Rewrite aa-log.
This commit is contained in:
Alexandre Pujol
parent
2cc4d69e9e
commit
ac2386957b
7 changed files with 186 additions and 38 deletions
|
|
@ -1,24 +0,0 @@
|
|||
#!/usr/bin/env bash
|
||||
# Review AppArmor generated messages
|
||||
# Copyright (C) 2021 Alexandre Pujol <alexandre@pujol.io>
|
||||
# SPDX-License-Identifier: GPL-2.0-only
|
||||
#
|
||||
|
||||
readonly LOGFILE=/var/log/audit/audit.log
|
||||
|
||||
# Parses AppArmor logs to hide unnecessary information and remove duplicates.
|
||||
_apparmor_log() {
|
||||
local state="$1" profile="$2"
|
||||
grep -a "$state" "$LOGFILE" \
|
||||
| grep "profile=\"$profile.*\"" \
|
||||
| sed -e 's/AVC //' \
|
||||
-e "s/apparmor=\"$state\"/$state/" \
|
||||
-e 's/type=msg=audit(.*): //' \
|
||||
-e 's/pid=.* comm/comm/' \
|
||||
-e 's/ fsuid.*//' \
|
||||
| awk '!x[$0]++'
|
||||
|
||||
}
|
||||
|
||||
_apparmor_log DENIED "$@"
|
||||
_apparmor_log ALLOWED "$@"
|
||||
Loading…
Add table
Add a link
Reference in a new issue