6
#include "aalogparse.h"
8
int print_results(aa_log_record *record);
10
int main(int argc, char **argv)
14
aa_log_record *test = NULL;
19
fprintf(stderr, "Usage: test_multi.multi <filename>\n");
24
printf("File: %s\n", argv[1]);
26
testcase = fopen(argv[1], "r");
29
perror("Could not open testcase: ");
33
if (fgets(log_line, 1023, testcase) == NULL)
35
fprintf(stderr, "Could not read testcase.\n");
42
test = parse_record(log_line);
46
fprintf(stderr,"Parsing failed.\n");
49
ret = print_results(test);
54
int print_results(aa_log_record *record)
56
printf("Event type: ");
61
printf("AA_RECORD_ERROR\n");
64
case AA_RECORD_INVALID:
66
printf("AA_RECORD_INVALID\n");
71
printf("AA_RECORD_AUDIT\n");
74
case AA_RECORD_ALLOWED:
76
printf("AA_RECORD_ALLOWED\n");
79
case AA_RECORD_DENIED:
81
printf("AA_RECORD_DENIED\n");
86
printf("AA_RECORD_HINT\n");
89
case AA_RECORD_STATUS:
91
printf("AA_RECORD_STATUS\n");
96
printf("UNKNOWN EVENT TYPE\n");
100
if (record->audit_id != NULL)
102
printf("Audit ID: %s\n", record->audit_id);
104
if (record->operation != NULL)
106
printf("Operation: %s\n", record->operation);
108
if (record->requested_mask != NULL)
110
printf("Mask: %s\n", record->requested_mask);
112
if (record->denied_mask != NULL)
114
printf("Denied Mask: %s\n", record->denied_mask);
116
if (record->fsuid != (unsigned long) -1)
118
printf("fsuid: %ld\n", record->fsuid);
120
if (record->ouid != (unsigned long) -1)
122
printf("ouid: %ld\n", record->ouid);
124
if (record->profile != NULL)
126
printf("Profile: %s\n", record->profile);
128
if (record->name != NULL)
130
printf("Name: %s\n", record->name);
132
if (record->comm != NULL)
134
printf("Command: %s\n", record->comm);
136
if (record->name2 != NULL)
138
printf("Name2: %s\n", record->name2);
140
if (record->namespace != NULL)
142
printf("Namespace: %s\n", record->namespace);
144
if (record->attribute != NULL)
146
printf("Attribute: %s\n", record->attribute);
148
if (record->task != 0)
150
printf("Task: %ld\n", record->task);
152
if (record->parent != 0)
154
printf("Parent: %ld\n", record->parent);
156
if (record->magic_token != 0)
158
printf("Token: %lu\n", record->magic_token);
160
if (record->info != NULL)
162
printf("Info: %s\n", record->info);
164
if (record->error_code)
166
printf("ErrorCode: %d\n", record->error_code);
168
if (record->pid != 0)
170
printf("PID: %ld\n", record->pid);
172
if (record->active_hat != NULL)
174
printf("Active hat: %s\n", record->active_hat);
176
if (record->net_family != NULL)
178
printf("Network family: %s\n", record->net_family);
180
if (record->net_sock_type != NULL)
182
printf("Socket type: %s\n", record->net_sock_type);
184
if (record->net_protocol != NULL)
186
printf("Protocol: %s\n", record->net_protocol);
188
printf("Epoch: %lu\n", record->epoch);
189
printf("Audit subid: %u\n", record->audit_sub_id);