diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cc4735c01..76ec28530 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -60,6 +60,4 @@ jobs: make -j$(nproc) - name: Run tests - # Temporarily disable for Ubuntu - if: matrix.container != 'ubuntu:latest' run: make check diff --git a/auparse/test/auparse_test.c b/auparse/test/auparse_test.c index 09af55d19..c346bfcff 100644 --- a/auparse/test/auparse_test.c +++ b/auparse/test/auparse_test.c @@ -20,7 +20,7 @@ static const char *buf[] = { unsigned int walked_fields = 0; #define FIELDS_EXPECTED 403 -static void walk_test(auparse_state_t *au) +static void walk_test(auparse_state_t *au, int interpret) { int event_cnt = 1, record_cnt; @@ -53,10 +53,16 @@ static void walk_test(auparse_state_t *au) e->milli, e->serial, e->host ? e->host : "?"); auparse_first_field(au); do { - printf(" %s=%s (%s)\n", - auparse_get_field_name(au), - auparse_get_field_str(au), - auparse_interpret_field(au)); + if (interpret) { + printf(" %s=%s (%s)\n", + auparse_get_field_name(au), + auparse_get_field_str(au), + auparse_interpret_field(au)); + } else { + printf(" %s=%s\n", + auparse_get_field_name(au), + auparse_get_field_str(au)); + } walked_fields++; } while (auparse_next_field(au) > 0); printf("\n"); @@ -221,9 +227,14 @@ void regex_search(const char *expr) auparse_destroy(au); } +typedef struct { + int *event_cnt; + int interpret; +} callback_data_t; + static void auparse_callback(auparse_state_t *au, auparse_cb_event_t cb_event_type, void *user_data) { - int *event_cnt = (int *)user_data; + callback_data_t *data = (callback_data_t *)user_data; int record_cnt; if (cb_event_type == AUPARSE_CB_EVENT_READY) { @@ -231,7 +242,7 @@ static void auparse_callback(auparse_state_t *au, auparse_cb_event_t cb_event_ty printf("can't get first record\n"); return; } - printf("event %d has %u records\n", *event_cnt, + printf("event %d has %u records\n", *(data->event_cnt), auparse_get_num_records(au)); record_cnt = 1; do { @@ -254,15 +265,21 @@ static void auparse_callback(auparse_state_t *au, auparse_cb_event_t cb_event_ty e->host ? e->host : "?"); auparse_first_field(au); do { - printf(" %s=%s (%s)\n", - auparse_get_field_name(au), - auparse_get_field_str(au), - auparse_interpret_field(au)); + if (data->interpret) { + printf(" %s=%s (%s)\n", + auparse_get_field_name(au), + auparse_get_field_str(au), + auparse_interpret_field(au)); + } else { + printf(" %s=%s\n", + auparse_get_field_name(au), + auparse_get_field_str(au)); + } } while (auparse_next_field(au) > 0); printf("\n"); record_cnt++; } while(auparse_next_record(au) > 0); - (*event_cnt)++; + (*(data->event_cnt))++; } } @@ -304,7 +321,7 @@ int main(void) /* Reset, now lets go to beginning and walk the list manually */ printf("Starting Test 2, walk events, records, and fields...\n"); auparse_reset(au); - walk_test(au); + walk_test(au, 1); auparse_destroy(au); printf("Test 2 Done\n\n"); @@ -325,7 +342,7 @@ int main(void) printf("Error - %s\n", strerror(errno)); return 1; } - walk_test(au); + walk_test(au, 0); auparse_destroy(au); printf("Test 4 Done\n\n"); @@ -335,7 +352,7 @@ int main(void) printf("Error - %s\n", strerror(errno)); return 1; } - walk_test(au); + walk_test(au, 0); auparse_destroy(au); printf("Test 5 Done\n\n"); @@ -409,12 +426,13 @@ int main(void) printf("Starting Test 9, buffer feed...\n"); { int event_cnt = 1; + callback_data_t cb_data = { &event_cnt, 1 }; size_t len, chunk_len = 3; const char **cur_buf, *p_beg, *p_end, *p_chunk_beg, *p_chunk_end; au = auparse_init(AUSOURCE_FEED, 0); - auparse_add_callback(au, auparse_callback, &event_cnt, NULL); + auparse_add_callback(au, auparse_callback, &cb_data, NULL); for (cur_buf = buf, p_beg = *cur_buf; *cur_buf; cur_buf++, p_beg = *cur_buf) { len = strlen(p_beg); @@ -441,15 +459,15 @@ int main(void) /* Note: this should match Test 4 exactly */ printf("Starting Test 10, file feed...\n"); { - int *event_cnt = malloc(sizeof(int)); + int event_cnt = 1; + callback_data_t cb_data = { &event_cnt, 0 }; size_t len; char filename[] = "./test.log"; char buf[4]; FILE *fp; - *event_cnt = 1; au = auparse_init(AUSOURCE_FEED, 0); - auparse_add_callback(au, auparse_callback, event_cnt, free); + auparse_add_callback(au, auparse_callback, &cb_data, NULL); if ((fp = fopen(filename, "r")) == NULL) { fprintf(stderr, "could not open '%s', %s\n", filename, strerror(errno)); @@ -473,7 +491,7 @@ int main(void) } walked_fields = 0; - walk_test(au); + walk_test(au, 0); auparse_destroy(au); if (walked_fields != FIELDS_EXPECTED) { diff --git a/auparse/test/auparse_test.py b/auparse/test/auparse_test.py index 11200d76d..e863a1739 100755 --- a/auparse/test/auparse_test.py +++ b/auparse/test/auparse_test.py @@ -26,7 +26,7 @@ def none_to_null(s): walked_fields = 0 FIELDS_EXPECTED = 403 -def walk_test(au): +def walk_test(au, interpret=False): global walked_fields event_cnt = 1 @@ -53,7 +53,10 @@ def walk_test(au): print(" event time: %d.%d:%d, host=%s" % (event.sec, event.milli, event.serial, none_to_null(event.host))) au.first_field() while True: - print(" %s=%s (%s)" % (au.get_field_name(), au.get_field_str(), au.interpret_field())) + if interpret: + print(" %s=%s (%s)" % (au.get_field_name(), au.get_field_str(), au.interpret_field())) + else: + print(" %s=%s" % (au.get_field_name(), au.get_field_str())) walked_fields += 1 if not au.next_field(): break print("") @@ -123,7 +126,7 @@ def compound_search(au, how): else: print("Found %s = %s" % (au.get_field_name(), au.get_field_str())) -def feed_callback(au, cb_event_type, event_cnt): +def feed_callback(au, cb_event_type, event_cnt, interpret=False): if cb_event_type == auparse.AUPARSE_CB_EVENT_READY: if not au.first_record(): print("Error getting first record") @@ -146,7 +149,10 @@ def feed_callback(au, cb_event_type, event_cnt): print(" event time: %d.%d:%d, host=%s" % (event.sec, event.milli, event.serial, none_to_null(event.host))) au.first_field() while True: - print(" %s=%s (%s)" % (au.get_field_name(), au.get_field_str(), au.interpret_field())) + if interpret: + print(" %s=%s (%s)" % (au.get_field_name(), au.get_field_str(), au.interpret_field())) + else: + print(" %s=%s" % (au.get_field_name(), au.get_field_str())) if not au.next_field(): break print("") record_cnt += 1 @@ -166,7 +172,7 @@ def feed_callback(au, cb_event_type, event_cnt): # Reset, now lets go to beginning and walk the list manually */ print("Starting Test 2, walk events, records, and fields...") -walk_test(au) +walk_test(au, interpret=True) print("Test 2 Done\n") # Reset, now lets go to beginning and walk the list manually */ @@ -234,7 +240,7 @@ def feed_callback(au, cb_event_type, event_cnt): print("Starting Test 9, buffer feed...") au = auparse.AuParser(auparse.AUSOURCE_FEED); event_cnt = 1 -au.add_callback(feed_callback, [event_cnt]) +au.add_callback(lambda au, cb_event_type, event_cnt: feed_callback(au, cb_event_type, event_cnt, interpret=False), [event_cnt]) chunk_len = 3 for s in buf: s_len = len(s) @@ -251,7 +257,7 @@ def feed_callback(au, cb_event_type, event_cnt): print("Starting Test 10, file feed...") au = auparse.AuParser(auparse.AUSOURCE_FEED); event_cnt = 1 -au.add_callback(feed_callback, [event_cnt]) +au.add_callback(lambda au, cb_event_type, event_cnt: feed_callback(au, cb_event_type, event_cnt, interpret=False), [event_cnt]) f = open(srcdir + "/test.log"); while True: data = f.read(4) diff --git a/auparse/test/auparse_test.ref b/auparse/test/auparse_test.ref index dbeddf225..421ff5acf 100644 --- a/auparse/test/auparse_test.ref +++ b/auparse/test/auparse_test.ref @@ -85,199 +85,199 @@ event 1 has 4 records record 1 of type 1400(AVC) has 11 fields line=1 file=./test.log event time: 1170021493.977:293, host=? - type=AVC (AVC) - seresult=denied (denied) - seperms=read,write (read,write) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read,write + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=./test.log event time: 1170021493.977:293, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=./test.log event time: 1170021493.977:293, host=? - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=./test.log event time: 1170021493.977:293, host=? - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 2 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=./test.log event time: 1170021601.340:294, host=? - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 3 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=./test.log event time: 1170021601.342:295, host=? - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 4 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=./test.log event time: 1170021601.343:296, host=? - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=./test.log event time: 1170021601.343:296, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=./test.log event time: 1170021601.343:296, host=? - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 5 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=./test.log event time: 1170021601.344:297, host=? - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 6 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=./test.log event time: 1170021601.364:298, host=? - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 7 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=./test.log event time: 1170021601.366:299, host=? - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success Test 4 Done @@ -286,397 +286,397 @@ event 1 has 4 records record 1 of type 1400(AVC) has 11 fields line=1 file=test2.log event time: 1170021493.977:283, host=? - type=AVC (AVC) - seresult=denied (denied) - seperms=read (read) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=test2.log event time: 1170021493.977:283, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=test2.log event time: 1170021493.977:283, host=? - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=test2.log event time: 1170021493.977:283, host=? - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 2 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=test2.log event time: 1170021601.340:284, host=? - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 3 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=test2.log event time: 1170021601.342:285, host=? - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 4 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=test2.log event time: 1170021601.343:286, host=? - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=test2.log event time: 1170021601.343:286, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=test2.log event time: 1170021601.343:286, host=? - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 5 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=test2.log event time: 1170021601.344:287, host=? - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 6 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=test2.log