'enddate'} !~ /:/) {
+            $_->{'enddate'} = Immunix::Reports::getDate($_->{'enddate'});
+        }

 # Delete stuff that we may use in later versions (YaST is a silly, silly data handler)
        delete($_->{'sevTotal'});
@@ -2177,6 +2257,5 @@ sub OLDgetEssStats {
    return (\@hostDb);
 }

-
 1;

--- a/utils/Severity.pm
+++ b/utils/Severity.pm
@@ -9,7 +9,6 @@
 #
 # ------------------------------------------------------------------

-
 package Immunix::Severity;
 use strict;
 use Data::Dumper;
@@ -38,18 +37,24 @@ sub init ($;$) {
    $self = shift;
    $self->{DATABASENAME} = shift;
    $self->{DEFAULT_RANK} = shift if defined $_[0];
-  open(DATABASE, $self->{DATABASENAME}) or die "Could not open severity db $self->{DATABASENAME}: $!\n";
+    open(DATABASE, $self->{DATABASENAME})
+      or die "Could not open severity db $self->{DATABASENAME}: $!\n";
    while (<DATABASE>) {
        chomp();
        next if m/^\s*#/;
        next if m/^\s*$/;
+
        # leading whitespace is fine; maybe it shouldn't be?
        if (/^\s*\/(\S+)\s+(\d+)\s+(\d+)\s+(\d+)\s*$/) {
            my ($path, $read, $write, $execute) = ($1, $2, $3, $4);

            if (index($path, "*") == -1) {

-        $self->{FILES}{$path} = { r => $read, w => $write, x => $execute };
+                $self->{FILES}{$path} = {
+                    r => $read,
+                    w => $write,
+                    x => $execute
+                };

            } else {

@@ -60,7 +65,11 @@ sub init ($;$) {
                    if (index($piece, "*") != -1) {
                        my $path = join("/", $piece, @pieces);
                        my $regexp = convert_regexp($path);
-            $ptr->{$regexp}{SD_RANK} = { r => $read, w => $write, x => $execute };
+                        $ptr->{$regexp}{SD_RANK} = {
+                            r => $read,
+                            w => $write,
+                            x => $execute
+                        };
                        last;
                    } else {
                        $ptr->{$piece} = {} unless exists $ptr->{$piece};
@@ -125,10 +134,13 @@ sub check_subtree {
            # does it match the rest of our path?
            if ($path =~ /^$chunk$/) {

-        # if we've got a ranking, check if it's higher than current one, if any
+                # if we've got a ranking, check if it's higher than
+                # current one, if any
                if ($tree->{$chunk}->{SD_RANK}) {
                    for my $m (split(//, $mode)) {
-            if((! defined $sev) || $tree->{$chunk}->{SD_RANK}->{$m} > $sev) {
+                        if ((!defined $sev)
+                            || $tree->{$chunk}->{SD_RANK}->{$m} > $sev)
+                        {
                            $sev = $tree->{$chunk}->{SD_RANK}->{$m};
                        }
                    }
@@ -140,7 +152,6 @@ sub check_subtree {
    return $sev;
 }

-
 sub handle_file ($$) {
    my ($self, $resource, $mode) = @_;

@@ -173,9 +184,9 @@ sub handle_file ($$) {
    return (defined $sev) ? $sev : $self->{DEFAULT_RANK};
 }

-
 sub rank ($;$) {
    my ($self, $resource, $mode) = @_;
+
    if (substr($resource, 0, 1) eq "/") {
        return $self->handle_file($resource, $mode);
    } elsif (substr($resource, 0, 3) eq "CAP") {
@@ -187,16 +198,22 @@ sub rank ($;$) {

 sub convert_regexp ($) {
    my ($input) = shift;
+
    # we need to convert subdomain regexps to perl regexps
    my $regexp = $input;
+
    # escape + . [ and ] characters
    $regexp =~ s/(\+|\.|\[|\])/\\$1/g;
+
    # convert ** globs to match anything
    $regexp =~ s/\*\*/.SDPROF_INTERNAL_GLOB/g;
+
    # convert * globs to match anything at current path level
    $regexp =~ s/\*/[^\/]SDPROF_INTERNAL_GLOB/g;
+
    # convert {foo,baz} to (foo|baz)
    $regexp =~ y/\{\}\,/\(\)\|/ if $regexp =~ /\{.*\,.*\}/;
+
    # twiddle the escaped * chars back
    $regexp =~ s/SDPROF_INTERNAL_GLOB/\*/g;
    return $regexp;
--- a/utils/SubDomain.pm
+++ b/utils/SubDomain.pm
--- a/utils/aa-eventd
+++ b/utils/aa-eventd
@@ -53,9 +53,7 @@ my $syslogfile  = "/var/log/messages";
 # options variables
 my $pidfile = '';

