mirrors/apparmor
1
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor.git synced 2025-03-04 16:35:02 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

Support newer auditd formatted messages. Patch from mancha on irc.

Browse source 
Acked-By: Steve Beattie <sbeattie@ubuntu.com>
This commit is contained in:
Steve Beattie 2011-01-12 13:57:19 -06:00
parent 0807a74490
commit d088727bdf
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
utils/SubDomain.pm
View file

@ -2422,7 +2422,7 @@ my $RE_LOG_v2_0_audit =
my $RE_LOG_v2_1_audit =
qr/type=(UNKNOWN\[150[1-6]\]|APPARMOR_(AUDIT|ALLOWED|DENIED|HINT|STATUS|ERROR))/;
my $RE_LOG_v2_6_audit =
qr/type=AVC\s+audit\([\d\.\:]+\):\s+apparmor=/;
qr/type=AVC\s+(msg=)?audit\([\d\.\:]+\):\s+apparmor=/;
sub prefetch_next_log_entry() {
# if we already have an existing cache entry, something's broken