apport-hackers team mailing list archive
-
apport-hackers team
-
Mailing list archive
-
Message #00067
[Merge] lp:~mdeslaur/apport/fix-auditd into lp:apport
Marc Deslauriers has proposed merging lp:~mdeslaur/apport/fix-auditd into lp:apport.
Requested reviews:
Apport upstream developers (apport-hackers)
For more details, see:
https://code.launchpad.net/~mdeslaur/apport/fix-auditd/+merge/68115
- Properly detect as a non-root user when auditd is being used
- Use egrep instead of grep as we have an extended regex
--
https://code.launchpad.net/~mdeslaur/apport/fix-auditd/+merge/68115
Your team Apport upstream developers is requested to review the proposed merge of lp:~mdeslaur/apport/fix-auditd into lp:apport.
=== modified file 'apport/hookutils.py'
--- apport/hookutils.py 2011-07-14 09:05:36 +0000
+++ apport/hookutils.py 2011-07-15 17:28:29 +0000
@@ -532,8 +532,8 @@
elif os.path.exists('/var/log/messages'):
report['KernLog'] = recent_logfile('/var/log/messages', mac_re)
- if os.path.exists('/var/log/audit/audit.log'):
- attach_root_command_outputs(report, {'AuditLog': 'grep "' + mac_regex + '" /var/log/audit/audit.log'})
+ if os.path.exists('/var/run/auditd.pid'):
+ attach_root_command_outputs(report, {'AuditLog': 'egrep "' + mac_regex + '" /var/log/audit/audit.log'})
attach_file(report, '/proc/version_signature', 'ProcVersionSignature')
attach_file(report, '/proc/cmdline', 'ProcCmdline')