Lines Matching full:audit
21 import sepolgen.audit
25 audit1 = """Sep 12 08:26:43 dhcp83-5 kernel: audit(1158064002.046:4): avc: denied { read } for p…
27 # audit daemon messages
28 audit2 = """type=AVC msg=audit(1158584779.745:708): avc: denied { dac_read_search } for pid=8132…
30 log1 = """type=AVC msg=audit(1158584779.745:708): avc: denied { dac_read_search } for pid=8132 c…
31 type=SYSCALL msg=audit(1158584779.745:708): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…
32 type=AVC msg=audit(1158584779.753:709): avc: denied { dac_override } for pid=8133 comm="vpnc-scr…
33 type=AVC msg=audit(1158584779.753:709): avc: denied { dac_read_search } for pid=8133 comm="vpnc-…
34 type=SYSCALL msg=audit(1158584779.753:709): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…
35 type=AVC msg=audit(1158584779.825:710): avc: denied { dac_override } for pid=8134 comm="vpnc-scr…
36 type=AVC msg=audit(1158584779.825:710): avc: denied { dac_read_search } for pid=8134 comm="vpnc-…
37 type=SYSCALL msg=audit(1158584779.825:710): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…
38 type=AVC msg=audit(1158584780.793:711): avc: denied { dac_override } for pid=8144 comm="sh" capa…
39 type=AVC msg=audit(1158584780.793:711): avc: denied { dac_read_search } for pid=8144 comm="sh" c…
40 type=SYSCALL msg=audit(1158584780.793:711): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…
41 type=AVC msg=audit(1158584780.797:712): avc: denied { dac_override } for pid=8145 comm="vpnc-scr…
42 type=AVC msg=audit(1158584780.797:712): avc: denied { dac_read_search } for pid=8145 comm="vpnc-…
43 type=SYSCALL msg=audit(1158584780.797:712): arch=40000003 syscall=195 success=no exit=-13 a0=80d243…
44 type=AVC msg=audit(1158584780.801:713): avc: denied { dac_override } for pid=8146 comm="vpnc-scr…
45 type=AVC msg=audit(1158584780.801:713): avc: denied { dac_read_search } for pid=8146 comm="vpnc-…
46 type=AVC_PATH msg=audit(1162850461.778:1113): path="/etc/rc.d/init.d/innd"
49 granted1 = """type=AVC msg=audit(1188833848.190:34): avc: granted { getattr } for pid=4310 comm=…
51 path1 = """type=AVC_PATH msg=audit(1162852201.019:1225): path="/usr/lib/sa/sa1"
54 log2 = """type=AVC_PATH msg=audit(1162852201.019:1225): path="/usr/lib/sa/sa1"
55 type=SYSCALL msg=audit(1162852201.019:1225): arch=40000003 syscall=11 success=yes exit=0 a0=87271b0…
56 type=AVC msg=audit(1162852201.019:1225): avc: denied { execute_no_trans } for pid=6974 comm="sh"…
57 type=AVC msg=audit(1162852201.019:1225): avc: denied { execute } for pid=6974 comm="sh" name="sa…
59 xperms1 = """type=AVC msg=audit(1516626657.910:4461): avc: denied { ioctl } for pid=4310 comm="t…
61 xperms2 = """type=AVC msg=audit(1516626657.910:4461): avc: denied { ioctl } for pid=4310 comm="t…
62 type=AVC msg=audit(1516626657.910:4461): avc: denied { ioctl } for pid=4310 comm="test" path="/r…
63 type=AVC msg=audit(1516626657.910:4461): avc: denied { ioctl } for pid=4310 comm="test" path="/r…
64 type=AVC msg=audit(1516626657.910:4461): avc: denied { getattr } for pid=4310 comm="test" path="…
66 xperms_invalid = """type=AVC msg=audit(1516626657.910:4461): avc: denied { ioctl } for pid=4310 …
68 xperms_without = """type=AVC msg=audit(1516626657.910:4461): avc: denied { ioctl } for pid=4310 …
73 avc = sepolgen.audit.AVCMessage(audit1)
82 avc = sepolgen.audit.AVCMessage(granted1)
102 avc = sepolgen.audit.AVCMessage(xperms1)
110 avc = sepolgen.audit.AVCMessage(xperms_invalid)
118 avc = sepolgen.audit.AVCMessage(xperms_without)
126 avc = sepolgen.audit.AVCMessage(audit1)
130 self.assertEqual(avc.header, "audit(1158064002.046:4):")
149 # audit daemon message
150 avc = sepolgen.audit.AVCMessage(audit2)
154 self.assertEqual(avc.header, "audit(1158584779.745:708):")
174 path = sepolgen.audit.PathMessage(path1)
186 a = sepolgen.audit.AuditParser()
195 a = sepolgen.audit.AuditParser()
202 f = open("audit.txt")
203 a = sepolgen.audit.AuditParser()
214 a = sepolgen.audit.AuditParser()
227 parser = sepolgen.audit.AuditParser()
234 parser = sepolgen.audit.AuditParser()