mirror of
https://github.com/roddhjav/apparmor.d.git
synced 2024-12-24 14:06:47 +01:00
feat(aa-log): add -r option to convert the log into rules.
This commit is contained in:
parent
d06a474b0c
commit
9650df00e3
2 changed files with 25 additions and 5 deletions
|
@ -14,7 +14,7 @@ import (
|
||||||
"golang.org/x/exp/slices"
|
"golang.org/x/exp/slices"
|
||||||
)
|
)
|
||||||
|
|
||||||
const usage = `aa-log [-h] [--systemd] [--file file] [profile]
|
const usage = `aa-log [-h] [--systemd] [--file file] [--rules] [profile]
|
||||||
|
|
||||||
Review AppArmor generated messages in a colorful way. Supports logs from
|
Review AppArmor generated messages in a colorful way. Supports logs from
|
||||||
auditd, systemd, syslog as well as dbus session events.
|
auditd, systemd, syslog as well as dbus session events.
|
||||||
|
@ -28,17 +28,19 @@ Options:
|
||||||
-h, --help Show this help message and exit.
|
-h, --help Show this help message and exit.
|
||||||
-f, --file FILE Set a logfile or a suffix to the default log file.
|
-f, --file FILE Set a logfile or a suffix to the default log file.
|
||||||
-s, --systemd Parse systemd logs from journalctl.
|
-s, --systemd Parse systemd logs from journalctl.
|
||||||
|
-r, --rules Convert the log into AppArmor rules.
|
||||||
|
|
||||||
`
|
`
|
||||||
|
|
||||||
// Command line options
|
// Command line options
|
||||||
var (
|
var (
|
||||||
help bool
|
help bool
|
||||||
|
rules bool
|
||||||
path string
|
path string
|
||||||
systemd bool
|
systemd bool
|
||||||
)
|
)
|
||||||
|
|
||||||
func aaLog(logger string, path string, profile string) error {
|
func aaLog(logger string, path string, profile string, rules bool) error {
|
||||||
var err error
|
var err error
|
||||||
var file io.Reader
|
var file io.Reader
|
||||||
|
|
||||||
|
@ -53,8 +55,16 @@ func aaLog(logger string, path string, profile string) error {
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
aaLogs := logs.NewApparmorLogs(file, profile)
|
aaLogs := logs.NewApparmorLogs(file, profile)
|
||||||
fmt.Print(aaLogs.String())
|
if rules {
|
||||||
|
profiles := aaLogs.ParseToProfiles()
|
||||||
|
for _, profile := range profiles {
|
||||||
|
fmt.Print(profile.String() + "\n")
|
||||||
|
}
|
||||||
|
} else {
|
||||||
|
fmt.Print(aaLogs.String())
|
||||||
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -65,6 +75,8 @@ func init() {
|
||||||
flag.StringVar(&path, "file", "", "Set a logfile or a suffix to the default log file.")
|
flag.StringVar(&path, "file", "", "Set a logfile or a suffix to the default log file.")
|
||||||
flag.BoolVar(&systemd, "s", false, "Parse systemd logs from journalctl.")
|
flag.BoolVar(&systemd, "s", false, "Parse systemd logs from journalctl.")
|
||||||
flag.BoolVar(&systemd, "systemd", false, "Parse systemd logs from journalctl.")
|
flag.BoolVar(&systemd, "systemd", false, "Parse systemd logs from journalctl.")
|
||||||
|
flag.BoolVar(&rules, "r", false, "Convert the log into AppArmor rules.")
|
||||||
|
flag.BoolVar(&rules, "rules", false, "Convert the log into AppArmor rules.")
|
||||||
}
|
}
|
||||||
|
|
||||||
func main() {
|
func main() {
|
||||||
|
@ -86,7 +98,7 @@ func main() {
|
||||||
}
|
}
|
||||||
|
|
||||||
logfile := logs.GetLogFile(path)
|
logfile := logs.GetLogFile(path)
|
||||||
err := aaLog(logger, logfile, profile)
|
err := aaLog(logger, logfile, profile, rules)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
fmt.Println(err)
|
fmt.Println(err)
|
||||||
os.Exit(1)
|
os.Exit(1)
|
||||||
|
|
|
@ -25,6 +25,14 @@ func Test_app(t *testing.T) {
|
||||||
rules: false,
|
rules: false,
|
||||||
wantErr: false,
|
wantErr: false,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: "Test audit.log to rules",
|
||||||
|
logger: "auditd",
|
||||||
|
path: "../../tests/audit.log",
|
||||||
|
profile: "",
|
||||||
|
rules: rules,
|
||||||
|
wantErr: false,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: "Test Dbus Session",
|
name: "Test Dbus Session",
|
||||||
logger: "systemd",
|
logger: "systemd",
|
||||||
|
@ -52,7 +60,7 @@ func Test_app(t *testing.T) {
|
||||||
}
|
}
|
||||||
for _, tt := range tests {
|
for _, tt := range tests {
|
||||||
t.Run(tt.name, func(t *testing.T) {
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
if err := aaLog(tt.logger, tt.path, tt.profile); (err != nil) != tt.wantErr {
|
if err := aaLog(tt.logger, tt.path, tt.profile, tt.rules); (err != nil) != tt.wantErr {
|
||||||
t.Errorf("aaLog() error = %v, wantErr %v", err, tt.wantErr)
|
t.Errorf("aaLog() error = %v, wantErr %v", err, tt.wantErr)
|
||||||
}
|
}
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue