File tree Expand file tree Collapse file tree 1 file changed +2
-2
lines changed
Expand file tree Collapse file tree 1 file changed +2
-2
lines changed Original file line number Diff line number Diff line change @@ -170,10 +170,10 @@ file.path:(
170170 process.name:(
171171 "dockerd" or "dpkg" or "rpm" or "snapd" or "yum" or "vmis-launcher" or "pacman" or "apt-get" or "dnf" or "podman" or
172172 platform-python* or "dnf-automatic" or "unattended-upgrade" or "apk" or "snap-update-ns" or "install" or "exe" or
173- "systemd" or "root" or "sshd" or "pip" or "jlink" or python* or "update-alternatives" or pip* or "crio" or
174- "ssm-agent-worker" or "packagekitd"
173+ "systemd" or "root" or "sshd" or "pip" or "jlink" or python* or "update-alternatives" or pip* or "crio" or "packagekitd"
175174 ) or
176175 (process.name:"vmware-install.pl" and file.path:/usr/lib/vmware-tools/*) or
176+ (process.name:"ssm-agent-worker" and file.path:/usr/lib/jvm/java*) or
177177 process.executable : (/dev/fd/* or "/" or "/kaniko/executor" or "/usr/bin/buildah")
178178)
179179'''
You can’t perform that action at this time.
0 commit comments