-GetOptions(
-  'pidfile|p=s'     => \$pidfile
-);
+GetOptions('pidfile|p=s' => \$pidfile);

 my $DEBUG = 0;

@@ -207,7 +205,8 @@ sub connect_database ($) {

    # create the events table
    unless ($existing_tables{events}) {
-    $dbh->do("CREATE TABLE events (
+        $dbh->do(
+            "CREATE TABLE events (
                id       INTEGER PRIMARY KEY AUTOINCREMENT,
                time     INTEGER NOT NULL,
                counter  INTEGER NOT NULL,
@@ -220,7 +219,8 @@ sub connect_database ($) {
                profile,
                prog,
                severity INTEGER
-              )");
+              )"
+        );

        # set up the indexes we want
        my @indexes = qw(time type sdmode mode resource profile prog severity);
@@ -270,6 +270,7 @@ sub verbose_notify_handler {
                my $count = scalar @events;
                errlog "[$count events] sending verbose notification to $email.";
            }
+
            # actually send out the notification...
            open(MAIL, "| sendmail -F 'AppArmor Security Notification' $email");
            print MAIL "To: $email\n";
@@ -314,6 +315,7 @@ sub summary_notify_handler {
                my $count = scalar @events;
                errlog "[$count events] sending summary notification to $email.";
            }
+
            # actually send out the notification...
            open(MAIL, "| sendmail -F 'AppArmor Security Notification' $email");
            print MAIL "To: $email\n";
@@ -338,7 +340,6 @@ sub terse_notify_handler {
    my $host = `hostname -f`;
    chomp $host;

-
    my @events;
    my $count = 0;
    if (open(V, $file)) {
@@ -426,6 +427,7 @@ sub process_event ($$) {
            $lasttime  = $time;
        }
    } else {
+
        # not one of ours, just return
        return;
    }
@@ -463,22 +465,25 @@ sub process_event ($$) {

            # we only do notification for enforce mode events
            if ($config->{verbose_freq}) {
-        if(($severity >= $config->{verbose_level}) ||
-          (($severity == -1) && $config->{verbose_unknown})) {
+                if (   ($severity >= $config->{verbose_level})
+                    || (($severity == -1) && $config->{verbose_unknown}))
+                {
                    push @verbose_buffer, [ $timestamp, $counter, $logmsg ];
                }
            }

            if ($config->{summary_freq}) {
-        if(($severity >= $config->{summary_level}) ||
-          (($severity == -1) && $config->{summary_unknown})) {
+                if (   ($severity >= $config->{summary_level})
+                    || (($severity == -1) && $config->{summary_unknown}))
+                {
                    push @summary_buffer, [ $timestamp, $counter, "path", $prog, $mode, $resource ];
                }
            }

            if ($config->{terse_freq}) {
-        if(($severity >= $config->{terse_level}) ||
-          (($severity == -1) && $config->{terse_unknown})) {
+                if (   ($severity >= $config->{terse_level})
+                    || (($severity == -1) && $config->{terse_unknown}))
+                {
                    push @terse_buffer, [ $timestamp, $counter, "dummy" ];
                }
            }
@@ -499,22 +504,25 @@ sub process_event ($$) {

