logparser.py: improve file vs. network event switch
Bug #1613061 reported by
Christian Boltz
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
Undecided
|
Christian Boltz | ||
2.10 |
Fix Released
|
Undecided
|
Christian Boltz |
Bug Description
It happened more than once that the audit.log contains network events with operation=
Currently we have a hotfix in place to avoid crashes, see
https:/
https:/
Unfortunately, this hotfix just ignores log events if they were sorted into the wrong category based on the operation= keyword.
logparser.py needs to be changed to decice about file vs. network using the event details instead of the operation= keyword.
Changed in apparmor: | |
status: | Fix Committed → Fix Released |
To post a comment you must log in.
See also https:/ /bugs.launchpad .net/apparmor/ +bug/1472368 for an example of operation="connect" which is actually a file event.