diff --git a/apparmor.d/profiles-a-f/aa-log b/apparmor.d/profiles-a-f/aa-log index fb6cb82a4..96cfa3c02 100644 --- a/apparmor.d/profiles-a-f/aa-log +++ b/apparmor.d/profiles-a-f/aa-log @@ -12,7 +12,7 @@ profile aa-log @{exec_path} { @{exec_path} mr, - /var/log/audit/audit.log r, + /var/log/audit/audit.log* r, @{sys}/kernel/mm/transparent_hugepage/hpage_pmd_size r, diff --git a/cmd/aa-log/main.go b/cmd/aa-log/main.go index 3a5c8e9cd..74caf3e7f 100644 --- a/cmd/aa-log/main.go +++ b/cmd/aa-log/main.go @@ -6,6 +6,7 @@ package main import ( "bufio" + "flag" "fmt" "os" "path/filepath" @@ -13,7 +14,13 @@ import ( "strings" ) -// LogFile is the path to the file to query +// Command line options +var ( + help bool + path string +) + +// LogFile is the default path to the file to query const LogFile = "/var/log/audit/audit.log" // Colors @@ -157,12 +164,7 @@ func (aaLogs AppArmorLogs) String() string { return res } -func aaLog(args []string, path string) error { - profile := "" - if len(args) >= 2 { - profile = args[1] - } - +func aaLog(path string, profile string) error { file, err := os.Open(filepath.Clean(path)) if err != nil { return err @@ -179,8 +181,36 @@ func aaLog(args []string, path string) error { return err } +func init() { + flag.BoolVar(&help, "h", false, "Show this help message and exit.") + flag.StringVar(&path, "f", LogFile, + "Set a log`file` or a prefix to the default log file.") +} + func main() { - err := aaLog(os.Args, LogFile) + flag.Parse() + if help { + fmt.Printf(`aa-log [-h] [-f file] [profile] + + Review AppArmor generated messages in a colorful way. + It can be given an optional profile name to filter the output with. + +`) + flag.PrintDefaults() + os.Exit(0) + } + + profile := "" + if len(flag.Args()) >= 1 { + profile = flag.Args()[0] + } + + logfile := filepath.Clean(LogFile + "." + path) + if _, err := os.Stat(logfile); err != nil { + logfile = path + } + + err := aaLog(logfile, profile) if err != nil { fmt.Println(err) os.Exit(1) diff --git a/cmd/aa-log/main_test.go b/cmd/aa-log/main_test.go index ff4320bdb..359d71ac0 100644 --- a/cmd/aa-log/main_test.go +++ b/cmd/aa-log/main_test.go @@ -131,26 +131,26 @@ func TestAppArmorLogs_String(t *testing.T) { func Test_app(t *testing.T) { tests := []struct { name string - args []string path string + profile string wantErr bool }{ { name: "OK", - args: []string{"aa-log", ""}, path: "../../tests/audit.log", + profile: "", wantErr: false, }, { name: "No logfile", - args: []string{"aa-log", ""}, path: "../../tests/log", + profile: "", wantErr: true, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - if err := aaLog(tt.args, tt.path); (err != nil) != tt.wantErr { + if err := aaLog(tt.path, tt.profile); (err != nil) != tt.wantErr { t.Errorf("aaLog() error = %v, wantErr %v", err, tt.wantErr) } }) diff --git a/root/usr/share/zsh/site-functions/_aa-log.zsh b/root/usr/share/zsh/site-functions/_aa-log.zsh index 3fe525170..0e0603fcb 100644 --- a/root/usr/share/zsh/site-functions/_aa-log.zsh +++ b/root/usr/share/zsh/site-functions/_aa-log.zsh @@ -3,6 +3,10 @@ _aa-log () { local IFS=$'\n' + _arguments : \ + -f'[set a logfile or a prefix to the default log file]:_files' \ + -h'[display help information]' + _values -C 'profile names' ${$(__aa_profiles):-""} }