From d130f8453a60e1f2b263db3c9164c4c3ceadd0ca Mon Sep 17 00:00:00 2001
From: Emanuele Aina <emanuele.aina@collabora.com>
Date: Mon, 2 Sep 2019 14:05:52 +0200
Subject: [PATCH] apparmor-*: Stop using audit.log

Use the systemd journal to retrieve audit messages, as the minimal images no
longer ship auditd.

Signed-off-by: Emanuele Aina <emanuele.aina@collabora.com>
---
 test-cases/apparmor-functional-demo.yaml | 2 +-
 test-cases/apparmor-geoclue.yaml         | 2 +-
 test-cases/apparmor-tracker.yaml         | 2 +-
 test-cases/apparmor-utils.yaml           | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/test-cases/apparmor-functional-demo.yaml b/test-cases/apparmor-functional-demo.yaml
index 2ddb94f..9a9ff4a 100644
--- a/test-cases/apparmor-functional-demo.yaml
+++ b/test-cases/apparmor-functional-demo.yaml
@@ -44,7 +44,7 @@ run:
     - "# Execute the following commands:"
     - echo -n | sudo tee /var/log/audit/audit.log
     - common/run-test-in-systemd --name=run-lava_run_tests --timeout=90 /usr/lib/apparmor-demo/lava_run_tests
-    - sudo cat /var/log/audit/audit.log | aa_log_extract_tokens.pl PERMITTING REJECTING
+    - sudo journalctl -b -t audit -o cat | /usr/bin/aa_log_extract_tokens.sh ALLOWED DENIED
 
 parse:
   fixupdict:
diff --git a/test-cases/apparmor-geoclue.yaml b/test-cases/apparmor-geoclue.yaml
index 460e792..f6cd292 100644
--- a/test-cases/apparmor-geoclue.yaml
+++ b/test-cases/apparmor-geoclue.yaml
@@ -44,7 +44,7 @@ run:
     - "# Execute the following commands:"
     - echo -n | sudo tee /var/log/audit/audit.log
     - common/run-test-in-systemd --name run-test-geoclue --timeout 90 /usr/lib/apertis-tests/apparmor/geoclue/test-geoclue
-    - sudo cat /var/log/audit/audit.log | aa_log_extract_tokens.pl PERMITTING REJECTING
+    - sudo journalctl -b -t audit -o cat | /usr/bin/aa_log_extract_tokens.sh ALLOWED DENIED
 
 parse:
   pattern: ^(?P<test_case_id>[\w\-\.]+):\s(?P<result>PASS|pass|FAIL|fail|SKIP|skip|UNKNOWN|unknown)$
diff --git a/test-cases/apparmor-tracker.yaml b/test-cases/apparmor-tracker.yaml
index 32efbce..b468189 100644
--- a/test-cases/apparmor-tracker.yaml
+++ b/test-cases/apparmor-tracker.yaml
@@ -54,7 +54,7 @@ run:
     - "# Execute the following commands:"
     - echo -n | sudo tee /var/log/audit/audit.log
     - common/run-test-in-systemd --name run-test-tracker --timeout 3000 apparmor/tracker/test-tracker
-    - sudo cat /var/log/audit/audit.log | aa_log_extract_tokens.pl PERMITTING REJECTING
+    - sudo journalctl -b -t audit -o cat | /usr/bin/aa_log_extract_tokens.sh ALLOWED DENIED
 
 parse:
   pattern: ^(?P<test_case_id>[\w\-\.]+):\s(?P<result>PASS|pass|FAIL|fail|SKIP|skip|UNKNOWN|unknown)$
diff --git a/test-cases/apparmor-utils.yaml b/test-cases/apparmor-utils.yaml
index 6ef2ed9..ea8e95e 100644
--- a/test-cases/apparmor-utils.yaml
+++ b/test-cases/apparmor-utils.yaml
@@ -57,7 +57,7 @@ run:
     - echo -n | sudo tee /var/log/audit/audit.log
     - 'common/run-test-in-systemd --name=aa-enforce-test --timeout 90 -- sh /usr/lib/apparmor-utils-tests/aa-enforce-test.sh'
     - 'common/run-test-in-systemd --name=apparmor_parser --timeout 90 -- sh /usr/lib/apparmor-utils-tests/apparmor_parser.sh'
-    - sudo cat /var/log/audit/audit.log | aa_log_extract_tokens.pl PERMITTING REJECTING
+    - sudo journalctl -b -t audit -o cat | /usr/bin/aa_log_extract_tokens.sh ALLOWED DENIED
 
 parse:
   fixupdict:
-- 
GitLab