            # we only do notification for enforce mode events
            if ($config->{verbose_freq}) {
-        if(($severity >= $config->{verbose_level}) ||
-          (($severity == -1) && $config->{verbose_unknown})) {
+                if (   ($severity >= $config->{verbose_level})
+                    || (($severity == -1) && $config->{verbose_unknown}))
+                {
                    push @verbose_buffer, [ $timestamp, $counter, $logmsg ];
                }
            }

            if ($config->{summary_freq}) {
-        if(($severity >= $config->{summary_level}) ||
-          (($severity == -1) && $config->{summary_unknown})) {
+                if (   ($severity >= $config->{summary_level})
+                    || (($severity == -1) && $config->{summary_unknown}))
+                {
                    push @summary_buffer, [ $timestamp, $counter, "link", $prog, $link, $target ];
                }
            }

            if ($config->{terse_freq}) {
-        if(($severity >= $config->{terse_level}) ||
-          (($severity == -1) && $config->{terse_unknown})) {
+                if (   ($severity >= $config->{terse_level})
+                    || (($severity == -1) && $config->{terse_unknown}))
+                {
                    push @terse_buffer, [ $timestamp, $counter ];
                }
            }
@@ -534,22 +542,25 @@ sub process_event ($$) {

            # we only do notification for enforce mode events
            if ($config->{verbose_freq}) {
-        if(($severity >= $config->{verbose_level}) ||
-          (($severity == -1) && $config->{verbose_unknown})) {
+                if (   ($severity >= $config->{verbose_level})
+                    || (($severity == -1) && $config->{verbose_unknown}))
+                {
                    push @verbose_buffer, [ $timestamp, $counter, $logmsg ];
                }
            }

            if ($config->{summary_freq}) {
-        if(($severity >= $config->{summary_level}) ||
-          (($severity == -1) && $config->{summary_unknown})) {
+                if (   ($severity >= $config->{summary_level})
+                    || (($severity == -1) && $config->{summary_unknown}))
+                {
                    push @summary_buffer, [ $timestamp, $counter, "attrch", $prog, $resource, $attrch ];
                }
            }

            if ($config->{terse_freq}) {
-        if(($severity >= $config->{terse_level}) ||
-          (($severity == -1) && $config->{terse_unknown})) {
+                if (   ($severity >= $config->{terse_level})
+                    || (($severity == -1) && $config->{terse_unknown}))
+                {
                    push @terse_buffer, [ $timestamp, $counter ];
                }
            }
@@ -571,22 +582,25 @@ sub process_event ($$) {

            # we only do notification for enforce mode events
            if ($config->{verbose_freq}) {
-        if(($severity >= $config->{verbose_level}) ||
-          (($severity == -1) && $config->{verbose_unknown})) {
+                if (   ($severity >= $config->{verbose_level})
+                    || (($severity == -1) && $config->{verbose_unknown}))
+                {
                    push @verbose_buffer, [ $timestamp, $counter, $logmsg ];
                }
            }

            if ($config->{summary_freq}) {
-        if(($severity >= $config->{summary_level}) ||
-          (($severity == -1) && $config->{summary_unknown})) {
+                if (   ($severity >= $config->{summary_level})
+                    || (($severity == -1) && $config->{summary_unknown}))
+                {
                    push @summary_buffer, [ $timestamp, $counter, "path", $prog, $mode, $resource ];
                }
            }

            if ($config->{terse_freq}) {
-        if(($severity >= $config->{terse_level}) ||
-          (($severity == -1) && $config->{terse_unknown})) {
+                if (   ($severity >= $config->{terse_level})
+                    || (($severity == -1) && $config->{terse_unknown}))
+                {
                    push @terse_buffer, [ $timestamp, $counter, "dummy" ];
                }
            }
@@ -613,22 +627,25 @@ sub process_event ($$) {

            # we only do notification for enforce mode events
            if ($config->{verbose_freq}) {
-        if(($severity >= $config->{verbose_level}) ||
-          (($severity == -1) && $config->{verbose_unknown})) {
+                if (   ($severity >= $config->{verbose_level})
+                    || (($severity == -1) && $config->{verbose_unknown}))
+                {
                    push @verbose_buffer, [ $timestamp, $counter, $logmsg ];
                }
            }

            if ($config->{summary_freq}) {
-        if(($severity >= $config->{summary_level}) ||
-          (($severity == -1) && $config->{summary_unknown})) {
+                if (   ($severity >= $config->{summary_level})
+                    || (($severity == -1) && $config->{summary_unknown}))
+                {
                    push @summary_buffer, [ $timestamp, $counter, "path", $prog, $mode, $resource ];
                }
            }

            if ($config->{terse_freq}) {
-        if(($severity >= $config->{terse_level}) ||
-          (($severity == -1) && $config->{terse_unknown})) {
+                if (   ($severity >= $config->{terse_level})
+                    || (($severity == -1) && $config->{terse_unknown}))
+                {
                    push @terse_buffer, [ $timestamp, $counter, "dummy" ];
                }
            }
@@ -649,22 +666,25 @@ sub process_event ($$) {

