The following patch extends the libraries log parsing to support more date

time formats. As this is causing failures on some systems

currently the only supported format is
  <Month> ## hh:mm:ss

extend this to
  <Month> ## hh:mm:ss(.ms)?((+|-)timezone)?

  yyyy-mm-dd hh:mm:ss(.ms)?((+|-)timezone)?

  yyyy-mm-ddThh:mm:ss(.ms)?((+|-)timezone)?

libraries/libapparmor/src/grammar.y

@@ -81,7 +81,7 @@ aa_record_event_type lookup_aa_event(unsigned int type)
 %type <t_str> safe_string protocol
 %token <t_long> TOK_DIGITS TOK_TYPE_UNKNOWN
 %token <t_str> TOK_QUOTED_STRING TOK_ID TOK_MODE TOK_DMESG_STAMP
-%token <t_str> TOK_AUDIT_DIGITS TOK_DATE_MONTH TOK_DATE_TIME
+%token <t_str> TOK_AUDIT_DIGITS TOK_DATE_MONTH TOK_DATE TOK_TIME
 %token <t_str> TOK_HEXSTRING TOK_TYPE_OTHER TOK_MSG_REST
 %token <t_str> TOK_IP_ADDR
 
@@ -203,7 +203,8 @@ audit_id: TOK_AUDIT TOK_OPEN_PAREN TOK_AUDIT_DIGITS TOK_PERIOD TOK_AUDIT_DIGITS
 		free($7);
 	} ;
 
-syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_DATE_TIME { /* do nothing? */ }
+syslog_date: TOK_DATE_MONTH TOK_DIGITS TOK_TIME { /* do nothing? */ }
+	| TOK_DATE TOK_TIME { /* do nothing */ }
 	;
 
 key_list: key

libraries/libapparmor/src/scanner.l

@@ -75,10 +75,12 @@ void string_buf_append(unsigned int length, char *text)
 ws		[ \t\r\n]
 
 equals		"="
-digits		[0-9]+
+digit		[[:digit:]]
+digits		{digit}+
 hex		[A-F0-9]
 colon		":"
 minus		"-"
+plus		"+"
 open_paren	"("
 close_paren	")"
 ID		[^ \t\n\(\)="'!]
@@ -144,8 +146,12 @@ ip_addr			[a-f[:digit:].:]{3,}
 
 /* syslog tokens */
 syslog_kernel		kernel{colon}
+syslog_yyyymmdd		{digit}{4}{minus}{digit}{2}{minus}{digit}{2}
+syslog_date		{syslog_yyyymmdd}
 syslog_month 		Jan(uary)?|Feb(ruary)?|Mar(ch)?|Apr(il)?|May|Jun(e)?|Jul(y)?|Aug(ust)?|Sep(tember)?|Oct(ober)?|Nov(ember)?|Dec(ember)?
-syslog_time 		{digits}{digits}{colon}{digits}{digits}{colon}{digits}{digits}
+hhmmss			{digit}{2}{colon}{digit}{2}{colon}{digit}{2}
+timezone		({plus}|{minus}){digit}{2}{colon}{digit}{2}
+syslog_time 		{hhmmss}({period}{digits})?{timezone}?
 syslog_hostname		[[:alnum:]_-]+
 dmesg_timestamp		\[[[:digit:] ]{5,}\.[[:digit:]]{6,}\]
 
@@ -291,7 +297,9 @@ yy_flex_debug = 0;
 
 {syslog_kernel}		{ BEGIN(dmesg_timestamp); return(TOK_SYSLOG_KERNEL); }
 {syslog_month}		{ yylval->t_str = strdup(yytext); return(TOK_DATE_MONTH); }
-{syslog_time}		{ yylval->t_str = strdup(yytext); BEGIN(hostname); return(TOK_DATE_TIME); }
+{syslog_date}		{ yylval->t_str = strdup(yytext); return(TOK_DATE); }
+{syslog_date}T/{syslog_time}	{ yylval->t_str = strndup(yytext, strlen(yytext)-1); return(TOK_DATE); }
+{syslog_time}		{ yylval->t_str = strdup(yytext); BEGIN(hostname); return(TOK_TIME); }
 
 {audit}			{ yy_push_state(audit_id, yyscanner); return(TOK_AUDIT); }
 

libraries/libapparmor/testsuite/test_multi/syslog_datetime_01.in

@@ -0,0 +1 @@
+Jan  1 15:09:04 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_01.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_01.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_02.in

@@ -0,0 +1 @@
+Jan  1 15:09:04+08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_02.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_02.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_03.in

@@ -0,0 +1 @@
+Jan  1 15:09:04.562575 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_03.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_03.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_04.in

@@ -0,0 +1 @@
+Jan  1 15:09:04.562575+08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_04.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_04.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_05.in

@@ -0,0 +1 @@
+Jan  1 15:09:04-08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_05.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_05.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_06.in

@@ -0,0 +1 @@
+Jan  1 15:09:04.562575-08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_06.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_06.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_07.in

@@ -0,0 +1 @@
+2013-01-01 15:09:04 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_07.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_07.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_08.in

@@ -0,0 +1 @@
+2013-01-01 15:09:04+08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_08.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_08.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_09.in

@@ -0,0 +1 @@
+2013-01-01 15:09:04.562575 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_09.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_09.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_10.in

@@ -0,0 +1 @@
+2013-01-01 15:09:04.562575+08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_10.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_10.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_11.in

@@ -0,0 +1 @@
+2013-01-01 15:09:04-08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_11.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_11.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_12.in

@@ -0,0 +1 @@
+2013-01-01 15:09:04.562575-08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_12.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_12.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_13.in

@@ -0,0 +1 @@
+2013-01-01T15:09:04 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_13.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_13.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_14.in

@@ -0,0 +1 @@
+2013-01-01T15:09:04+08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_14.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_14.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_15.in

@@ -0,0 +1 @@
+2013-01-01T15:09:04.562575 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_15.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_15.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_16.in

@@ -0,0 +1 @@
+2013-01-01T15:09:04.562575+08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_16.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_16.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_17.in

@@ -0,0 +1 @@
+2013-01-01T15:09:04-08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_17.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_17.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368

libraries/libapparmor/testsuite/test_multi/syslog_datetime_18.in

@@ -0,0 +1 @@
+2013-01-01T15:09:04.562575-08:00 localhost kernel: [ 1911.569682] type=1400 audit(1357024144.556:6368): apparmor="ALLOWED" operation="open" parent=5390 profile="/usr/lib/virtualbox/VBoxSVC//null-2d" name="/sys/class/power_supply/" pid=5457 comm=4143504920506F6C6C6572 requested_mask="r" denied_mask="r" fsuid=1000 ouid=0

libraries/libapparmor/testsuite/test_multi/syslog_datetime_18.out

@@ -0,0 +1,16 @@
+START
+File: test_multi/syslog_datetime_18.in
+Event type: AA_RECORD_ALLOWED
+Audit ID: 1357024144.556:6368
+Operation: open
+Mask: r
+Denied Mask: r
+fsuid: 1000
+ouid: 0
+Profile: /usr/lib/virtualbox/VBoxSVC//null-2d
+Name: /sys/class/power_supply/
+Command: ACPI Poller
+Parent: 5390
+PID: 5457
+Epoch: 1357024144
+Audit subid: 6368