Linux Mint is not parsing AppArmor complain log files correctly, I'm not sure why.
a sample from the audit.log file is
type=AVC msg=audit(1212212212.121:13867): apparmor="AUDIT" operation="open" profile="/usr/bin/testfile" name="/tmp/tempfile/" pid=2686 comm="testfile" requested_mask="r" fsuid=0 ouid=0
in the logparser.py file, it looks like it's getting picked up by the regex, and makes its way all the way to "def parse_event_for_tree(self, e):" where its stopped just a few lines in at:
"if aamode in ['UNKNOWN', 'AUDIT', 'STATUS', 'ERROR']: return None"
The aa-logprof run's without any fatal exceptions, just doesn't recognize any events.
Linux Mint is not parsing AppArmor complain log files correctly, I'm not sure why.
a sample from the audit.log file is 1212212212. 121:13867) : apparmor="AUDIT" operation="open" profile= "/usr/bin/ testfile" name="/ tmp/tempfile/ " pid=2686 comm="testfile" requested_mask="r" fsuid=0 ouid=0
type=AVC msg=audit(
in the logparser.py file, it looks like it's getting picked up by the regex, and makes its way all the way to "def parse_event_ for_tree( self, e):" where its stopped just a few lines in at:
"if aamode in ['UNKNOWN', 'AUDIT', 'STATUS', 'ERROR']: return None"
The aa-logprof run's without any fatal exceptions, just doesn't recognize any events.