← Back to team overview

apport-hackers team mailing list archive

  1. apport-hackers team
  2. Mailing list archive
  3. Message #00067

[Merge] lp:~mdeslaur/apport/fix-auditd into lp:apport

  Thread PreviousDate PreviousThread Next 
Marc Deslauriers has proposed merging lp:~mdeslaur/apport/fix-auditd into lp:apport.

Requested reviews:
  Apport upstream developers (apport-hackers)

For more details, see:
https://code.launchpad.net/~mdeslaur/apport/fix-auditd/+merge/68115

- Properly detect as a non-root user when auditd is being used
- Use egrep instead of grep as we have an extended regex
-- 
https://code.launchpad.net/~mdeslaur/apport/fix-auditd/+merge/68115
Your team Apport upstream developers is requested to review the proposed merge of lp:~mdeslaur/apport/fix-auditd into lp:apport.

=== modified file 'apport/hookutils.py'
--- apport/hookutils.py	2011-07-14 09:05:36 +0000
+++ apport/hookutils.py	2011-07-15 17:28:29 +0000
@@ -532,8 +532,8 @@
     elif os.path.exists('/var/log/messages'):
         report['KernLog'] = recent_logfile('/var/log/messages', mac_re)
 
-    if os.path.exists('/var/log/audit/audit.log'):
-        attach_root_command_outputs(report, {'AuditLog': 'grep "' + mac_regex + '" /var/log/audit/audit.log'})
+    if os.path.exists('/var/run/auditd.pid'):
+        attach_root_command_outputs(report, {'AuditLog': 'egrep "' + mac_regex + '" /var/log/audit/audit.log'})
 
     attach_file(report, '/proc/version_signature', 'ProcVersionSignature')
     attach_file(report, '/proc/cmdline', 'ProcCmdline')
  Thread PreviousDate PreviousThread Next