            # we only do notification for enforce mode events
            if ($config->{verbose_freq}) {
-        if(($severity >= $config->{verbose_level}) ||
-          (($severity == -1) && $config->{verbose_unknown})) {
+                if (   ($severity >= $config->{verbose_level})
+                    || (($severity == -1) && $config->{verbose_unknown}))
+                {
                    push @verbose_buffer, [ $timestamp, $counter, $logmsg ];
                }
            }

            if ($config->{summary_freq}) {
-        if(($severity >= $config->{summary_level}) ||
-          (($severity == -1) && $config->{summary_unknown})) {
+                if (   ($severity >= $config->{summary_level})
+                    || (($severity == -1) && $config->{summary_unknown}))
+                {
                    push @summary_buffer, [ $timestamp, $counter, "capability", $prog, $capability ];
                }
            }

            if ($config->{terse_freq}) {
-        if(($severity >= $config->{terse_level}) ||
-          (($severity == -1) && $config->{terse_unknown})) {
+                if (   ($severity >= $config->{terse_level})
+                    || (($severity == -1) && $config->{terse_unknown}))
+                {
                    push @terse_buffer, [ $timestamp, $counter ];
                }
            }
@@ -716,22 +736,25 @@ sub process_event ($$) {

        # we only do notification for enforce mode events
        if ($config->{verbose_freq}) {
-      if(($severity >= $config->{verbose_level}) ||
-        (($severity == -1) && $config->{verbose_unknown})) {
+            if (   ($severity >= $config->{verbose_level})
+                || (($severity == -1) && $config->{verbose_unknown}))
+            {
                push @verbose_buffer, [ $timestamp, $counter, $logmsg ];
            }
        }

        if ($config->{summary_freq}) {
-      if(($severity >= $config->{summary_level}) ||
-        (($severity == -1) && $config->{summary_unknown})) {
+            if (   ($severity >= $config->{summary_level})
+                || (($severity == -1) && $config->{summary_unknown}))
+            {
                push @summary_buffer, [ $timestamp, $counter, "profile_replacement", $prog ];
            }
        }

        if ($config->{terse_freq}) {
-      if(($severity >= $config->{terse_level}) ||
-        (($severity == -1) && $config->{terse_unknown})) {
+            if (   ($severity >= $config->{terse_level})
+                || (($severity == -1) && $config->{terse_unknown}))
+            {
                push @terse_buffer, [ $timestamp, $counter ];
            }
        }
@@ -826,6 +849,7 @@ sub check_timers ($) {
        $inserts = 0;

        if (@verbose_buffer) {
+
            # if we've got verbose events, dump them
            dump_events("verbose", @verbose_buffer);

@@ -834,6 +858,7 @@ sub check_timers ($) {
        }

        if (@terse_buffer) {
+
            # if we've got terse events, dump them
            dump_events("terse", @terse_buffer);

@@ -954,12 +979,14 @@ sub get_last_event {
    my $dbh = shift;

    my ($time, $counter);
+
    # get the oldest timestamp...
    my $sth = $dbh->prepare('SELECT MAX(time) FROM events');
    $sth->execute;
    my @row = $sth->fetchrow_array || (0);
    $time = $row[0];
    if ($time) {
+
        # get the highest counter for this timestamp...
        $sth = $dbh->prepare("SELECT MAX(counter) FROM events WHERE time = $time");
        $sth->execute;
@@ -981,12 +1008,13 @@ sub sig_handler {

    errlog("Caught signal '$signame'.  Exiting...");
    $finished = 1;
-};
-
+}

 # set up our error log without buffering
 open(ERRLOG, ">>$dbdir/event-dispatch.log");
-my $oldfd = select(ERRLOG); $| = 1; select($oldfd);
+my $oldfd = select(ERRLOG);
+$| = 1;
+select($oldfd);

 errlog "Starting...";

