feat(aa): improve comment generation from log map.

2025-01-18 08:58:15 +01:00 · 2024-05-25 22:03:16 +01:00 · 2024-05-25 22:03:16 +01:00 · 05de39d92a
commit 05de39d92a
parent 744c745394
1 changed files with 9 additions and 20 deletions
--- a/pkg/aa/base.go
+++ b/pkg/aa/base.go
@ -18,38 +18,27 @@ type RuleBase struct {
 	Optional    bool
 }

-
 func newRuleFromLog(log map[string]string) RuleBase {
-	fileInherit := false
+	comment := ""
+	fileInherit, noNewPrivs, optional := false, false, false
+
 	if log["operation"] == "file_inherit" {
 		fileInherit = true
 	}
-
-	noNewPrivs := false
-	optional := false
-	msg := ""
-	switch log["error"] {
-	case "-1":
+	if log["error"] == "-1" {
 		if strings.Contains(log["info"], "optional:") {
 			optional = true
-			msg = strings.Replace(log["info"], "optional: ", "", 1)
+			comment = strings.Replace(log["info"], "optional: ", "", 1)
 		} else {
 			noNewPrivs = true
 		}
-	case "-13":
-		ignoreProfileInfo := []string{"namespace", "disconnected path"}
-		for _, info := range ignoreProfileInfo {
-			if strings.Contains(log["info"], info) {
-				break
 	}
+	if log["info"] != "" {
+		comment += " " + log["info"]
 	}
-		msg = log["info"]
-	default:
-	}
-
 	return RuleBase{
 		IsLineRule:  false,
-		Comment:     msg,
+		Comment:     comment,
 		NoNewPrivs:  noNewPrivs,
 		FileInherit: fileInherit,
 		Optional:    optional,