Linux Mint is not parsing AppArmor complain log files correctly, I'm not sure why.
a sample from the audit.log file is type=AVC msg=audit(1212212212.121:13867): apparmor="AUDIT" operation="open" profile="/usr/bin/testfile" name="/tmp/tempfile/" pid=2686 comm="testfile" requested_mask="r" fsuid=0 ouid=0 in the logparser.py file, it looks like it's getting picked up by the regex, and makes its way all the way to "def parse_event_for_tree(self, e):" where its stopped just a few lines in at: "if aamode in ['UNKNOWN', 'AUDIT', 'STATUS', 'ERROR']: return None" The aa-logprof run's without any fatal exceptions, just doesn't recognize any events. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1399027 Title: logparser doesn't understand /var/log/messages format To manage notifications about this bug go to: https://bugs.launchpad.net/apparmor/+bug/1399027/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