@@ -1005,11 +1033,11 @@ $SIG{CHLD} = 'IGNORE';
 # Sigh, portable dates in perl sucks
 eval "use Date::Parse";
 if (!$@) {
-  $date_module = 'TimeDate'
+    $date_module = 'TimeDate';
 } else {
    eval "use Date::Manip";
    if (!$@) {
-    $date_module = 'DateManip'
+        $date_module = 'DateManip';
    } else {
        errlog "Unable to load Date module; use either TimeDate or Date::Manip";
        $finished = 1;
@@ -1028,14 +1056,31 @@ my $dbh = connect_database($dbdir);

 ($last_inserted_time, $last_inserted_counter) = get_last_event($dbh);

-my $auditlog=File::Tail->new(name=>$logfile, debug=>1, tail=>-1, interval=>1, maxinterval=>5, adjustafter=>20, errmode=>"return", ignore_noexistant=>1);
-my $syslog=File::Tail->new(name=>$syslogfile, debug=>1, tail=>-1, interval=>1, maxinterval=>5, adjustafter=>20, errmode=>"return", ignore_noexistant=>1);
+my $auditlog = File::Tail->new(
+    name              => $logfile,
+    debug             => 1,
+    tail              => -1,
+    interval          => 1,
+    maxinterval       => 5,
+    adjustafter       => 20,
+    errmode           => "return",
+    ignore_noexistant => 1
+);
+my $syslog = File::Tail->new(
+    name              => $syslogfile,
+    debug             => 1,
+    tail              => -1,
+    interval          => 1,
+    maxinterval       => 5,
+    adjustafter       => 20,
+    errmode           => "return",
+    ignore_noexistant => 1
+);
 my $line = '';

 # process complete lines from the buffer...
 while (not $finished) {
-  my ($nfound, $timeleft, @pending) =
-    File::Tail::select(undef, undef, undef, $timeout, ($auditlog, $syslog));
+    my ($nfound, $timeleft, @pending) = File::Tail::select(undef, undef, undef, $timeout, ($auditlog, $syslog));

    foreach (@pending) {
        process_event($dbh, $_->read);
@@ -1043,7 +1088,7 @@ while (not $finished) {

    # see if we should flush pending entries to disk and/or do notification
    check_timers($dbh);
-};
+}

 # make sure we don't exit with any pending events not written to the db
 $dbh->commit     || errlog "Error commiting changes: $!";
--- a/utils/audit
+++ b/utils/audit
@@ -103,7 +103,8 @@ for my $profiling (@profiling) {
        print "\n";
        setprofileflags($filename, "audit");

-    system("cat $filename | $parser -I$profiledir -r >/dev/null 2>&1") if check_for_subdomain();
+        system("cat $filename | $parser -I$profiledir -r >/dev/null 2>&1")
+          if check_for_subdomain();
    } else {
        if ($profiling =~ /^[^\/]+$/) {
            UI_Info(sprintf(gettext('Can\'t find %s in the system path list.  If the name of the application is correct, please run \'which %s\' as a user with the correct PATH environment set up in order to find the fully-qualified path.'), $profiling, $profiling));
--- a/utils/autodep
+++ b/utils/autodep
@@ -21,7 +21,6 @@
 #    you may find current contact information at www.novell.com.
 # ----------------------------------------------------------------------

-
 use strict;
 use FindBin;
 use Getopt::Long;
@@ -101,7 +100,6 @@ for my $profiling (@profiling) {
        }
    }

-
    if (-e $fqdbin) {
        if (-e getprofilefilename($fqdbin) && !$force) {
            UI_Info(sprintf(gettext('Profile for %s already exists - skipping.'), $fqdbin));
--- a/utils/complain
+++ b/utils/complain
@@ -103,7 +103,8 @@ for my $profiling (@profiling) {
        print "\n";
        setprofileflags($filename, "complain");