event time: 1170021601.364:288, host=? - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 7 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=test2.log event time: 1170021601.366:289, host=? - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 8 has 4 records record 1 of type 1400(AVC) has 11 fields line=1 file=test.log event time: 1170021493.977:293, host=? - type=AVC (AVC) - seresult=denied (denied) - seperms=read,write (read,write) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read,write + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=test.log event time: 1170021493.977:293, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=test.log event time: 1170021493.977:293, host=? - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=test.log event time: 1170021493.977:293, host=? - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 9 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=test.log event time: 1170021601.340:294, host=? - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 10 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=test.log event time: 1170021601.342:295, host=? - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 11 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=test.log event time: 1170021601.343:296, host=? - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=test.log event time: 1170021601.343:296, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=test.log event time: 1170021601.343:296, host=? - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 12 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=test.log event time: 1170021601.344:297, host=? - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 13 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=test.log event time: 1170021601.364:298, host=? - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 14 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=test.log event time: 1170021601.366:299, host=? - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success Test 5 Done @@ -771,199 +771,199 @@ event 1 has 4 records record 1 of type 1400(AVC) has 11 fields line=1 file=None event time: 1170021493.977:293, host=? - type=AVC (AVC) - seresult=denied (denied) - seperms=read,write (read,write) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read,write + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=None event time: 1170021493.977:293, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=None event time: 1170021493.977:293, host=? - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=None event time: 1170021493.977:293, host=? - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 2 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=None event time: 1170021601.340:294, host=? - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 3 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=None event time: 1170021601.342:295, host=? - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 4 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=None event time: 1170021601.343:296, host=? - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=None event time: 1170021601.343:296, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=None event time: 1170021601.343:296, host=? - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 5 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=None event time: 1170021601.344:297, host=? - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 6 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=None event time: 1170021601.364:298, host=? - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 7 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=None event time: 1170021601.366:299, host=? - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success Test 10 Done @@ -972,458 +972,458 @@ event 1 has 7 records record 1 of type 1300(SYSCALL) has 26 fields line=1 file=test4.log event time: 1655465398.534:25618, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=59 (execve) - success=yes (yes) - exit=0 (0) - a0=8c403a0 (0x8c403a0) - a1=8c3e8b0 (0x8c3e8b0) - a2=fffffb6cc5b0 (0xfffffb6cc5b0) - a3=0 (0x0) - items=3 (3) - ppid=105182 (105182) - pid=105183 (105183) - auid=573 (unknown(573)) - uid=583 (unknown(583)) - gid=583 (unknown(583)) - euid=583 (unknown(583)) - suid=583 (unknown(583)) - fsuid=583 (unknown(583)) - egid=583 (unknown(583)) - sgid=583 (unknown(583)) - fsgid=583 (unknown(583)) - tty=pts2 (pts2) - ses=2632 (2632) - comm="ld" (ld) - exe="/bin/sh4" (/bin/sh4) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=59 + success=yes + exit=0 + a0=8c403a0 + a1=8c3e8b0 + a2=fffffb6cc5b0 + a3=0 + items=3 + ppid=105182 + pid=105183 + auid=573 + uid=583 + gid=583 + euid=583 + suid=583 + fsuid=583 + egid=583 + sgid=583 + fsgid=583 + tty=pts2 + ses=2632 + comm="ld" + exe="/bin/sh4" + key=(null) record 2 of type 1309(EXECVE) has 50 fields line=2 file=test4.log event time: 1655465398.534:25618, host=? - type=EXECVE (EXECVE) - argc=48 (48) - a0="/bin/sh" (/bin/sh) - a1="-efu" (-efu) - a2="/usr/bin/ld" (/usr/bin/ld) - a3="-plugin" (-plugin) - a4="/usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so" (/usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so) - a5="-plugin-opt=/usr/libexec/gcc/aarch64-alt-linux/8/lto-wrapper" (-plugin-opt=/usr/libexec/gcc/aarch64-alt-linux/8/lto-wrapper) - a6="-plugin-opt=-fresolution=/usr/src/tmp/cchyHiZN.res" (-plugin-opt=-fresolution=/usr/src/tmp/cchyHiZN.res) - a7="-plugin-opt=-pass-through=-lgcc" (-plugin-opt=-pass-through=-lgcc) - a8="-plugin-opt=-pass-through=-lgcc_s" (-plugin-opt=-pass-through=-lgcc_s) - a9="-plugin-opt=-pass-through=-lc" (-plugin-opt=-pass-through=-lc) - a10="-plugin-opt=-pass-through=-lgcc" (-plugin-opt=-pass-through=-lgcc) - a11="-plugin-opt=-pass-through=-lgcc_s" (-plugin-opt=-pass-through=-lgcc_s) - a12="--build-id" (--build-id) - a13="--no-add-needed" (--no-add-needed) - a14="--eh-frame-hdr" (--eh-frame-hdr) - a15="--hash-style=gnu" (--hash-style=gnu) - a16="--as-needed" (--as-needed) - a17="-shared" (-shared) - a18="-X" (-X) - a19="-EL" (-EL) - a20="-maarch64linux" (-maarch64linux) - a21="-o" (-o) - a22="ztest105133.so" (ztest105133.so) - a23="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crti.o" (/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crti.o) - a24="/usr/lib64/gcc/aarch64-alt-linux/8/crtbeginS.o" (/usr/lib64/gcc/aarch64-alt-linux/8/crtbeginS.o) - a25="-L/usr/lib64/gcc/aarch64-alt-linux/8" (-L/usr/lib64/gcc/aarch64-alt-linux/8) - a26="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64" (-L/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64) - a27="-L/lib/../lib64" (-L/lib/../lib64) - a28="-L/usr/lib/../lib64" (-L/usr/lib/../lib64) - a29="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../.." (-L/usr/lib64/gcc/aarch64-alt-linux/8/../../..) - a30="-soname" (-soname) - a31="libz.so.1" (libz.so.1) - a32="--version-script" (--version-script) - a33="zlib.map" (zlib.map) - a34="ztest105133.o" (ztest105133.o) - a35="-lgcc" (-lgcc) - a36="--push-state" (--push-state) - a37="--as-needed" (--as-needed) - a38="-lgcc_s" (-lgcc_s) - a39="--pop-state" (--pop-state) - a40="-lc" (-lc) - a41="-lgcc" (-lgcc) - a42="--push-state" (--push-state) - a43="--as-needed" (--as-needed) - a44="-lgcc_s" (-lgcc_s) - a45="--pop-state" (--pop-state) - a46="/usr/lib64/gcc/aarch64-alt-linux/8/crtendS.o" (/usr/lib64/gcc/aarch64-alt-linux/8/crtendS.o) - a47="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crtn.o" (/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crtn.o) + type=EXECVE + argc=48 + a0="/bin/sh" + a1="-efu" + a2="/usr/bin/ld" + a3="-plugin" + a4="/usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so" + a5="-plugin-opt=/usr/libexec/gcc/aarch64-alt-linux/8/lto-wrapper" + a6="-plugin-opt=-fresolution=/usr/src/tmp/cchyHiZN.res" + a7="-plugin-opt=-pass-through=-lgcc" + a8="-plugin-opt=-pass-through=-lgcc_s" + a9="-plugin-opt=-pass-through=-lc" + a10="-plugin-opt=-pass-through=-lgcc" + a11="-plugin-opt=-pass-through=-lgcc_s" + a12="--build-id" + a13="--no-add-needed" + a14="--eh-frame-hdr" + a15="--hash-style=gnu" + a16="--as-needed" + a17="-shared" + a18="-X" + a19="-EL" + a20="-maarch64linux" + a21="-o" + a22="ztest105133.so" + a23="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crti.o" + a24="/usr/lib64/gcc/aarch64-alt-linux/8/crtbeginS.o" + a25="-L/usr/lib64/gcc/aarch64-alt-linux/8" + a26="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64" + a27="-L/lib/../lib64" + a28="-L/usr/lib/../lib64" + a29="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../.." + a30="-soname" + a31="libz.so.1" + a32="--version-script" + a33="zlib.map" + a34="ztest105133.o" + a35="-lgcc" + a36="--push-state" + a37="--as-needed" + a38="-lgcc_s" + a39="--pop-state" + a40="-lc" + a41="-lgcc" + a42="--push-state" + a43="--as-needed" + a44="-lgcc_s" + a45="--pop-state" + a46="/usr/lib64/gcc/aarch64-alt-linux/8/crtendS.o" + a47="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crtn.o" record 3 of type 1307(CWD) has 2 fields line=3 file=test4.log event time: 1655465398.534:25618, host=? - type=CWD (CWD) - cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1" (/usr/src/RPM/BUILD/zlib-1.2.11-alt1) + type=CWD + cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1" record 4 of type 1302(PATH) has 15 fields line=4 file=test4.log event time: 1655465398.534:25618, host=? - type=PATH (PATH) - item=0 (0) - name="/usr/bin/ld" (/usr/bin/ld) - inode=40854 (40854) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=0 + name="/usr/bin/ld" + inode=40854 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 5 of type 1302(PATH) has 15 fields line=5 file=test4.log event time: 1655465398.534:25618, host=? - type=PATH (PATH) - item=1 (1) - name="/bin/sh" (/bin/sh) - inode=33238 (33238) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=1 + name="/bin/sh" + inode=33238 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 6 of type 1302(PATH) has 15 fields line=6 file=test4.log event time: 1655465398.534:25618, host=? - type=PATH (PATH) - item=2 (2) - name="/lib64/ld-linux-aarch64.so.1" (/lib64/ld-linux-aarch64.so.1) - inode=33874 (33874) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=2 + name="/lib64/ld-linux-aarch64.so.1" + inode=33874 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 7 of type 1327(PROCTITLE) has 2 fields line=7 file=test4.log event time: 1655465398.534:25618, host=? - type=PROCTITLE (PROCTITLE) - proctitle=2F62696E2F7368002D656675002F7573722F62696E2F6C64002D706C7567696E002F7573722F6C6962657865632F6763632F616172636836342D616C742D6C696E75782F382F6C69626C746F5F706C7567696E2E736F002D706C7567696E2D6F70743D2F7573722F6C6962657865632F6763632F616172636836342D616C742D (/bin/sh -efu /usr/bin/ld -plugin /usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/aarch64-alt-) + type=PROCTITLE + proctitle=2F62696E2F7368002D656675002F7573722F62696E2F6C64002D706C7567696E002F7573722F6C6962657865632F6763632F616172636836342D616C742D6C696E75782F382F6C69626C746F5F706C7567696E2E736F002D706C7567696E2D6F70743D2F7573722F6C6962657865632F6763632F616172636836342D616C742D event 2 has 6 records record 1 of type 1300(SYSCALL) has 26 fields line=8 file=test4.log event time: 1655465404.819:27091, host=? - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=59 (execve) - success=yes (yes) - exit=0 (0) - a0=1a407f50 (0x1a407f50) - a1=1a401cd0 (0x1a401cd0) - a2=1a3ed090 (0x1a3ed090) - a3=0 (0x0) - items=2 (2) - ppid=105932 (105932) - pid=105933 (105933) - auid=573 (unknown(573)) - uid=583 (unknown(583)) - gid=583 (unknown(583)) - euid=583 (unknown(583)) - suid=583 (unknown(583)) - fsuid=583 (unknown(583)) - egid=583 (unknown(583)) - sgid=583 (unknown(583)) - fsgid=583 (unknown(583)) - tty=pts2 (pts2) - ses=2632 (2632) - comm="m4" (m4) - exe="/usr/bin/m4" (/usr/bin/m4) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=59 + success=yes + exit=0 + a0=1a407f50 + a1=1a401cd0 + a2=1a3ed090 + a3=0 + items=2 + ppid=105932 + pid=105933 + auid=573 + uid=583 + gid=583 + euid=583 + suid=583 + fsuid=583 + egid=583 + sgid=583 + fsgid=583 + tty=pts2 + ses=2632 + comm="m4" + exe="/usr/bin/m4" + key=(null) record 2 of type 1309(EXECVE) has 218 fields line=9 file=test4.log event time: 1655465404.819:27091, host=? - type=EXECVE (EXECVE) - argc=216 (216) - a0="/usr/bin/m4" (/usr/bin/m4) - a1="--nesting-limit=1024" (--nesting-limit=1024) - a2="--gnu" (--gnu) - a3="--include=/usr/share/autoconf-2.60" (--include=/usr/share/autoconf-2.60) - a4="--debug=aflq" (--debug=aflq) - a5="--fatal-warning" (--fatal-warning) - a6="--debugfile=autom4te.cache/traces.0t" (--debugfile=autom4te.cache/traces.0t) - a7="--trace=AC_CHECK_LIBM" (--trace=AC_CHECK_LIBM) - a8="--trace=AC_CONFIG_MACRO_DIR" (--trace=AC_CONFIG_MACRO_DIR) - a9="--trace=AC_CONFIG_MACRO_DIR_TRACE" (--trace=AC_CONFIG_MACRO_DIR_TRACE) - a10="--trace=AC_DEFUN" (--trace=AC_DEFUN) - a11="--trace=AC_DEFUN_ONCE" (--trace=AC_DEFUN_ONCE) - a12="--trace=AC_DEPLIBS_CHECK_METHOD" (--trace=AC_DEPLIBS_CHECK_METHOD) - a13="--trace=AC_DISABLE_FAST_INSTALL" (--trace=AC_DISABLE_FAST_INSTALL) - a14="--trace=AC_DISABLE_SHARED" (--trace=AC_DISABLE_SHARED) - a15="--trace=AC_DISABLE_STATIC" (--trace=AC_DISABLE_STATIC) - a16="--trace=AC_ENABLE_FAST_INSTALL" (--trace=AC_ENABLE_FAST_INSTALL) - a17="--trace=AC_ENABLE_SHARED" (--trace=AC_ENABLE_SHARED) - a18="--trace=AC_ENABLE_STATIC" (--trace=AC_ENABLE_STATIC) - a19="--trace=AC_LIBLTDL_CONVENIENCE" (--trace=AC_LIBLTDL_CONVENIENCE) - a20="--trace=AC_LIBLTDL_INSTALLABLE" (--trace=AC_LIBLTDL_INSTALLABLE) - a21="--trace=AC_LIBTOOL_COMPILER_OPTION" (--trace=AC_LIBTOOL_COMPILER_OPTION) - a22="--trace=AC_LIBTOOL_CONFIG" (--trace=AC_LIBTOOL_CONFIG) - a23="--trace=AC_LIBTOOL_CXX" (--trace=AC_LIBTOOL_CXX) - a24="--trace=AC_LIBTOOL_DLOPEN" (--trace=AC_LIBTOOL_DLOPEN) - a25="--trace=AC_LIBTOOL_DLOPEN_SELF" (--trace=AC_LIBTOOL_DLOPEN_SELF) - a26="--trace=AC_LIBTOOL_F77" (--trace=AC_LIBTOOL_F77) - a27="--trace=AC_LIBTOOL_FC" (--trace=AC_LIBTOOL_FC) - a28="--trace=AC_LIBTOOL_GCJ" (--trace=AC_LIBTOOL_GCJ) - a29="--trace=AC_LIBTOOL_LANG_CXX_CONFIG" (--trace=AC_LIBTOOL_LANG_CXX_CONFIG) - a30="--trace=AC_LIBTOOL_LANG_C_CONFIG" (--trace=AC_LIBTOOL_LANG_C_CONFIG) - a31="--trace=AC_LIBTOOL_LANG_F77_CONFIG" (--trace=AC_LIBTOOL_LANG_F77_CONFIG) - a32="--trace=AC_LIBTOOL_LANG_GCJ_CONFIG" (--trace=AC_LIBTOOL_LANG_GCJ_CONFIG) - a33="--trace=AC_LIBTOOL_LANG_RC_CONFIG" (--trace=AC_LIBTOOL_LANG_RC_CONFIG) - a34="--trace=AC_LIBTOOL_LINKER_OPTION" (--trace=AC_LIBTOOL_LINKER_OPTION) - a35="--trace=AC_LIBTOOL_OBJDIR" (--trace=AC_LIBTOOL_OBJDIR) - a36="--trace=AC_LIBTOOL_PICMODE" (--trace=AC_LIBTOOL_PICMODE) - a37="--trace=AC_LIBTOOL_POSTDEP_PREDEP" (--trace=AC_LIBTOOL_POSTDEP_PREDEP) - a38="--trace=AC_LIBTOOL_PROG_CC_C_O" (--trace=AC_LIBTOOL_PROG_CC_C_O) - a39="--trace=AC_LIBTOOL_PROG_COMPILER_NO_RTTI" (--trace=AC_LIBTOOL_PROG_COMPILER_NO_RTTI) - a40="--trace=AC_LIBTOOL_PROG_COMPILER_PIC" (--trace=AC_LIBTOOL_PROG_COMPILER_PIC) - a41="--trace=AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH" (--trace=AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH) - a42="--trace=AC_LIBTOOL_PROG_LD_SHLIBS" (--trace=AC_LIBTOOL_PROG_LD_SHLIBS) - a43="--trace=AC_LIBTOOL_RC" (--trace=AC_LIBTOOL_RC) - a44="--trace=AC_LIBTOOL_SETUP" (--trace=AC_LIBTOOL_SETUP) - a45="--trace=AC_LIBTOOL_SYS_DYNAMIC_LINKER" (--trace=AC_LIBTOOL_SYS_DYNAMIC_LINKER) - a46="--trace=AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE" (--trace=AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE) - a47="--trace=AC_LIBTOOL_SYS_HARD_LINK_LOCKS" (--trace=AC_LIBTOOL_SYS_HARD_LINK_LOCKS) - a48="--trace=AC_LIBTOOL_SYS_LIB_STRIP" (--trace=AC_LIBTOOL_SYS_LIB_STRIP) - a49="--trace=AC_LIBTOOL_SYS_MAX_CMD_LEN" (--trace=AC_LIBTOOL_SYS_MAX_CMD_LEN) - a50="--trace=AC_LIBTOOL_SYS_OLD_ARCHIVE" (--trace=AC_LIBTOOL_SYS_OLD_ARCHIVE) - a51="--trace=AC_LIBTOOL_WIN32_DLL" (--trace=AC_LIBTOOL_WIN32_DLL) - a52="--trace=AC_LIB_LTDL" (--trace=AC_LIB_LTDL) - a53="--trace=AC_LTDL_DLLIB" (--trace=AC_LTDL_DLLIB) - a54="--trace=AC_LTDL_DLSYM_USCORE" (--trace=AC_LTDL_DLSYM_USCORE) - a55="--trace=AC_LTDL_ENABLE_INSTALL" (--trace=AC_LTDL_ENABLE_INSTALL) - a56="--trace=AC_LTDL_OBJDIR" (--trace=AC_LTDL_OBJDIR) - a57="--trace=AC_LTDL_PREOPEN" (--trace=AC_LTDL_PREOPEN) - a58="--trace=AC_LTDL_SHLIBEXT" (--trace=AC_LTDL_SHLIBEXT) - a59="--trace=AC_LTDL_SHLIBPATH" (--trace=AC_LTDL_SHLIBPATH) - a60="--trace=AC_LTDL_SYMBOL_USCORE" (--trace=AC_LTDL_SYMBOL_USCORE) - a61="--trace=AC_LTDL_SYSSEARCHPATH" (--trace=AC_LTDL_SYSSEARCHPATH) - a62="--trace=AC_LTDL_SYS_DLOPEN_DEPLIBS" (--trace=AC_LTDL_SYS_DLOPEN_DEPLIBS) - a63="--trace=AC_PATH_MAGIC" (--trace=AC_PATH_MAGIC) - a64="--trace=AC_PATH_TOOL_PREFIX" (--trace=AC_PATH_TOOL_PREFIX) - a65="--trace=AC_PROG_EGREP" (--trace=AC_PROG_EGREP) - a66="--trace=AC_PROG_LD" (--trace=AC_PROG_LD) - a67="--trace=AC_PROG_LD_GNU" (--trace=AC_PROG_LD_GNU) - a68="--trace=AC_PROG_LD_RELOAD_FLAG" (--trace=AC_PROG_LD_RELOAD_FLAG) - a69="--trace=AC_PROG_LIBTOOL" (--trace=AC_PROG_LIBTOOL) - a70="--trace=AC_PROG_NM" (--trace=AC_PROG_NM) - a71="--trace=AC_WITH_LTDL" (--trace=AC_WITH_LTDL) - a72="--trace=AM_AUTOMAKE_VERSION" (--trace=AM_AUTOMAKE_VERSION) - a73="--trace=AM_AUX_DIR_EXPAND" (--trace=AM_AUX_DIR_EXPAND) - a74="--trace=AM_CONDITIONAL" (--trace=AM_CONDITIONAL) - a75="--trace=AM_DEP_TRACK" (--trace=AM_DEP_TRACK) - a76="--trace=AM_DISABLE_SHARED" (--trace=AM_DISABLE_SHARED) - a77="--trace=AM_DISABLE_STATIC" (--trace=AM_DISABLE_STATIC) - a78="--trace=AM_ENABLE_SHARED" (--trace=AM_ENABLE_SHARED) - a79="--trace=AM_ENABLE_STATIC" (--trace=AM_ENABLE_STATIC) - a80="--trace=AM_INIT_AUTOMAKE" (--trace=AM_INIT_AUTOMAKE) - a81="--trace=AM_MAKE_INCLUDE" (--trace=AM_MAKE_INCLUDE) - a82="--trace=AM_MISSING_HAS_RUN" (--trace=AM_MISSING_HAS_RUN) - a83="--trace=AM_MISSING_PROG" (--trace=AM_MISSING_PROG) - a84="--trace=AM_OUTPUT_DEPENDENCY_COMMANDS" (--trace=AM_OUTPUT_DEPENDENCY_COMMANDS) - a85="--trace=AM_PROG_CC_C_O" (--trace=AM_PROG_CC_C_O) - a86="--trace=AM_PROG_INSTALL_SH" (--trace=AM_PROG_INSTALL_SH) - a87="--trace=AM_PROG_INSTALL_STRIP" (--trace=AM_PROG_INSTALL_STRIP) - a88="--trace=AM_PROG_LD" (--trace=AM_PROG_LD) - a89="--trace=AM_PROG_LIBTOOL" (--trace=AM_PROG_LIBTOOL) - a90="--trace=AM_PROG_NM" (--trace=AM_PROG_NM) - a91="--trace=AM_RUN_LOG" (--trace=AM_RUN_LOG) - a92="--trace=AM_SANITY_CHECK" (--trace=AM_SANITY_CHECK) - a93="--trace=AM_SET_CURRENT_AUTOMAKE_VERSION" (--trace=AM_SET_CURRENT_AUTOMAKE_VERSION) - a94="--trace=AM_SET_DEPDIR" (--trace=AM_SET_DEPDIR) - a95="--trace=AM_SET_LEADING_DOT" (--trace=AM_SET_LEADING_DOT) - a96="--trace=AM_SILENT_RULES" (--trace=AM_SILENT_RULES) - a97="--trace=AM_SUBST_NOTMAKE" (--trace=AM_SUBST_NOTMAKE) - a98="--trace=AU_DEFUN" (--trace=AU_DEFUN) - a99="--trace=LTDL_CONVENIENCE" (--trace=LTDL_CONVENIENCE) - a100="--trace=LTDL_INIT" (--trace=LTDL_INIT) - a101="--trace=LTDL_INSTALLABLE" (--trace=LTDL_INSTALLABLE) - a102="--trace=LTOBSOLETE_VERSION" (--trace=LTOBSOLETE_VERSION) - a103="--trace=LTOPTIONS_VERSION" (--trace=LTOPTIONS_VERSION) - a104="--trace=LTSUGAR_VERSION" (--trace=LTSUGAR_VERSION) - a105="--trace=LTVERSION_VERSION" (--trace=LTVERSION_VERSION) - a106="--trace=LT_AC_PROG_EGREP" (--trace=LT_AC_PROG_EGREP) - a107="--trace=LT_AC_PROG_GCJ" (--trace=LT_AC_PROG_GCJ) - a108="--trace=LT_AC_PROG_RC" (--trace=LT_AC_PROG_RC) - a109="--trace=LT_AC_PROG_SED" (--trace=LT_AC_PROG_SED) - a110="--trace=LT_CMD_MAX_LEN" (--trace=LT_CMD_MAX_LEN) - a111="--trace=LT_CONFIG_LTDL_DIR" (--trace=LT_CONFIG_LTDL_DIR) - a112="--trace=LT_FUNC_ARGZ" (--trace=LT_FUNC_ARGZ) - a113="--trace=LT_FUNC_DLSYM_USCORE" (--trace=LT_FUNC_DLSYM_USCORE) - a114="--trace=LT_INIT" (--trace=LT_INIT) - a115="--trace=LT_LANG" (--trace=LT_LANG) - a116="--trace=LT_LIB_DLLOAD" (--trace=LT_LIB_DLLOAD) - a117="--trace=LT_LIB_M" (--trace=LT_LIB_M) - a118="--trace=LT_OUTPUT" (--trace=LT_OUTPUT) - a119="--trace=LT_PATH_LD" (--trace=LT_PATH_LD) - a120="--trace=LT_PATH_NM" (--trace=LT_PATH_NM) - a121="--trace=LT_PROG_GCJ" (--trace=LT_PROG_GCJ) - a122="--trace=LT_PROG_GO" (--trace=LT_PROG_GO) - a123="--trace=LT_PROG_RC" (--trace=LT_PROG_RC) - a124="--trace=LT_SUPPORTED_TAG" (--trace=LT_SUPPORTED_TAG) - a125="--trace=LT_SYS_DLOPEN_DEPLIBS" (--trace=LT_SYS_DLOPEN_DEPLIBS) - a126="--trace=LT_SYS_DLOPEN_SELF" (--trace=LT_SYS_DLOPEN_SELF) - a127="--trace=LT_SYS_DLSEARCH_PATH" (--trace=LT_SYS_DLSEARCH_PATH) - a128="--trace=LT_SYS_MODULE_EXT" (--trace=LT_SYS_MODULE_EXT) - a129="--trace=LT_SYS_MODULE_PATH" (--trace=LT_SYS_MODULE_PATH) - a130="--trace=LT_SYS_SYMBOL_USCORE" (--trace=LT_SYS_SYMBOL_USCORE) - a131="--trace=LT_WITH_LTDL" (--trace=LT_WITH_LTDL) - a132="--trace=_AC_AM_CONFIG_HEADER_HOOK" (--trace=_AC_AM_CONFIG_HEADER_HOOK) - a133="--trace=_AC_PROG_LIBTOOL" (--trace=_AC_PROG_LIBTOOL) - a134="--trace=_AM_AUTOCONF_VERSION" (--trace=_AM_AUTOCONF_VERSION) - a135="--trace=_AM_CONFIG_MACRO_DIRS" (--trace=_AM_CONFIG_MACRO_DIRS) - a136="--trace=_AM_DEPENDENCIES" (--trace=_AM_DEPENDENCIES) - a137="--trace=_AM_IF_OPTION" (--trace=_AM_IF_OPTION) - a138="--trace=_AM_MANGLE_OPTION" (--trace=_AM_MANGLE_OPTION) - a139="--trace=_AM_OUTPUT_DEPENDENCY_COMMANDS" (--trace=_AM_OUTPUT_DEPENDENCY_COMMANDS) - a140="--trace=_AM_PROG_CC_C_O" (--trace=_AM_PROG_CC_C_O) - a141="--trace=_AM_PROG_TAR" (--trace=_AM_PROG_TAR) - a142="--trace=_AM_SET_OPTION" (--trace=_AM_SET_OPTION) - a143="--trace=_AM_SET_OPTIONS" (--trace=_AM_SET_OPTIONS) - a144="--trace=_AM_SUBST_NOTMAKE" (--trace=_AM_SUBST_NOTMAKE) - a145="--trace=_LTDL_SETUP" (--trace=_LTDL_SETUP) - a146="--trace=_LT_AC_CHECK_DLFCN" (--trace=_LT_AC_CHECK_DLFCN) - a147="--trace=_LT_AC_FILE_LTDLL_C" (--trace=_LT_AC_FILE_LTDLL_