mirror of
https://gitlab.com/apparmor/apparmor.git
synced 2025-03-05 00:41:03 +01:00
223322ef47
logparser.py does a regex check on log lines as performance improvement so that it only hands over lines that look like AppArmor events to LibAppArmor parsing. Those regexes were incomplete and didn't cover all log formats LibAppArmor accepts, with the end result of "overlooking" events. This patch splits off common parts of the regex, adds more regexes for several log types and finally merges everything into one regex. test-logparser.py gets adjusted to the merged RE_LOG_ALL regex. Finally, add a new test that was posted on IRC to the test_multi set. As already threatened nearly a month ago, Acked by <timeout> for trunk and 2.9 Note: 2.9 doesn't have test-libapparmor-test_multi.py, therefore I can't add the check to verify all test_multi log lines against the regex to ensure logparser.py doesn't silently ignore events. Bug: https://launchpad.net/bugs/1569316 |
||
|---|---|---|
| .. | ||
| doc | ||
| include | ||
| m4 | ||
| src | ||
| swig | ||
| testsuite | ||
| AUTHORS | ||
| autogen.sh | ||
| ChangeLog | ||
| configure.ac | ||
| COPYING.LGPL | ||
| INSTALL | ||
| Makefile.am | ||
| NEWS | ||
| README | ||
What little documentation exists is in src/aalogparse.h. Please file bugs using https://bugs.launchpad.net/apparmor/+filebug