mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-22 01:57:43 +00:00
Code Issues Releases Wiki Activity
apparmor/libraries/libapparmor/testsuite
History
John Johansen 0349cf2d0a libapparmor: logparse: fix RECORD_INVALID for valid log 
v2:
- parse partial log line broken at \n
- add testcase_dbus_10.* for partial log line
- remove quotes from  testcasw_dbus_09.profile

The following log format has been seen in the wild, and currently results
in a RECORD_INVALID

    [4835959.046111] audit: type=1107 audit(1561053426.749:186): pid=640 uid=103 auid=4294967295 ses=4294967295 msg='apparmor="ALLOWED" operation="dbus_method_call"  bus="system" path="/org/freedesktop/systemd1" interface="org.freedesktop.systemd1.Manager" member="LookupDynamicUserByName" mask="send" name="org.freedesktop.systemd1" pid=20596 label="/usr/sbin/sshd" peer_pid=1 peer_label="unconfined"
                      exe="/usr/bin/dbus-daemon" sauid=103 hostname=? addr=? terminal=?'

Test parsing the above message with and without the \n embedded between
peer_label= and exec=

Acked-by: Seth Arnold <seth.arnold@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
2019-07-02 01:01:37 -07:00
..
config
move libapparmor into the libraries directory
2008-05-19 22:48:31 +00:00
lib
move libapparmor into the libraries directory
2008-05-19 22:48:31 +00:00
libaalogparse.test
move libapparmor into the libraries directory
2008-05-19 22:48:31 +00:00
test_multi
libapparmor: logparse: fix RECORD_INVALID for valid log
2019-07-02 01:01:37 -07:00
Makefile.am
libapparmor: Don't print shell commands that check for test failures
2017-04-20 20:16:25 +00:00
test_multi.c
libapparmor: logparse: fix RECORD_INVALID for valid log
2019-07-02 01:01:37 -07:00