C) - a148="--trace=_LT_AC_LANG_CXX" (--trace=_LT_AC_LANG_CXX) - a149="--trace=_LT_AC_LANG_CXX_CONFIG" (--trace=_LT_AC_LANG_CXX_CONFIG) - a150="--trace=_LT_AC_LANG_C_CONFIG" (--trace=_LT_AC_LANG_C_CONFIG) - a151="--trace=_LT_AC_LANG_F77" (--trace=_LT_AC_LANG_F77) - a152="--trace=_LT_AC_LANG_F77_CONFIG" (--trace=_LT_AC_LANG_F77_CONFIG) - a153="--trace=_LT_AC_LANG_GCJ" (--trace=_LT_AC_LANG_GCJ) - a154="--trace=_LT_AC_LANG_GCJ_CONFIG" (--trace=_LT_AC_LANG_GCJ_CONFIG) - a155="--trace=_LT_AC_LANG_RC_CONFIG" (--trace=_LT_AC_LANG_RC_CONFIG) - a156="--trace=_LT_AC_LOCK" (--trace=_LT_AC_LOCK) - a157="--trace=_LT_AC_PROG_CXXCPP" (--trace=_LT_AC_PROG_CXXCPP) - a158="--trace=_LT_AC_PROG_ECHO_BACKSLASH" (--trace=_LT_AC_PROG_ECHO_BACKSLASH) - a159="--trace=_LT_AC_SHELL_INIT" (--trace=_LT_AC_SHELL_INIT) - a160="--trace=_LT_AC_SYS_COMPILER" (--trace=_LT_AC_SYS_COMPILER) - a161="--trace=_LT_AC_SYS_LIBPATH_AIX" (--trace=_LT_AC_SYS_LIBPATH_AIX) - a162="--trace=_LT_AC_TAGCONFIG" (--trace=_LT_AC_TAGCONFIG) - a163="--trace=_LT_AC_TAGVAR" (--trace=_LT_AC_TAGVAR) - a164="--trace=_LT_AC_TRY_DLOPEN_SELF" (--trace=_LT_AC_TRY_DLOPEN_SELF) - a165="--trace=_LT_CC_BASENAME" (--trace=_LT_CC_BASENAME) - a166="--trace=_LT_COMPILER_BOILERPLATE" (--trace=_LT_COMPILER_BOILERPLATE) - a167="--trace=_LT_COMPILER_OPTION" (--trace=_LT_COMPILER_OPTION) - a168="--trace=_LT_DLL_DEF_P" (--trace=_LT_DLL_DEF_P) - a169="--trace=_LT_LIBOBJ" (--trace=_LT_LIBOBJ) - a170="--trace=_LT_LINKER_BOILERPLATE" (--trace=_LT_LINKER_BOILERPLATE) - a171="--trace=_LT_LINKER_OPTION" (--trace=_LT_LINKER_OPTION) - a172="--trace=_LT_PATH_TOOL_PREFIX" (--trace=_LT_PATH_TOOL_PREFIX) - a173="--trace=_LT_PREPARE_SED_QUOTE_VARS" (--trace=_LT_PREPARE_SED_QUOTE_VARS) - a174="--trace=_LT_PROG_CXX" (--trace=_LT_PROG_CXX) - a175="--trace=_LT_PROG_ECHO_BACKSLASH" (--trace=_LT_PROG_ECHO_BACKSLASH) - a176="--trace=_LT_PROG_F77" (--trace=_LT_PROG_F77) - a177="--trace=_LT_PROG_FC" (--trace=_LT_PROG_FC) - a178="--trace=_LT_PROG_LTMAIN" (--trace=_LT_PROG_LTMAIN) - a179="--trace=_LT_REQUIRED_DARWIN_CHECKS" (--trace=_LT_REQUIRED_DARWIN_CHECKS) - a180="--trace=_LT_WITH_SYSROOT" (--trace=_LT_WITH_SYSROOT) - a181="--trace=_m4_warn" (--trace=_m4_warn) - a182="--trace=include" (--trace=include) - a183="--trace=m4_include" (--trace=m4_include) - a184="--trace=m4_pattern_allow" (--trace=m4_pattern_allow) - a185="--trace=m4_pattern_forbid" (--trace=m4_pattern_forbid) - a186="--reload-state=/usr/share/autoconf-2.60/autoconf/autoconf.m4f" (--reload-state=/usr/share/autoconf-2.60/autoconf/autoconf.m4f) - a187="--undefine=__m4_version__" (--undefine=__m4_version__) - a188="-" (-) - a189="/usr/share/aclocal-1.16/internal/ac-config-macro-dirs.m4" (/usr/share/aclocal-1.16/internal/ac-config-macro-dirs.m4) - a190="/usr/share/libtool/aclocal/libtool.m4" (/usr/share/libtool/aclocal/libtool.m4) - a191="/usr/share/libtool/aclocal/ltargz.m4" (/usr/share/libtool/aclocal/ltargz.m4) - a192="/usr/share/libtool/aclocal/ltdl.m4" (/usr/share/libtool/aclocal/ltdl.m4) - a193="/usr/share/libtool/aclocal/ltoptions.m4" (/usr/share/libtool/aclocal/ltoptions.m4) - a194="/usr/share/libtool/aclocal/ltsugar.m4" (/usr/share/libtool/aclocal/ltsugar.m4) - a195="/usr/share/libtool/aclocal/ltversion.m4" (/usr/share/libtool/aclocal/ltversion.m4) - a196="/usr/share/libtool/aclocal/lt~obsolete.m4" (/usr/share/libtool/aclocal/lt~obsolete.m4) - a197="/usr/share/aclocal-1.16/amversion.m4" (/usr/share/aclocal-1.16/amversion.m4) - a198="/usr/share/aclocal-1.16/auxdir.m4" (/usr/share/aclocal-1.16/auxdir.m4) - a199="/usr/share/aclocal-1.16/cond.m4" (/usr/share/aclocal-1.16/cond.m4) - a200="/usr/share/aclocal-1.16/depend.m4" (/usr/share/aclocal-1.16/depend.m4) - a201="/usr/share/aclocal-1.16/depout.m4" (/usr/share/aclocal-1.16/depout.m4) - a202="/usr/share/aclocal-1.16/init.m4" (/usr/share/aclocal-1.16/init.m4) - a203="/usr/share/aclocal-1.16/install-sh.m4" (/usr/share/aclocal-1.16/install-sh.m4) - a204="/usr/share/aclocal-1.16/lead-dot.m4" (/usr/share/aclocal-1.16/lead-dot.m4) - a205="/usr/share/aclocal-1.16/make.m4" (/usr/share/aclocal-1.16/make.m4) - a206="/usr/share/aclocal-1.16/missing.m4" (/usr/share/aclocal-1.16/missing.m4) - a207="/usr/share/aclocal-1.16/options.m4" (/usr/share/aclocal-1.16/options.m4) - a208="/usr/share/aclocal-1.16/prog-cc-c-o.m4" (/usr/share/aclocal-1.16/prog-cc-c-o.m4) - a209="/usr/share/aclocal-1.16/runlog.m4" (/usr/share/aclocal-1.16/runlog.m4) - a210="/usr/share/aclocal-1.16/sanity.m4" (/usr/share/aclocal-1.16/sanity.m4) - a211="/usr/share/aclocal-1.16/silent.m4" (/usr/share/aclocal-1.16/silent.m4) - a212="/usr/share/aclocal-1.16/strip.m4" (/usr/share/aclocal-1.16/strip.m4) - a213="/usr/share/aclocal-1.16/substnot.m4" (/usr/share/aclocal-1.16/substnot.m4) - a214="/usr/share/aclocal-1.16/tar.m4" (/usr/share/aclocal-1.16/tar.m4) - a215="configure.ac" (configure.ac) + type=EXECVE + argc=216 + a0="/usr/bin/m4" + a1="--nesting-limit=1024" + a2="--gnu" + a3="--include=/usr/share/autoconf-2.60" + a4="--debug=aflq" + a5="--fatal-warning" + a6="--debugfile=autom4te.cache/traces.0t" + a7="--trace=AC_CHECK_LIBM" + a8="--trace=AC_CONFIG_MACRO_DIR" + a9="--trace=AC_CONFIG_MACRO_DIR_TRACE" + a10="--trace=AC_DEFUN" + a11="--trace=AC_DEFUN_ONCE" + a12="--trace=AC_DEPLIBS_CHECK_METHOD" + a13="--trace=AC_DISABLE_FAST_INSTALL" + a14="--trace=AC_DISABLE_SHARED" + a15="--trace=AC_DISABLE_STATIC" + a16="--trace=AC_ENABLE_FAST_INSTALL" + a17="--trace=AC_ENABLE_SHARED" + a18="--trace=AC_ENABLE_STATIC" + a19="--trace=AC_LIBLTDL_CONVENIENCE" + a20="--trace=AC_LIBLTDL_INSTALLABLE" + a21="--trace=AC_LIBTOOL_COMPILER_OPTION" + a22="--trace=AC_LIBTOOL_CONFIG" + a23="--trace=AC_LIBTOOL_CXX" + a24="--trace=AC_LIBTOOL_DLOPEN" + a25="--trace=AC_LIBTOOL_DLOPEN_SELF" + a26="--trace=AC_LIBTOOL_F77" + a27="--trace=AC_LIBTOOL_FC" + a28="--trace=AC_LIBTOOL_GCJ" + a29="--trace=AC_LIBTOOL_LANG_CXX_CONFIG" + a30="--trace=AC_LIBTOOL_LANG_C_CONFIG" + a31="--trace=AC_LIBTOOL_LANG_F77_CONFIG" + a32="--trace=AC_LIBTOOL_LANG_GCJ_CONFIG" + a33="--trace=AC_LIBTOOL_LANG_RC_CONFIG" + a34="--trace=AC_LIBTOOL_LINKER_OPTION" + a35="--trace=AC_LIBTOOL_OBJDIR" + a36="--trace=AC_LIBTOOL_PICMODE" + a37="--trace=AC_LIBTOOL_POSTDEP_PREDEP" + a38="--trace=AC_LIBTOOL_PROG_CC_C_O" + a39="--trace=AC_LIBTOOL_PROG_COMPILER_NO_RTTI" + a40="--trace=AC_LIBTOOL_PROG_COMPILER_PIC" + a41="--trace=AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH" + a42="--trace=AC_LIBTOOL_PROG_LD_SHLIBS" + a43="--trace=AC_LIBTOOL_RC" + a44="--trace=AC_LIBTOOL_SETUP" + a45="--trace=AC_LIBTOOL_SYS_DYNAMIC_LINKER" + a46="--trace=AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE" + a47="--trace=AC_LIBTOOL_SYS_HARD_LINK_LOCKS" + a48="--trace=AC_LIBTOOL_SYS_LIB_STRIP" + a49="--trace=AC_LIBTOOL_SYS_MAX_CMD_LEN" + a50="--trace=AC_LIBTOOL_SYS_OLD_ARCHIVE" + a51="--trace=AC_LIBTOOL_WIN32_DLL" + a52="--trace=AC_LIB_LTDL" + a53="--trace=AC_LTDL_DLLIB" + a54="--trace=AC_LTDL_DLSYM_USCORE" + a55="--trace=AC_LTDL_ENABLE_INSTALL" + a56="--trace=AC_LTDL_OBJDIR" + a57="--trace=AC_LTDL_PREOPEN" + a58="--trace=AC_LTDL_SHLIBEXT" + a59="--trace=AC_LTDL_SHLIBPATH" + a60="--trace=AC_LTDL_SYMBOL_USCORE" + a61="--trace=AC_LTDL_SYSSEARCHPATH" + a62="--trace=AC_LTDL_SYS_DLOPEN_DEPLIBS" + a63="--trace=AC_PATH_MAGIC" + a64="--trace=AC_PATH_TOOL_PREFIX" + a65="--trace=AC_PROG_EGREP" + a66="--trace=AC_PROG_LD" + a67="--trace=AC_PROG_LD_GNU" + a68="--trace=AC_PROG_LD_RELOAD_FLAG" + a69="--trace=AC_PROG_LIBTOOL" + a70="--trace=AC_PROG_NM" + a71="--trace=AC_WITH_LTDL" + a72="--trace=AM_AUTOMAKE_VERSION" + a73="--trace=AM_AUX_DIR_EXPAND" + a74="--trace=AM_CONDITIONAL" + a75="--trace=AM_DEP_TRACK" + a76="--trace=AM_DISABLE_SHARED" + a77="--trace=AM_DISABLE_STATIC" + a78="--trace=AM_ENABLE_SHARED" + a79="--trace=AM_ENABLE_STATIC" + a80="--trace=AM_INIT_AUTOMAKE" + a81="--trace=AM_MAKE_INCLUDE" + a82="--trace=AM_MISSING_HAS_RUN" + a83="--trace=AM_MISSING_PROG" + a84="--trace=AM_OUTPUT_DEPENDENCY_COMMANDS" + a85="--trace=AM_PROG_CC_C_O" + a86="--trace=AM_PROG_INSTALL_SH" + a87="--trace=AM_PROG_INSTALL_STRIP" + a88="--trace=AM_PROG_LD" + a89="--trace=AM_PROG_LIBTOOL" + a90="--trace=AM_PROG_NM" + a91="--trace=AM_RUN_LOG" + a92="--trace=AM_SANITY_CHECK" + a93="--trace=AM_SET_CURRENT_AUTOMAKE_VERSION" + a94="--trace=AM_SET_DEPDIR" + a95="--trace=AM_SET_LEADING_DOT" + a96="--trace=AM_SILENT_RULES" + a97="--trace=AM_SUBST_NOTMAKE" + a98="--trace=AU_DEFUN" + a99="--trace=LTDL_CONVENIENCE" + a100="--trace=LTDL_INIT" + a101="--trace=LTDL_INSTALLABLE" + a102="--trace=LTOBSOLETE_VERSION" + a103="--trace=LTOPTIONS_VERSION" + a104="--trace=LTSUGAR_VERSION" + a105="--trace=LTVERSION_VERSION" + a106="--trace=LT_AC_PROG_EGREP" + a107="--trace=LT_AC_PROG_GCJ" + a108="--trace=LT_AC_PROG_RC" + a109="--trace=LT_AC_PROG_SED" + a110="--trace=LT_CMD_MAX_LEN" + a111="--trace=LT_CONFIG_LTDL_DIR" + a112="--trace=LT_FUNC_ARGZ" + a113="--trace=LT_FUNC_DLSYM_USCORE" + a114="--trace=LT_INIT" + a115="--trace=LT_LANG" + a116="--trace=LT_LIB_DLLOAD" + a117="--trace=LT_LIB_M" + a118="--trace=LT_OUTPUT" + a119="--trace=LT_PATH_LD" + a120="--trace=LT_PATH_NM" + a121="--trace=LT_PROG_GCJ" + a122="--trace=LT_PROG_GO" + a123="--trace=LT_PROG_RC" + a124="--trace=LT_SUPPORTED_TAG" + a125="--trace=LT_SYS_DLOPEN_DEPLIBS" + a126="--trace=LT_SYS_DLOPEN_SELF" + a127="--trace=LT_SYS_DLSEARCH_PATH" + a128="--trace=LT_SYS_MODULE_EXT" + a129="--trace=LT_SYS_MODULE_PATH" + a130="--trace=LT_SYS_SYMBOL_USCORE" + a131="--trace=LT_WITH_LTDL" + a132="--trace=_AC_AM_CONFIG_HEADER_HOOK" + a133="--trace=_AC_PROG_LIBTOOL" + a134="--trace=_AM_AUTOCONF_VERSION" + a135="--trace=_AM_CONFIG_MACRO_DIRS" + a136="--trace=_AM_DEPENDENCIES" + a137="--trace=_AM_IF_OPTION" + a138="--trace=_AM_MANGLE_OPTION" + a139="--trace=_AM_OUTPUT_DEPENDENCY_COMMANDS" + a140="--trace=_AM_PROG_CC_C_O" + a141="--trace=_AM_PROG_TAR" + a142="--trace=_AM_SET_OPTION" + a143="--trace=_AM_SET_OPTIONS" + a144="--trace=_AM_SUBST_NOTMAKE" + a145="--trace=_LTDL_SETUP" + a146="--trace=_LT_AC_CHECK_DLFCN" + a147="--trace=_LT_AC_FILE_LTDLL_C" + a148="--trace=_LT_AC_LANG_CXX" + a149="--trace=_LT_AC_LANG_CXX_CONFIG" + a150="--trace=_LT_AC_LANG_C_CONFIG" + a151="--trace=_LT_AC_LANG_F77" + a152="--trace=_LT_AC_LANG_F77_CONFIG" + a153="--trace=_LT_AC_LANG_GCJ" + a154="--trace=_LT_AC_LANG_GCJ_CONFIG" + a155="--trace=_LT_AC_LANG_RC_CONFIG" + a156="--trace=_LT_AC_LOCK" + a157="--trace=_LT_AC_PROG_CXXCPP" + a158="--trace=_LT_AC_PROG_ECHO_BACKSLASH" + a159="--trace=_LT_AC_SHELL_INIT" + a160="--trace=_LT_AC_SYS_COMPILER" + a161="--trace=_LT_AC_SYS_LIBPATH_AIX" + a162="--trace=_LT_AC_TAGCONFIG" + a163="--trace=_LT_AC_TAGVAR" + a164="--trace=_LT_AC_TRY_DLOPEN_SELF" + a165="--trace=_LT_CC_BASENAME" + a166="--trace=_LT_COMPILER_BOILERPLATE" + a167="--trace=_LT_COMPILER_OPTION" + a168="--trace=_LT_DLL_DEF_P" + a169="--trace=_LT_LIBOBJ" + a170="--trace=_LT_LINKER_BOILERPLATE" + a171="--trace=_LT_LINKER_OPTION" + a172="--trace=_LT_PATH_TOOL_PREFIX" + a173="--trace=_LT_PREPARE_SED_QUOTE_VARS" + a174="--trace=_LT_PROG_CXX" + a175="--trace=_LT_PROG_ECHO_BACKSLASH" + a176="--trace=_LT_PROG_F77" + a177="--trace=_LT_PROG_FC" + a178="--trace=_LT_PROG_LTMAIN" + a179="--trace=_LT_REQUIRED_DARWIN_CHECKS" + a180="--trace=_LT_WITH_SYSROOT" + a181="--trace=_m4_warn" + a182="--trace=include" + a183="--trace=m4_include" + a184="--trace=m4_pattern_allow" + a185="--trace=m4_pattern_forbid" + a186="--reload-state=/usr/share/autoconf-2.60/autoconf/autoconf.m4f" + a187="--undefine=__m4_version__" + a188="-" + a189="/usr/share/aclocal-1.16/internal/ac-config-macro-dirs.m4" + a190="/usr/share/libtool/aclocal/libtool.m4" + a191="/usr/share/libtool/aclocal/ltargz.m4" + a192="/usr/share/libtool/aclocal/ltdl.m4" + a193="/usr/share/libtool/aclocal/ltoptions.m4" + a194="/usr/share/libtool/aclocal/ltsugar.m4" + a195="/usr/share/libtool/aclocal/ltversion.m4" + a196="/usr/share/libtool/aclocal/lt~obsolete.m4" + a197="/usr/share/aclocal-1.16/amversion.m4" + a198="/usr/share/aclocal-1.16/auxdir.m4" + a199="/usr/share/aclocal-1.16/cond.m4" + a200="/usr/share/aclocal-1.16/depend.m4" + a201="/usr/share/aclocal-1.16/depout.m4" + a202="/usr/share/aclocal-1.16/init.m4" + a203="/usr/share/aclocal-1.16/install-sh.m4" + a204="/usr/share/aclocal-1.16/lead-dot.m4" + a205="/usr/share/aclocal-1.16/make.m4" + a206="/usr/share/aclocal-1.16/missing.m4" + a207="/usr/share/aclocal-1.16/options.m4" + a208="/usr/share/aclocal-1.16/prog-cc-c-o.m4" + a209="/usr/share/aclocal-1.16/runlog.m4" + a210="/usr/share/aclocal-1.16/sanity.m4" + a211="/usr/share/aclocal-1.16/silent.m4" + a212="/usr/share/aclocal-1.16/strip.m4" + a213="/usr/share/aclocal-1.16/substnot.m4" + a214="/usr/share/aclocal-1.16/tar.m4" + a215="configure.ac" record 3 of type 1307(CWD) has 2 fields line=10 file=test4.log event time: 1655465404.819:27091, host=? - type=CWD (CWD) - cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1/contrib/minizip" (/usr/src/RPM/BUILD/zlib-1.2.11-alt1/contrib/minizip) + type=CWD + cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1/contrib/minizip" record 4 of type 1302(PATH) has 15 fields line=11 file=test4.log event time: 1655465404.819:27091, host=? - type=PATH (PATH) - item=0 (0) - name="/usr/bin/m4" (/usr/bin/m4) - inode=40839 (40839) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=0 + name="/usr/bin/m4" + inode=40839 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 5 of type 1302(PATH) has 15 fields line=12 file=test4.log event time: 1655465404.819:27091, host=? - type=PATH (PATH) - item=1 (1) - name="/lib64/ld-linux-aarch64.so.1" (/lib64/ld-linux-aarch64.so.1) - inode=33874 (33874) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=1 + name="/lib64/ld-linux-aarch64.so.1" + inode=33874 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 6 of type 1327(PROCTITLE) has 2 fields line=13 file=test4.log event time: 1655465404.819:27091, host=? - type=PROCTITLE (PROCTITLE) - proctitle=2F7573722F62696E2F6D34002D2D6E657374696E672D6C696D69743D31303234002D2D676E75002D2D696E636C7564653D2F7573722F73686172652F6175746F636F6E662D322E3630002D2D64656275673D61666C71002D2D666174616C2D7761726E696E67002D2D646562756766696C653D6175746F6D3474652E63616368 (/usr/bin/m4 --nesting-limit=1024 --gnu --include=/usr/share/autoconf-2.60 --debug=aflq --fatal-warning --debugfile=autom4te.cach) + type=PROCTITLE + proctitle=2F7573722F62696E2F6D34002D2D6E657374696E672D6C696D69743D31303234002D2D676E75002D2D696E636C7564653D2F7573722F73686172652F6175746F636F6E662D322E3630002D2D64656275673D61666C71002D2D666174616C2D7761726E696E67002D2D646562756766696C653D6175746F6D3474652E63616368 Test 11 Done diff --git a/auparse/test/auparse_test.ref.py b/auparse/test/auparse_test.ref.py index 83dc47ad9..bb1b4b6dc 100644 --- a/auparse/test/auparse_test.ref.py +++ b/auparse/test/auparse_test.ref.py @@ -77,199 +77,199 @@ record 1 of type 1400(AVC) has 11 fields line=1 file=test.log event time: 1170021493.977:293, host=(null) - type=AVC (AVC) - seresult=denied (denied) - seperms=read,write (read,write) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read,write + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=test.log event time: 1170021493.977:293, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=test.log event time: 1170021493.977:293, host=(null) - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=test.log event time: 1170021493.977:293, host=(null) - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 2 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=test.log event time: 1170021601.340:294, host=(null) - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 3 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=test.log event time: 1170021601.342:295, host=(null) - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 4 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=test.log event time: 1170021601.343:296, host=(null) - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=test.log event time: 1170021601.343:296, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=test.log event time: 1170021601.343:296, host=(null) - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 5 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=test.log event time: 1170021601.344:297, host=(null) - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 6 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=test.log event time: 1170021601.364:298, host=(null) - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 7 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=test.log event time: 1170021601.366:299, host=(null) - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success Test 4 Done @@ -278,397 +278,397 @@ record 1 of type 1400(AVC) has 11 fields line=1 file=test2.log event time: 1170021493.977:283, host=(null) - type=AVC (AVC) - seresult=denied (denied) - seperms=read (read) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=test2.log event time: 1170021493.977:283, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=test2.log event time: 1170021493.977:283, host=(null) - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=test2.log event time: 1170021493.977:283, host=(null) - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 2 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=test2.log event time: 1170021601.340:284, host=(null) - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 3 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=test2.log event time: 1170021601.342:285, host=(null) - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 4 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=test2.log event time: 1170021601.343:286, host=(null) - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=test2.log event time: 1170021601.343:286, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=test2.log event time: 1170021601.343:286, host=(null) - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 5 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=test2.log event time: 1170021601.344:287, host=(null) - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 6 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=test2.log event time: 1170021601.364:288, host=(null) - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 7 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=test2.log event time: 1170021601.366:289, host=(null) - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 8 has 4 records record 1 of type 1400(AVC) has 11 fields line=1 file=test.log event time: 1170021493.977:293, host=(null) - type=AVC (AVC) - seresult=denied (denied) - seperms=read,write (read,write) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read,write + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=test.log event time: 1170021493.977:293, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=test.log event time: 1170021493.977:293, host=(null) - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=test.log event time: 1170021493.977:293, host=(null) - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 9 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=test.log event time: 1170021601.340:294, host=(null) - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 10 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=test.log event time: 1170021601.342:295, host=(null) - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 11 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=test.log event time: 1170021601.343:296, host=(null) - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=test.log event time: 1170021601.343:296, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=test.log event time: 1170021601.343:296, host=(null) - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 12 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=test.log event time: 1170021601.344:297, host=(null) - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 13 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=test.log event time: 1170021601.364:298, host=(null) - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 14 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=test.log event time: 1170021601.366:299, host=(null) - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success Test 5 Done @@ -704,55 +704,55 @@ record 1 of type 1006(LOGIN) has 5 fields line=1 file=None event time: 1143146623.787:142, host=(null) - type=LOGIN (LOGIN) - pid=2027 (2027) - uid=0 (root) - auid=4294967295 (unset) - auid=848 (unknown(848)) + type=LOGIN + pid=2027 + uid=0 + auid=4294967295 + auid=848 event 2 has 1 records record 1 of type 1300(SYSCALL) has 24 fields line=2 file=None event time: 1143146623.875:143, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=188 (setxattr) - success=yes (yes) - exit=0 (0) - a0=7fffffa9a9f0 (0x7fffffa9a9f0) - a1=3958d11333 (0x3958d11333) - a2=5131f0 (0x5131f0) - a3=20 (0x20) - items=1 (1) - pid=2027 (2027) - auid=848 (unknown(848)) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=tty3 (tty3) - comm="login" (login) - exe="/bin/login" (/bin/login) - subj=system_u:system_r:local_login_t:s0-s0:c0.c255 (system_u:system_r:local_login_t:s0-s0:c0.c255) + type=SYSCALL + arch=c000003e + syscall=188 + success=yes + exit=0 + a0=7fffffa9a9f0 + a1=3958d11333 + a2=5131f0 + a3=20 + items=1 + pid=2027 + auid=848 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=tty3 + comm="login" + exe="/bin/login" + subj=system_u:system_r:local_login_t:s0-s0:c0.c255 event 3 has 1 records record 1 of type 1112(USER_LOGIN) has 10 fields line=3 file=None event time: 1143146623.879:146, host=(null) - type=USER_LOGIN (USER_LOGIN) - pid=2027 (2027) - uid=0 (root) - auid=848 (unknown(848)) - uid=848 (unknown(848)) - exe="/bin/login" (/bin/login) - hostname=? (?) - addr=? (?) - terminal=tty3 (tty3) - res=success (success) + type=USER_LOGIN + pid=2027 + uid=0 + auid=848 + uid=848 + exe="/bin/login" + hostname=? + addr=? + terminal=tty3 + res=success Test 9 Done @@ -761,199 +761,199 @@ record 1 of type 1400(AVC) has 11 fields line=1 file=None event time: 1170021493.977:293, host=(null) - type=AVC (AVC) - seresult=denied (denied) - seperms=read,write (read,write) - pid=13010 (13010) - comm="pickup" (pickup) - name="maildrop" (maildrop) - dev=hda7 (hda7) - ino=14911367 (14911367) - scontext=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) - tclass=dir (dir) + type=AVC + seresult=denied + seperms=read,write + pid=13010 + comm="pickup" + name="maildrop" + dev=hda7 + ino=14911367 + scontext=system_u:system_r:postfix_pickup_t:s0 + tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 + tclass=dir record 2 of type 1300(SYSCALL) has 26 fields line=2 file=None event time: 1170021493.977:293, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=2 (open) - success=no (no) - exit=-13 (EACCES(Permission denied)) - a0=5555665d91b0 (0x5555665d91b0) - a1=10800 (O_RDONLY|O_NONBLOCK|O_DIRECTORY) - a2=5555665d91b8 (0x5555665d91b8) - a3=0 (0x0) - items=1 (1) - ppid=2013 (2013) - pid=13010 (13010) - auid=4294967295 (unset) - uid=890 (unknown(890)) - gid=890 (unknown(890)) - euid=890 (unknown(890)) - suid=890 (unknown(890)) - fsuid=890 (unknown(890)) - egid=890 (unknown(890)) - sgid=890 (unknown(890)) - fsgid=890 (unknown(890)) - tty=(none) ((none)) - comm="pickup" (pickup) - exe="/usr/libexec/postfix/pickup" (/usr/libexec/postfix/pickup) - subj=system_u:system_r:postfix_pickup_t:s0 (system_u:system_r:postfix_pickup_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=2 + success=no + exit=-13 + a0=5555665d91b0 + a1=10800 + a2=5555665d91b8 + a3=0 + items=1 + ppid=2013 + pid=13010 + auid=4294967295 + uid=890 + gid=890 + euid=890 + suid=890 + fsuid=890 + egid=890 + sgid=890 + fsgid=890 + tty=(none) + comm="pickup" + exe="/usr/libexec/postfix/pickup" + subj=system_u:system_r:postfix_pickup_t:s0 + key=(null) record 3 of type 1307(CWD) has 2 fields line=3 file=None event time: 1170021493.977:293, host=(null) - type=CWD (CWD) - cwd="/var/spool/postfix" (/var/spool/postfix) + type=CWD + cwd="/var/spool/postfix" record 4 of type 1302(PATH) has 10 fields line=4 file=None event time: 1170021493.977:293, host=(null) - type=PATH (PATH) - item=0 (0) - name="maildrop" (maildrop) - inode=14911367 (14911367) - dev=03:07 (03:07) - mode=040730 (dir,730) - ouid=890 (unknown(890)) - ogid=891 (unknown(891)) - rdev=00:00 (00:00) - obj=system_u:object_r:postfix_spool_maildrop_t:s0 (system_u:object_r:postfix_spool_maildrop_t:s0) + type=PATH + item=0 + name="maildrop" + inode=14911367 + dev=03:07 + mode=040730 + ouid=890 + ogid=891 + rdev=00:00 + obj=system_u:object_r:postfix_spool_maildrop_t:s0 event 2 has 1 records record 1 of type 1101(USER_ACCT) has 11 fields line=5 file=None event time: 1170021601.340:294, host=(null) - type=USER_ACCT (USER_ACCT) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_ACCT + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 3 has 1 records record 1 of type 1103(CRED_ACQ) has 11 fields line=6 file=None event time: 1170021601.342:295, host=(null) - type=CRED_ACQ (CRED_ACQ) - pid=13015 (13015) - uid=0 (root) - auid=4294967295 (unset) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_ACQ + pid=13015 + uid=0 + auid=4294967295 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 4 has 3 records record 1 of type 1006(LOGIN) has 10 fields line=7 file=None event time: 1170021601.343:296, host=(null) - type=LOGIN (LOGIN) - pid=2288 (2288) - uid=0 (root) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - old-auid=4294967295 (unset) - auid=42 (gdm) - tty=(none) ((none)) - old-ses=4294967295 (4294967295) - ses=1 (1) - res=1 (yes) + type=LOGIN + pid=2288 + uid=0 + subj=system_u:system_r:init_t:s0 + old-auid=4294967295 + auid=42 + tty=(none) + old-ses=4294967295 + ses=1 + res=1 record 2 of type 1300(SYSCALL) has 27 fields line=8 file=None event time: 1170021601.343:296, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=1 (write) - success=yes (yes) - exit=2 (2) - a0=8 (0x8) - a1=7fffa7aede20 (0x7fffa7aede20) - a2=2 (0x2) - a3=0 (0x0) - items=0 (0) - ppid=1 (1) - pid=2288 (2288) - auid=42 (gdm) - uid=0 (root) - gid=0 (root) - euid=0 (root) - suid=0 (root) - fsuid=0 (root) - egid=0 (root) - sgid=0 (root) - fsgid=0 (root) - tty=(none) ((none)) - ses=1 (1) - comm="(systemd)" ((systemd)) - exe="/usr/lib/systemd/systemd" (/usr/lib/systemd/systemd) - subj=system_u:system_r:init_t:s0 (system_u:system_r:init_t:s0) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=1 + success=yes + exit=2 + a0=8 + a1=7fffa7aede20 + a2=2 + a3=0 + items=0 + ppid=1 + pid=2288 + auid=42 + uid=0 + gid=0 + euid=0 + suid=0 + fsuid=0 + egid=0 + sgid=0 + fsgid=0 + tty=(none) + ses=1 + comm="(systemd)" + exe="/usr/lib/systemd/systemd" + subj=system_u:system_r:init_t:s0 + key=(null) record 3 of type 1327(PROCTITLE) has 2 fields line=9 file=None event time: 1170021601.343:296, host=(null) - type=PROCTITLE (PROCTITLE) - proctitle="(systemd)" ((systemd)) + type=PROCTITLE + proctitle="(systemd)" event 5 has 1 records record 1 of type 1105(USER_START) has 11 fields line=10 file=None event time: 1170021601.344:297, host=(null) - type=USER_START (USER_START) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_START + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 6 has 1 records record 1 of type 1104(CRED_DISP) has 11 fields line=11 file=None event time: 1170021601.364:298, host=(null) - type=CRED_DISP (CRED_DISP) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=CRED_DISP + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success event 7 has 1 records record 1 of type 1106(USER_END) has 11 fields line=12 file=None event time: 1170021601.366:299, host=(null) - type=USER_END (USER_END) - pid=13015 (13015) - uid=0 (root) - auid=0 (root) - subj=system_u:system_r:crond_t:s0-s0:c0.c1023 (system_u:system_r:crond_t:s0-s0:c0.c1023) - acct=root (root) - exe="/usr/sbin/crond" (/usr/sbin/crond) - hostname=? (?) - addr=? (?) - terminal=cron (cron) - res=success (success) + type=USER_END + pid=13015 + uid=0 + auid=0 + subj=system_u:system_r:crond_t:s0-s0:c0.c1023 + acct=root + exe="/usr/sbin/crond" + hostname=? + addr=? + terminal=cron + res=success Test 10 Done @@ -962,458 +962,458 @@ record 1 of type 1300(SYSCALL) has 26 fields line=1 file=test4.log event time: 1655465398.534:25618, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=59 (execve) - success=yes (yes) - exit=0 (0) - a0=8c403a0 (0x8c403a0) - a1=8c3e8b0 (0x8c3e8b0) - a2=fffffb6cc5b0 (0xfffffb6cc5b0) - a3=0 (0x0) - items=3 (3) - ppid=105182 (105182) - pid=105183 (105183) - auid=573 (unknown(573)) - uid=583 (unknown(583)) - gid=583 (unknown(583)) - euid=583 (unknown(583)) - suid=583 (unknown(583)) - fsuid=583 (unknown(583)) - egid=583 (unknown(583)) - sgid=583 (unknown(583)) - fsgid=583 (unknown(583)) - tty=pts2 (pts2) - ses=2632 (2632) - comm="ld" (ld) - exe="/bin/sh4" (/bin/sh4) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=59 + success=yes + exit=0 + a0=8c403a0 + a1=8c3e8b0 + a2=fffffb6cc5b0 + a3=0 + items=3 + ppid=105182 + pid=105183 + auid=573 + uid=583 + gid=583 + euid=583 + suid=583 + fsuid=583 + egid=583 + sgid=583 + fsgid=583 + tty=pts2 + ses=2632 + comm="ld" + exe="/bin/sh4" + key=(null) record 2 of type 1309(EXECVE) has 50 fields line=2 file=test4.log event time: 1655465398.534:25618, host=(null) - type=EXECVE (EXECVE) - argc=48 (48) - a0="/bin/sh" (/bin/sh) - a1="-efu" (-efu) - a2="/usr/bin/ld" (/usr/bin/ld) - a3="-plugin" (-plugin) - a4="/usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so" (/usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so) - a5="-plugin-opt=/usr/libexec/gcc/aarch64-alt-linux/8/lto-wrapper" (-plugin-opt=/usr/libexec/gcc/aarch64-alt-linux/8/lto-wrapper) - a6="-plugin-opt=-fresolution=/usr/src/tmp/cchyHiZN.res" (-plugin-opt=-fresolution=/usr/src/tmp/cchyHiZN.res) - a7="-plugin-opt=-pass-through=-lgcc" (-plugin-opt=-pass-through=-lgcc) - a8="-plugin-opt=-pass-through=-lgcc_s" (-plugin-opt=-pass-through=-lgcc_s) - a9="-plugin-opt=-pass-through=-lc" (-plugin-opt=-pass-through=-lc) - a10="-plugin-opt=-pass-through=-lgcc" (-plugin-opt=-pass-through=-lgcc) - a11="-plugin-opt=-pass-through=-lgcc_s" (-plugin-opt=-pass-through=-lgcc_s) - a12="--build-id" (--build-id) - a13="--no-add-needed" (--no-add-needed) - a14="--eh-frame-hdr" (--eh-frame-hdr) - a15="--hash-style=gnu" (--hash-style=gnu) - a16="--as-needed" (--as-needed) - a17="-shared" (-shared) - a18="-X" (-X) - a19="-EL" (-EL) - a20="-maarch64linux" (-maarch64linux) - a21="-o" (-o) - a22="ztest105133.so" (ztest105133.so) - a23="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crti.o" (/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crti.o) - a24="/usr/lib64/gcc/aarch64-alt-linux/8/crtbeginS.o" (/usr/lib64/gcc/aarch64-alt-linux/8/crtbeginS.o) - a25="-L/usr/lib64/gcc/aarch64-alt-linux/8" (-L/usr/lib64/gcc/aarch64-alt-linux/8) - a26="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64" (-L/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64) - a27="-L/lib/../lib64" (-L/lib/../lib64) - a28="-L/usr/lib/../lib64" (-L/usr/lib/../lib64) - a29="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../.." (-L/usr/lib64/gcc/aarch64-alt-linux/8/../../..) - a30="-soname" (-soname) - a31="libz.so.1" (libz.so.1) - a32="--version-script" (--version-script) - a33="zlib.map" (zlib.map) - a34="ztest105133.o" (ztest105133.o) - a35="-lgcc" (-lgcc) - a36="--push-state" (--push-state) - a37="--as-needed" (--as-needed) - a38="-lgcc_s" (-lgcc_s) - a39="--pop-state" (--pop-state) - a40="-lc" (-lc) - a41="-lgcc" (-lgcc) - a42="--push-state" (--push-state) - a43="--as-needed" (--as-needed) - a44="-lgcc_s" (-lgcc_s) - a45="--pop-state" (--pop-state) - a46="/usr/lib64/gcc/aarch64-alt-linux/8/crtendS.o" (/usr/lib64/gcc/aarch64-alt-linux/8/crtendS.o) - a47="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crtn.o" (/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crtn.o) + type=EXECVE + argc=48 + a0="/bin/sh" + a1="-efu" + a2="/usr/bin/ld" + a3="-plugin" + a4="/usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so" + a5="-plugin-opt=/usr/libexec/gcc/aarch64-alt-linux/8/lto-wrapper" + a6="-plugin-opt=-fresolution=/usr/src/tmp/cchyHiZN.res" + a7="-plugin-opt=-pass-through=-lgcc" + a8="-plugin-opt=-pass-through=-lgcc_s" + a9="-plugin-opt=-pass-through=-lc" + a10="-plugin-opt=-pass-through=-lgcc" + a11="-plugin-opt=-pass-through=-lgcc_s" + a12="--build-id" + a13="--no-add-needed" + a14="--eh-frame-hdr" + a15="--hash-style=gnu" + a16="--as-needed" + a17="-shared" + a18="-X" + a19="-EL" + a20="-maarch64linux" + a21="-o" + a22="ztest105133.so" + a23="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crti.o" + a24="/usr/lib64/gcc/aarch64-alt-linux/8/crtbeginS.o" + a25="-L/usr/lib64/gcc/aarch64-alt-linux/8" + a26="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64" + a27="-L/lib/../lib64" + a28="-L/usr/lib/../lib64" + a29="-L/usr/lib64/gcc/aarch64-alt-linux/8/../../.." + a30="-soname" + a31="libz.so.1" + a32="--version-script" + a33="zlib.map" + a34="ztest105133.o" + a35="-lgcc" + a36="--push-state" + a37="--as-needed" + a38="-lgcc_s" + a39="--pop-state" + a40="-lc" + a41="-lgcc" + a42="--push-state" + a43="--as-needed" + a44="-lgcc_s" + a45="--pop-state" + a46="/usr/lib64/gcc/aarch64-alt-linux/8/crtendS.o" + a47="/usr/lib64/gcc/aarch64-alt-linux/8/../../../../lib64/crtn.o" record 3 of type 1307(CWD) has 2 fields line=3 file=test4.log event time: 1655465398.534:25618, host=(null) - type=CWD (CWD) - cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1" (/usr/src/RPM/BUILD/zlib-1.2.11-alt1) + type=CWD + cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1" record 4 of type 1302(PATH) has 15 fields line=4 file=test4.log event time: 1655465398.534:25618, host=(null) - type=PATH (PATH) - item=0 (0) - name="/usr/bin/ld" (/usr/bin/ld) - inode=40854 (40854) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=0 + name="/usr/bin/ld" + inode=40854 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 5 of type 1302(PATH) has 15 fields line=5 file=test4.log event time: 1655465398.534:25618, host=(null) - type=PATH (PATH) - item=1 (1) - name="/bin/sh" (/bin/sh) - inode=33238 (33238) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=1 + name="/bin/sh" + inode=33238 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 6 of type 1302(PATH) has 15 fields line=6 file=test4.log event time: 1655465398.534:25618, host=(null) - type=PATH (PATH) - item=2 (2) - name="/lib64/ld-linux-aarch64.so.1" (/lib64/ld-linux-aarch64.so.1) - inode=33874 (33874) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=2 + name="/lib64/ld-linux-aarch64.so.1" + inode=33874 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 7 of type 1327(PROCTITLE) has 2 fields line=7 file=test4.log event time: 1655465398.534:25618, host=(null) - type=PROCTITLE (PROCTITLE) - proctitle=2F62696E2F7368002D656675002F7573722F62696E2F6C64002D706C7567696E002F7573722F6C6962657865632F6763632F616172636836342D616C742D6C696E75782F382F6C69626C746F5F706C7567696E2E736F002D706C7567696E2D6F70743D2F7573722F6C6962657865632F6763632F616172636836342D616C742D (/bin/sh -efu /usr/bin/ld -plugin /usr/libexec/gcc/aarch64-alt-linux/8/liblto_plugin.so -plugin-opt=/usr/libexec/gcc/aarch64-alt-) + type=PROCTITLE + proctitle=2F62696E2F7368002D656675002F7573722F62696E2F6C64002D706C7567696E002F7573722F6C6962657865632F6763632F616172636836342D616C742D6C696E75782F382F6C69626C746F5F706C7567696E2E736F002D706C7567696E2D6F70743D2F7573722F6C6962657865632F6763632F616172636836342D616C742D event 2 has 6 records record 1 of type 1300(SYSCALL) has 26 fields line=8 file=test4.log event time: 1655465404.819:27091, host=(null) - type=SYSCALL (SYSCALL) - arch=c000003e (x86_64) - syscall=59 (execve) - success=yes (yes) - exit=0 (0) - a0=1a407f50 (0x1a407f50) - a1=1a401cd0 (0x1a401cd0) - a2=1a3ed090 (0x1a3ed090) - a3=0 (0x0) - items=2 (2) - ppid=105932 (105932) - pid=105933 (105933) - auid=573 (unknown(573)) - uid=583 (unknown(583)) - gid=583 (unknown(583)) - euid=583 (unknown(583)) - suid=583 (unknown(583)) - fsuid=583 (unknown(583)) - egid=583 (unknown(583)) - sgid=583 (unknown(583)) - fsgid=583 (unknown(583)) - tty=pts2 (pts2) - ses=2632 (2632) - comm="m4" (m4) - exe="/usr/bin/m4" (/usr/bin/m4) - key=(null) ((null)) + type=SYSCALL + arch=c000003e + syscall=59 + success=yes + exit=0 + a0=1a407f50 + a1=1a401cd0 + a2=1a3ed090 + a3=0 + items=2 + ppid=105932 + pid=105933 + auid=573 + uid=583 + gid=583 + euid=583 + suid=583 + fsuid=583 + egid=583 + sgid=583 + fsgid=583 + tty=pts2 + ses=2632 + comm="m4" + exe="/usr/bin/m4" + key=(null) record 2 of type 1309(EXECVE) has 218 fields line=9 file=test4.log event time: 1655465404.819:27091, host=(null) - type=EXECVE (EXECVE) - argc=216 (216) - a0="/usr/bin/m4" (/usr/bin/m4) - a1="--nesting-limit=1024" (--nesting-limit=1024) - a2="--gnu" (--gnu) - a3="--include=/usr/share/autoconf-2.60" (--include=/usr/share/autoconf-2.60) - a4="--debug=aflq" (--debug=aflq) - a5="--fatal-warning" (--fatal-warning) - a6="--debugfile=autom4te.cache/traces.0t" (--debugfile=autom4te.cache/traces.0t) - a7="--trace=AC_CHECK_LIBM" (--trace=AC_CHECK_LIBM) - a8="--trace=AC_CONFIG_MACRO_DIR" (--trace=AC_CONFIG_MACRO_DIR) - a9="--trace=AC_CONFIG_MACRO_DIR_TRACE" (--trace=AC_CONFIG_MACRO_DIR_TRACE) - a10="--trace=AC_DEFUN" (--trace=AC_DEFUN) - a11="--trace=AC_DEFUN_ONCE" (--trace=AC_DEFUN_ONCE) - a12="--trace=AC_DEPLIBS_CHECK_METHOD" (--trace=AC_DEPLIBS_CHECK_METHOD) - a13="--trace=AC_DISABLE_FAST_INSTALL" (--trace=AC_DISABLE_FAST_INSTALL) - a14="--trace=AC_DISABLE_SHARED" (--trace=AC_DISABLE_SHARED) - a15="--trace=AC_DISABLE_STATIC" (--trace=AC_DISABLE_STATIC) - a16="--trace=AC_ENABLE_FAST_INSTALL" (--trace=AC_ENABLE_FAST_INSTALL) - a17="--trace=AC_ENABLE_SHARED" (--trace=AC_ENABLE_SHARED) - a18="--trace=AC_ENABLE_STATIC" (--trace=AC_ENABLE_STATIC) - a19="--trace=AC_LIBLTDL_CONVENIENCE" (--trace=AC_LIBLTDL_CONVENIENCE) - a20="--trace=AC_LIBLTDL_INSTALLABLE" (--trace=AC_LIBLTDL_INSTALLABLE) - a21="--trace=AC_LIBTOOL_COMPILER_OPTION" (--trace=AC_LIBTOOL_COMPILER_OPTION) - a22="--trace=AC_LIBTOOL_CONFIG" (--trace=AC_LIBTOOL_CONFIG) - a23="--trace=AC_LIBTOOL_CXX" (--trace=AC_LIBTOOL_CXX) - a24="--trace=AC_LIBTOOL_DLOPEN" (--trace=AC_LIBTOOL_DLOPEN) - a25="--trace=AC_LIBTOOL_DLOPEN_SELF" (--trace=AC_LIBTOOL_DLOPEN_SELF) - a26="--trace=AC_LIBTOOL_F77" (--trace=AC_LIBTOOL_F77) - a27="--trace=AC_LIBTOOL_FC" (--trace=AC_LIBTOOL_FC) - a28="--trace=AC_LIBTOOL_GCJ" (--trace=AC_LIBTOOL_GCJ) - a29="--trace=AC_LIBTOOL_LANG_CXX_CONFIG" (--trace=AC_LIBTOOL_LANG_CXX_CONFIG) - a30="--trace=AC_LIBTOOL_LANG_C_CONFIG" (--trace=AC_LIBTOOL_LANG_C_CONFIG) - a31="--trace=AC_LIBTOOL_LANG_F77_CONFIG" (--trace=AC_LIBTOOL_LANG_F77_CONFIG) - a32="--trace=AC_LIBTOOL_LANG_GCJ_CONFIG" (--trace=AC_LIBTOOL_LANG_GCJ_CONFIG) - a33="--trace=AC_LIBTOOL_LANG_RC_CONFIG" (--trace=AC_LIBTOOL_LANG_RC_CONFIG) - a34="--trace=AC_LIBTOOL_LINKER_OPTION" (--trace=AC_LIBTOOL_LINKER_OPTION) - a35="--trace=AC_LIBTOOL_OBJDIR" (--trace=AC_LIBTOOL_OBJDIR) - a36="--trace=AC_LIBTOOL_PICMODE" (--trace=AC_LIBTOOL_PICMODE) - a37="--trace=AC_LIBTOOL_POSTDEP_PREDEP" (--trace=AC_LIBTOOL_POSTDEP_PREDEP) - a38="--trace=AC_LIBTOOL_PROG_CC_C_O" (--trace=AC_LIBTOOL_PROG_CC_C_O) - a39="--trace=AC_LIBTOOL_PROG_COMPILER_NO_RTTI" (--trace=AC_LIBTOOL_PROG_COMPILER_NO_RTTI) - a40="--trace=AC_LIBTOOL_PROG_COMPILER_PIC" (--trace=AC_LIBTOOL_PROG_COMPILER_PIC) - a41="--trace=AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH" (--trace=AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH) - a42="--trace=AC_LIBTOOL_PROG_LD_SHLIBS" (--trace=AC_LIBTOOL_PROG_LD_SHLIBS) - a43="--trace=AC_LIBTOOL_RC" (--trace=AC_LIBTOOL_RC) - a44="--trace=AC_LIBTOOL_SETUP" (--trace=AC_LIBTOOL_SETUP) - a45="--trace=AC_LIBTOOL_SYS_DYNAMIC_LINKER" (--trace=AC_LIBTOOL_SYS_DYNAMIC_LINKER) - a46="--trace=AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE" (--trace=AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE) - a47="--trace=AC_LIBTOOL_SYS_HARD_LINK_LOCKS" (--trace=AC_LIBTOOL_SYS_HARD_LINK_LOCKS) - a48="--trace=AC_LIBTOOL_SYS_LIB_STRIP" (--trace=AC_LIBTOOL_SYS_LIB_STRIP) - a49="--trace=AC_LIBTOOL_SYS_MAX_CMD_LEN" (--trace=AC_LIBTOOL_SYS_MAX_CMD_LEN) - a50="--trace=AC_LIBTOOL_SYS_OLD_ARCHIVE" (--trace=AC_LIBTOOL_SYS_OLD_ARCHIVE) - a51="--trace=AC_LIBTOOL_WIN32_DLL" (--trace=AC_LIBTOOL_WIN32_DLL) - a52="--trace=AC_LIB_LTDL" (--trace=AC_LIB_LTDL) - a53="--trace=AC_LTDL_DLLIB" (--trace=AC_LTDL_DLLIB) - a54="--trace=AC_LTDL_DLSYM_USCORE" (--trace=AC_LTDL_DLSYM_USCORE) - a55="--trace=AC_LTDL_ENABLE_INSTALL" (--trace=AC_LTDL_ENABLE_INSTALL) - a56="--trace=AC_LTDL_OBJDIR" (--trace=AC_LTDL_OBJDIR) - a57="--trace=AC_LTDL_PREOPEN" (--trace=AC_LTDL_PREOPEN) - a58="--trace=AC_LTDL_SHLIBEXT" (--trace=AC_LTDL_SHLIBEXT) - a59="--trace=AC_LTDL_SHLIBPATH" (--trace=AC_LTDL_SHLIBPATH) - a60="--trace=AC_LTDL_SYMBOL_USCORE" (--trace=AC_LTDL_SYMBOL_USCORE) - a61="--trace=AC_LTDL_SYSSEARCHPATH" (--trace=AC_LTDL_SYSSEARCHPATH) - a62="--trace=AC_LTDL_SYS_DLOPEN_DEPLIBS" (--trace=AC_LTDL_SYS_DLOPEN_DEPLIBS) - a63="--trace=AC_PATH_MAGIC" (--trace=AC_PATH_MAGIC) - a64="--trace=AC_PATH_TOOL_PREFIX" (--trace=AC_PATH_TOOL_PREFIX) - a65="--trace=AC_PROG_EGREP" (--trace=AC_PROG_EGREP) - a66="--trace=AC_PROG_LD" (--trace=AC_PROG_LD) - a67="--trace=AC_PROG_LD_GNU" (--trace=AC_PROG_LD_GNU) - a68="--trace=AC_PROG_LD_RELOAD_FLAG" (--trace=AC_PROG_LD_RELOAD_FLAG) - a69="--trace=AC_PROG_LIBTOOL" (--trace=AC_PROG_LIBTOOL) - a70="--trace=AC_PROG_NM" (--trace=AC_PROG_NM) - a71="--trace=AC_WITH_LTDL" (--trace=AC_WITH_LTDL) - a72="--trace=AM_AUTOMAKE_VERSION" (--trace=AM_AUTOMAKE_VERSION) - a73="--trace=AM_AUX_DIR_EXPAND" (--trace=AM_AUX_DIR_EXPAND) - a74="--trace=AM_CONDITIONAL" (--trace=AM_CONDITIONAL) - a75="--trace=AM_DEP_TRACK" (--trace=AM_DEP_TRACK) - a76="--trace=AM_DISABLE_SHARED" (--trace=AM_DISABLE_SHARED) - a77="--trace=AM_DISABLE_STATIC" (--trace=AM_DISABLE_STATIC) - a78="--trace=AM_ENABLE_SHARED" (--trace=AM_ENABLE_SHARED) - a79="--trace=AM_ENABLE_STATIC" (--trace=AM_ENABLE_STATIC) - a80="--trace=AM_INIT_AUTOMAKE" (--trace=AM_INIT_AUTOMAKE) - a81="--trace=AM_MAKE_INCLUDE" (--trace=AM_MAKE_INCLUDE) - a82="--trace=AM_MISSING_HAS_RUN" (--trace=AM_MISSING_HAS_RUN) - a83="--trace=AM_MISSING_PROG" (--trace=AM_MISSING_PROG) - a84="--trace=AM_OUTPUT_DEPENDENCY_COMMANDS" (--trace=AM_OUTPUT_DEPENDENCY_COMMANDS) - a85="--trace=AM_PROG_CC_C_O" (--trace=AM_PROG_CC_C_O) - a86="--trace=AM_PROG_INSTALL_SH" (--trace=AM_PROG_INSTALL_SH) - a87="--trace=AM_PROG_INSTALL_STRIP" (--trace=AM_PROG_INSTALL_STRIP) - a88="--trace=AM_PROG_LD" (--trace=AM_PROG_LD) - a89="--trace=AM_PROG_LIBTOOL" (--trace=AM_PROG_LIBTOOL) - a90="--trace=AM_PROG_NM" (--trace=AM_PROG_NM) - a91="--trace=AM_RUN_LOG" (--trace=AM_RUN_LOG) - a92="--trace=AM_SANITY_CHECK" (--trace=AM_SANITY_CHECK) - a93="--trace=AM_SET_CURRENT_AUTOMAKE_VERSION" (--trace=AM_SET_CURRENT_AUTOMAKE_VERSION) - a94="--trace=AM_SET_DEPDIR" (--trace=AM_SET_DEPDIR) - a95="--trace=AM_SET_LEADING_DOT" (--trace=AM_SET_LEADING_DOT) - a96="--trace=AM_SILENT_RULES" (--trace=AM_SILENT_RULES) - a97="--trace=AM_SUBST_NOTMAKE" (--trace=AM_SUBST_NOTMAKE) - a98="--trace=AU_DEFUN" (--trace=AU_DEFUN) - a99="--trace=LTDL_CONVENIENCE" (--trace=LTDL_CONVENIENCE) - a100="--trace=LTDL_INIT" (--trace=LTDL_INIT) - a101="--trace=LTDL_INSTALLABLE" (--trace=LTDL_INSTALLABLE) - a102="--trace=LTOBSOLETE_VERSION" (--trace=LTOBSOLETE_VERSION) - a103="--trace=LTOPTIONS_VERSION" (--trace=LTOPTIONS_VERSION) - a104="