Logo Search packages:      
Sourcecode: audit version File versions  Download package

def audit_rules::Rule::command_text (   self,

Represent self as a string within a list with list_name in rules.

Definition at line 437 of file audit_rules.py.

00437                                                   :
        '''Represent self as a string within a list with list_name in rules.'''
        o = []
        watches = [field for field in self.fields
                   if field.var == audit.AUDIT_WATCH]
        if not watches or self.action != self.ACTION_ALWAYS:
            o.append('-a %s,%s' % (list_name, self.action))
            watch_used = False
            assert (len(watches) == 1 and watches[0].op == Field.OP_EQ and
                    list is rules.exit_rules)
            o.append('-w %s' % watches[0].value)
            watch_used = True
        # Add fields before syscalls because -F arch=... may change the meaning
        # of syscall names.  But add AUDIT_FILTERKEY only after -S, auditctl
        # stubbornly insists on that order.
        for f in self.fields:
            if (f.var != audit.AUDIT_FILTERKEY and
                (f.var != audit.AUDIT_WATCH or not watch_used)):
        if list is not rules.exclude_rules:
            for s in self.syscalls:
                if s == self.SYSCALLS_ALL:
                    o.append('-S all')
                    o.append('-S %s' % util.syscall_string(s, self.machine))
        for f in self.fields:
            if f.var == audit.AUDIT_FILTERKEY:
        return ' '.join(o)

    def __eq__(self, rule):

Generated by  Doxygen 1.6.0   Back to index