-    system("cat $filename | $parser -I$profiledir -r >/dev/null 2>&1") if check_for_subdomain();
+        system("cat $filename | $parser -I$profiledir -r >/dev/null 2>&1")
+          if check_for_subdomain();
    } else {
        if ($profiling =~ /^[^\/]+$/) {
            UI_Info(sprintf(gettext('Can\'t find %s in the system path list.  If the name of the application is correct, please run \'which %s\' as a user with the correct PATH environment set up in order to find the fully-qualified path.'), $profiling, $profiling));
--- a/utils/enforce
+++ b/utils/enforce
@@ -102,7 +102,8 @@ for my $profiling (@profiling) {
        print "\n";
        setprofileflags($filename, "");

-    system("cat $filename | $parser -I$profiledir -r >/dev/null 2>&1") if check_for_subdomain();
+        system("cat $filename | $parser -I$profiledir -r >/dev/null 2>&1")
+          if check_for_subdomain();
    } else {
        if ($profiling =~ /^[^\/]+$/) {
            UI_Info(sprintf(gettext('Can\'t find %s in the system path list.  If the name of the application is correct, please run \'which %s\' as a user with the correct PATH environment set up in order to find the fully-qualified path.'), $profiling, $profiling));
--- a/utils/genprof
+++ b/utils/genprof
@@ -66,7 +66,8 @@ unless(-d $profiledir) {
 my $profiling = shift;

 unless ($profiling) {
-  $profiling = UI_GetString(gettext("Please enter the program to profile: "), "") || exit 0;
+    $profiling = UI_GetString(gettext("Please enter the program to profile: "), "")
+      || exit 0;
 }

 my $fqdbin;
@@ -101,7 +102,6 @@ if($qualifiers{$fqdbin}) {
    }
 }

-
 # load all the include files
 loadincludes();

@@ -174,7 +174,6 @@ sub usage {
 }

 sub last_audit_entry_time {
-  
    local $_ = `tail -1 /var/log/audit/audit.log`;
    my $logmark;
    if (/^*msg\=audit\((\d+\.\d+\:\d+).*\).*$/) {
--- a/utils/unconfined
+++ b/utils/unconfined
@@ -34,7 +34,6 @@ use POSIX;
 setlocale(LC_MESSAGES, "");
 textdomain("apparmor-utils");

-
 # options variables
 my $paranoid = '';
 my $help     = '';
@@ -54,7 +53,8 @@ sub usage {

 my $subdomainfs = check_for_subdomain();

-die gettext("SubDomain does not appear to be started. Please enable SubDomain and try again.")."\n"  unless $subdomainfs;
+die gettext("SubDomain does not appear to be started. Please enable SubDomain and try again.") . "\n"
+  unless $subdomainfs;

 my @pids;
 if ($paranoid) {
@@ -65,7 +65,8 @@ if($paranoid) {
    if (open(NETSTAT, "/bin/netstat -nlp |")) {
        while (<NETSTAT>) {
            chomp;
-      push @pids, $5 if /^(tcp|udp)\s+\d+\s+\d+\s+\S+\:(\d+)\s+\S+\:(\*|\d+)\s+(LISTEN|\s+)\s+(\d+)\/(\S+)/;
+            push @pids, $5
+              if /^(tcp|udp)\s+\d+\s+\d+\s+\S+\:(\d+)\s+\S+\:(\*|\d+)\s+(LISTEN|\s+)\s+(\d+)\/(\S+)/;
        }
        close(NETSTAT);
    }
@@ -83,6 +84,7 @@ for my $pid (sort { $a <=> $b } @pids) {
    }
    if (not $attr) {
        if ($prog =~ m/^(\/usr\/bin\/python|\/usr\/bin\/perl|\/bin\/bash)$/) {
+
            #my $scriptname = (split(/\0/, `cat /proc/$pid/cmdline`))[1];
            my $cmdline = `cat /proc/$pid/cmdline`;
            $cmdline =~ s/\0/ /g;
@@ -94,6 +96,7 @@ for my $pid (sort { $a <=> $b } @pids) {
        }
    } else {
        if ($prog =~ m/^(\/usr\/bin\/python|\/usr\/bin\/perl|\/bin\/bash)$/) {
+
            #my $scriptname = (split(/\0/, `cat /proc/$pid/cmdline`))[1];
            my $cmdline = `cat /proc/$pid/cmdline`;
            $cmdline =~ s/\0/ /g;