mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 08:24:42 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add "comm" string to the parser structure and testsuite runner. Update

Browse source 
testsuite output to include "comm" report.
This commit is contained in:
Kees Cook 2010-07-26 09:20:02 -07:00
parent 5649f5237b
commit a92f9e67b3
10 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
libraries/libapparmor/src/aalogparse.h
View file

@ -129,6 +129,7 @@ typedef struct
unsigned long fsuid; /* fsuid of task - if logged */
unsigned long ouid; /* ouid of task - if logged */
char *profile; /* The name of the profile */
char *comm; /* Command that triggered msg */
char *name;
char *name2;
char *namespace;

1
libraries/libapparmor/src/grammar.y
View file

@ -432,6 +432,7 @@ key: TOK_KEY_OPERATION TOK_EQUALS TOK_QUOTED_STRING
| TOK_KEY_OUID TOK_EQUALS TOK_DIGITS
{ ret_record->ouid = $3;}
| TOK_KEY_COMM TOK_EQUALS TOK_QUOTED_STRING
{ ret_record->comm = $3;}
| TOK_KEY_APPARMOR TOK_EQUALS apparmor_event
;

2
libraries/libapparmor/src/libaalogparse.c
View file

@ -56,6 +56,8 @@ void free_record(aa_log_record *record)
free(record->denied_mask);
if (record->profile != NULL)
free(record->profile);
if (record->comm != NULL)
free(record->comm);
if (record->name != NULL)
free(record->name);
if (record->name2 != NULL)

4
libraries/libapparmor/testsuite/test_multi.c
View file

@ -129,6 +129,10 @@ int print_results(aa_log_record *record)
{
printf("Name: %s\n", record->name);
}
if (record->comm != NULL)
{
printf("Command: %s\n", record->comm);
}
if (record->name2 != NULL)
{
printf("Name2: %s\n", record->name2);

1
libraries/libapparmor/testsuite/test_multi/avc_audit_01.out
View file

@ -9,6 +9,7 @@ fsuid: 0
ouid: 1000
Profile: /usr/sbin/cupsd
Name: /home/user/.ssh/
Command: ls
Parent: 12332
PID: 12333
Epoch: 1279948288

1
libraries/libapparmor/testsuite/test_multi/avc_audit_02.out
View file

@ -4,6 +4,7 @@ Event type: AA_RECORD_STATUS
Audit ID: 1279948227.175:27
Operation: profile_replace
Name: /sbin/dhclient3
Command: apparmor_parser
PID: 12291
Epoch: 1279948227
Audit subid: 27

1
libraries/libapparmor/testsuite/test_multi/avc_audit_03.out
View file

@ -9,6 +9,7 @@ fsuid: 1000
ouid: 0
Profile: /tmp/cat
Name: /etc/passwd
Command: cat
Parent: 7014
PID: 21645
Epoch: 1279968846

1
libraries/libapparmor/testsuite/test_multi/avc_syslog_01.out
View file

@ -9,6 +9,7 @@ fsuid: 0
ouid: 0
Profile: /usr/sbin/cupsd
Name: /boot/
Command: ls
Parent: 19650
PID: 19651
Epoch: 1279967133

1
libraries/libapparmor/testsuite/test_multi/avc_syslog_02.out
View file

@ -4,6 +4,7 @@ Event type: AA_RECORD_STATUS
Audit ID: 1279967081.455:42
Operation: profile_replace
Name: /sbin/dhclient3
Command: apparmor_parser
PID: 19610
Epoch: 1279967081
Audit subid: 42

1
libraries/libapparmor/testsuite/test_multi/avc_syslog_03.out
View file

@ -9,6 +9,7 @@ fsuid: 1000
ouid: 0
Profile: /tmp/cat
Name: /etc/passwd
Command: cat
Parent: 7014
PID: 21645
Epoch: 1279968846