3
$msg = 'type=APPARMOR_ALLOWED msg=audit(1257283891.471:2232): operation="file_perm" pid=4064 parent=4002 profile="/usr/bin/gedit" requested_mask="w::" denied_mask="w::" fsuid=1000 ouid=1000 name="/home/jamie/.gnome2/accels/gedit"';
5
my($test) = LibAppArmorc::parse_record($msg);
7
if (LibAppArmor::aa_log_record::swig_event_get($test) == $LibAppArmor::AA_RECORD_ALLOWED )
9
print "AA_RECORD_ALLOWED\n";
12
print "Audit ID: " . LibAppArmor::aa_log_record::swig_audit_id_get($test) . "\n";
13
print "PID: " . LibAppArmor::aa_log_record::swig_pid_get($test) . "\n";
15
LibAppArmorc::free_record($test);