--trace=LTSUGAR_VERSION" (--trace=LTSUGAR_VERSION) - a105="--trace=LTVERSION_VERSION" (--trace=LTVERSION_VERSION) - a106="--trace=LT_AC_PROG_EGREP" (--trace=LT_AC_PROG_EGREP) - a107="--trace=LT_AC_PROG_GCJ" (--trace=LT_AC_PROG_GCJ) - a108="--trace=LT_AC_PROG_RC" (--trace=LT_AC_PROG_RC) - a109="--trace=LT_AC_PROG_SED" (--trace=LT_AC_PROG_SED) - a110="--trace=LT_CMD_MAX_LEN" (--trace=LT_CMD_MAX_LEN) - a111="--trace=LT_CONFIG_LTDL_DIR" (--trace=LT_CONFIG_LTDL_DIR) - a112="--trace=LT_FUNC_ARGZ" (--trace=LT_FUNC_ARGZ) - a113="--trace=LT_FUNC_DLSYM_USCORE" (--trace=LT_FUNC_DLSYM_USCORE) - a114="--trace=LT_INIT" (--trace=LT_INIT) - a115="--trace=LT_LANG" (--trace=LT_LANG) - a116="--trace=LT_LIB_DLLOAD" (--trace=LT_LIB_DLLOAD) - a117="--trace=LT_LIB_M" (--trace=LT_LIB_M) - a118="--trace=LT_OUTPUT" (--trace=LT_OUTPUT) - a119="--trace=LT_PATH_LD" (--trace=LT_PATH_LD) - a120="--trace=LT_PATH_NM" (--trace=LT_PATH_NM) - a121="--trace=LT_PROG_GCJ" (--trace=LT_PROG_GCJ) - a122="--trace=LT_PROG_GO" (--trace=LT_PROG_GO) - a123="--trace=LT_PROG_RC" (--trace=LT_PROG_RC) - a124="--trace=LT_SUPPORTED_TAG" (--trace=LT_SUPPORTED_TAG) - a125="--trace=LT_SYS_DLOPEN_DEPLIBS" (--trace=LT_SYS_DLOPEN_DEPLIBS) - a126="--trace=LT_SYS_DLOPEN_SELF" (--trace=LT_SYS_DLOPEN_SELF) - a127="--trace=LT_SYS_DLSEARCH_PATH" (--trace=LT_SYS_DLSEARCH_PATH) - a128="--trace=LT_SYS_MODULE_EXT" (--trace=LT_SYS_MODULE_EXT) - a129="--trace=LT_SYS_MODULE_PATH" (--trace=LT_SYS_MODULE_PATH) - a130="--trace=LT_SYS_SYMBOL_USCORE" (--trace=LT_SYS_SYMBOL_USCORE) - a131="--trace=LT_WITH_LTDL" (--trace=LT_WITH_LTDL) - a132="--trace=_AC_AM_CONFIG_HEADER_HOOK" (--trace=_AC_AM_CONFIG_HEADER_HOOK) - a133="--trace=_AC_PROG_LIBTOOL" (--trace=_AC_PROG_LIBTOOL) - a134="--trace=_AM_AUTOCONF_VERSION" (--trace=_AM_AUTOCONF_VERSION) - a135="--trace=_AM_CONFIG_MACRO_DIRS" (--trace=_AM_CONFIG_MACRO_DIRS) - a136="--trace=_AM_DEPENDENCIES" (--trace=_AM_DEPENDENCIES) - a137="--trace=_AM_IF_OPTION" (--trace=_AM_IF_OPTION) - a138="--trace=_AM_MANGLE_OPTION" (--trace=_AM_MANGLE_OPTION) - a139="--trace=_AM_OUTPUT_DEPENDENCY_COMMANDS" (--trace=_AM_OUTPUT_DEPENDENCY_COMMANDS) - a140="--trace=_AM_PROG_CC_C_O" (--trace=_AM_PROG_CC_C_O) - a141="--trace=_AM_PROG_TAR" (--trace=_AM_PROG_TAR) - a142="--trace=_AM_SET_OPTION" (--trace=_AM_SET_OPTION) - a143="--trace=_AM_SET_OPTIONS" (--trace=_AM_SET_OPTIONS) - a144="--trace=_AM_SUBST_NOTMAKE" (--trace=_AM_SUBST_NOTMAKE) - a145="--trace=_LTDL_SETUP" (--trace=_LTDL_SETUP) - a146="--trace=_LT_AC_CHECK_DLFCN" (--trace=_LT_AC_CHECK_DLFCN) - a147="--trace=_LT_AC_FILE_LTDLL_C" (--trace=_LT_AC_FILE_LTDLL_C) - a148="--trace=_LT_AC_LANG_CXX" (--trace=_LT_AC_LANG_CXX) - a149="--trace=_LT_AC_LANG_CXX_CONFIG" (--trace=_LT_AC_LANG_CXX_CONFIG) - a150="--trace=_LT_AC_LANG_C_CONFIG" (--trace=_LT_AC_LANG_C_CONFIG) - a151="--trace=_LT_AC_LANG_F77" (--trace=_LT_AC_LANG_F77) - a152="--trace=_LT_AC_LANG_F77_CONFIG" (--trace=_LT_AC_LANG_F77_CONFIG) - a153="--trace=_LT_AC_LANG_GCJ" (--trace=_LT_AC_LANG_GCJ) - a154="--trace=_LT_AC_LANG_GCJ_CONFIG" (--trace=_LT_AC_LANG_GCJ_CONFIG) - a155="--trace=_LT_AC_LANG_RC_CONFIG" (--trace=_LT_AC_LANG_RC_CONFIG) - a156="--trace=_LT_AC_LOCK" (--trace=_LT_AC_LOCK) - a157="--trace=_LT_AC_PROG_CXXCPP" (--trace=_LT_AC_PROG_CXXCPP) - a158="--trace=_LT_AC_PROG_ECHO_BACKSLASH" (--trace=_LT_AC_PROG_ECHO_BACKSLASH) - a159="--trace=_LT_AC_SHELL_INIT" (--trace=_LT_AC_SHELL_INIT) - a160="--trace=_LT_AC_SYS_COMPILER" (--trace=_LT_AC_SYS_COMPILER) - a161="--trace=_LT_AC_SYS_LIBPATH_AIX" (--trace=_LT_AC_SYS_LIBPATH_AIX) - a162="--trace=_LT_AC_TAGCONFIG" (--trace=_LT_AC_TAGCONFIG) - a163="--trace=_LT_AC_TAGVAR" (--trace=_LT_AC_TAGVAR) - a164="--trace=_LT_AC_TRY_DLOPEN_SELF" (--trace=_LT_AC_TRY_DLOPEN_SELF) - a165="--trace=_LT_CC_BASENAME" (--trace=_LT_CC_BASENAME) - a166="--trace=_LT_COMPILER_BOILERPLATE" (--trace=_LT_COMPILER_BOILERPLATE) - a167="--trace=_LT_COMPILER_OPTION" (--trace=_LT_COMPILER_OPTION) - a168="--trace=_LT_DLL_DEF_P" (--trace=_LT_DLL_DEF_P) - a169="--trace=_LT_LIBOBJ" (--trace=_LT_LIBOBJ) - a170="--trace=_LT_LINKER_BOILERPLATE" (--trace=_LT_LINKER_BOILERPLATE) - a171="--trace=_LT_LINKER_OPTION" (--trace=_LT_LINKER_OPTION) - a172="--trace=_LT_PATH_TOOL_PREFIX" (--trace=_LT_PATH_TOOL_PREFIX) - a173="--trace=_LT_PREPARE_SED_QUOTE_VARS" (--trace=_LT_PREPARE_SED_QUOTE_VARS) - a174="--trace=_LT_PROG_CXX" (--trace=_LT_PROG_CXX) - a175="--trace=_LT_PROG_ECHO_BACKSLASH" (--trace=_LT_PROG_ECHO_BACKSLASH) - a176="--trace=_LT_PROG_F77" (--trace=_LT_PROG_F77) - a177="--trace=_LT_PROG_FC" (--trace=_LT_PROG_FC) - a178="--trace=_LT_PROG_LTMAIN" (--trace=_LT_PROG_LTMAIN) - a179="--trace=_LT_REQUIRED_DARWIN_CHECKS" (--trace=_LT_REQUIRED_DARWIN_CHECKS) - a180="--trace=_LT_WITH_SYSROOT" (--trace=_LT_WITH_SYSROOT) - a181="--trace=_m4_warn" (--trace=_m4_warn) - a182="--trace=include" (--trace=include) - a183="--trace=m4_include" (--trace=m4_include) - a184="--trace=m4_pattern_allow" (--trace=m4_pattern_allow) - a185="--trace=m4_pattern_forbid" (--trace=m4_pattern_forbid) - a186="--reload-state=/usr/share/autoconf-2.60/autoconf/autoconf.m4f" (--reload-state=/usr/share/autoconf-2.60/autoconf/autoconf.m4f) - a187="--undefine=__m4_version__" (--undefine=__m4_version__) - a188="-" (-) - a189="/usr/share/aclocal-1.16/internal/ac-config-macro-dirs.m4" (/usr/share/aclocal-1.16/internal/ac-config-macro-dirs.m4) - a190="/usr/share/libtool/aclocal/libtool.m4" (/usr/share/libtool/aclocal/libtool.m4) - a191="/usr/share/libtool/aclocal/ltargz.m4" (/usr/share/libtool/aclocal/ltargz.m4) - a192="/usr/share/libtool/aclocal/ltdl.m4" (/usr/share/libtool/aclocal/ltdl.m4) - a193="/usr/share/libtool/aclocal/ltoptions.m4" (/usr/share/libtool/aclocal/ltoptions.m4) - a194="/usr/share/libtool/aclocal/ltsugar.m4" (/usr/share/libtool/aclocal/ltsugar.m4) - a195="/usr/share/libtool/aclocal/ltversion.m4" (/usr/share/libtool/aclocal/ltversion.m4) - a196="/usr/share/libtool/aclocal/lt~obsolete.m4" (/usr/share/libtool/aclocal/lt~obsolete.m4) - a197="/usr/share/aclocal-1.16/amversion.m4" (/usr/share/aclocal-1.16/amversion.m4) - a198="/usr/share/aclocal-1.16/auxdir.m4" (/usr/share/aclocal-1.16/auxdir.m4) - a199="/usr/share/aclocal-1.16/cond.m4" (/usr/share/aclocal-1.16/cond.m4) - a200="/usr/share/aclocal-1.16/depend.m4" (/usr/share/aclocal-1.16/depend.m4) - a201="/usr/share/aclocal-1.16/depout.m4" (/usr/share/aclocal-1.16/depout.m4) - a202="/usr/share/aclocal-1.16/init.m4" (/usr/share/aclocal-1.16/init.m4) - a203="/usr/share/aclocal-1.16/install-sh.m4" (/usr/share/aclocal-1.16/install-sh.m4) - a204="/usr/share/aclocal-1.16/lead-dot.m4" (/usr/share/aclocal-1.16/lead-dot.m4) - a205="/usr/share/aclocal-1.16/make.m4" (/usr/share/aclocal-1.16/make.m4) - a206="/usr/share/aclocal-1.16/missing.m4" (/usr/share/aclocal-1.16/missing.m4) - a207="/usr/share/aclocal-1.16/options.m4" (/usr/share/aclocal-1.16/options.m4) - a208="/usr/share/aclocal-1.16/prog-cc-c-o.m4" (/usr/share/aclocal-1.16/prog-cc-c-o.m4) - a209="/usr/share/aclocal-1.16/runlog.m4" (/usr/share/aclocal-1.16/runlog.m4) - a210="/usr/share/aclocal-1.16/sanity.m4" (/usr/share/aclocal-1.16/sanity.m4) - a211="/usr/share/aclocal-1.16/silent.m4" (/usr/share/aclocal-1.16/silent.m4) - a212="/usr/share/aclocal-1.16/strip.m4" (/usr/share/aclocal-1.16/strip.m4) - a213="/usr/share/aclocal-1.16/substnot.m4" (/usr/share/aclocal-1.16/substnot.m4) - a214="/usr/share/aclocal-1.16/tar.m4" (/usr/share/aclocal-1.16/tar.m4) - a215="configure.ac" (configure.ac) + type=EXECVE + argc=216 + a0="/usr/bin/m4" + a1="--nesting-limit=1024" + a2="--gnu" + a3="--include=/usr/share/autoconf-2.60" + a4="--debug=aflq" + a5="--fatal-warning" + a6="--debugfile=autom4te.cache/traces.0t" + a7="--trace=AC_CHECK_LIBM" + a8="--trace=AC_CONFIG_MACRO_DIR" + a9="--trace=AC_CONFIG_MACRO_DIR_TRACE" + a10="--trace=AC_DEFUN" + a11="--trace=AC_DEFUN_ONCE" + a12="--trace=AC_DEPLIBS_CHECK_METHOD" + a13="--trace=AC_DISABLE_FAST_INSTALL" + a14="--trace=AC_DISABLE_SHARED" + a15="--trace=AC_DISABLE_STATIC" + a16="--trace=AC_ENABLE_FAST_INSTALL" + a17="--trace=AC_ENABLE_SHARED" + a18="--trace=AC_ENABLE_STATIC" + a19="--trace=AC_LIBLTDL_CONVENIENCE" + a20="--trace=AC_LIBLTDL_INSTALLABLE" + a21="--trace=AC_LIBTOOL_COMPILER_OPTION" + a22="--trace=AC_LIBTOOL_CONFIG" + a23="--trace=AC_LIBTOOL_CXX" + a24="--trace=AC_LIBTOOL_DLOPEN" + a25="--trace=AC_LIBTOOL_DLOPEN_SELF" + a26="--trace=AC_LIBTOOL_F77" + a27="--trace=AC_LIBTOOL_FC" + a28="--trace=AC_LIBTOOL_GCJ" + a29="--trace=AC_LIBTOOL_LANG_CXX_CONFIG" + a30="--trace=AC_LIBTOOL_LANG_C_CONFIG" + a31="--trace=AC_LIBTOOL_LANG_F77_CONFIG" + a32="--trace=AC_LIBTOOL_LANG_GCJ_CONFIG" + a33="--trace=AC_LIBTOOL_LANG_RC_CONFIG" + a34="--trace=AC_LIBTOOL_LINKER_OPTION" + a35="--trace=AC_LIBTOOL_OBJDIR" + a36="--trace=AC_LIBTOOL_PICMODE" + a37="--trace=AC_LIBTOOL_POSTDEP_PREDEP" + a38="--trace=AC_LIBTOOL_PROG_CC_C_O" + a39="--trace=AC_LIBTOOL_PROG_COMPILER_NO_RTTI" + a40="--trace=AC_LIBTOOL_PROG_COMPILER_PIC" + a41="--trace=AC_LIBTOOL_PROG_LD_HARDCODE_LIBPATH" + a42="--trace=AC_LIBTOOL_PROG_LD_SHLIBS" + a43="--trace=AC_LIBTOOL_RC" + a44="--trace=AC_LIBTOOL_SETUP" + a45="--trace=AC_LIBTOOL_SYS_DYNAMIC_LINKER" + a46="--trace=AC_LIBTOOL_SYS_GLOBAL_SYMBOL_PIPE" + a47="--trace=AC_LIBTOOL_SYS_HARD_LINK_LOCKS" + a48="--trace=AC_LIBTOOL_SYS_LIB_STRIP" + a49="--trace=AC_LIBTOOL_SYS_MAX_CMD_LEN" + a50="--trace=AC_LIBTOOL_SYS_OLD_ARCHIVE" + a51="--trace=AC_LIBTOOL_WIN32_DLL" + a52="--trace=AC_LIB_LTDL" + a53="--trace=AC_LTDL_DLLIB" + a54="--trace=AC_LTDL_DLSYM_USCORE" + a55="--trace=AC_LTDL_ENABLE_INSTALL" + a56="--trace=AC_LTDL_OBJDIR" + a57="--trace=AC_LTDL_PREOPEN" + a58="--trace=AC_LTDL_SHLIBEXT" + a59="--trace=AC_LTDL_SHLIBPATH" + a60="--trace=AC_LTDL_SYMBOL_USCORE" + a61="--trace=AC_LTDL_SYSSEARCHPATH" + a62="--trace=AC_LTDL_SYS_DLOPEN_DEPLIBS" + a63="--trace=AC_PATH_MAGIC" + a64="--trace=AC_PATH_TOOL_PREFIX" + a65="--trace=AC_PROG_EGREP" + a66="--trace=AC_PROG_LD" + a67="--trace=AC_PROG_LD_GNU" + a68="--trace=AC_PROG_LD_RELOAD_FLAG" + a69="--trace=AC_PROG_LIBTOOL" + a70="--trace=AC_PROG_NM" + a71="--trace=AC_WITH_LTDL" + a72="--trace=AM_AUTOMAKE_VERSION" + a73="--trace=AM_AUX_DIR_EXPAND" + a74="--trace=AM_CONDITIONAL" + a75="--trace=AM_DEP_TRACK" + a76="--trace=AM_DISABLE_SHARED" + a77="--trace=AM_DISABLE_STATIC" + a78="--trace=AM_ENABLE_SHARED" + a79="--trace=AM_ENABLE_STATIC" + a80="--trace=AM_INIT_AUTOMAKE" + a81="--trace=AM_MAKE_INCLUDE" + a82="--trace=AM_MISSING_HAS_RUN" + a83="--trace=AM_MISSING_PROG" + a84="--trace=AM_OUTPUT_DEPENDENCY_COMMANDS" + a85="--trace=AM_PROG_CC_C_O" + a86="--trace=AM_PROG_INSTALL_SH" + a87="--trace=AM_PROG_INSTALL_STRIP" + a88="--trace=AM_PROG_LD" + a89="--trace=AM_PROG_LIBTOOL" + a90="--trace=AM_PROG_NM" + a91="--trace=AM_RUN_LOG" + a92="--trace=AM_SANITY_CHECK" + a93="--trace=AM_SET_CURRENT_AUTOMAKE_VERSION" + a94="--trace=AM_SET_DEPDIR" + a95="--trace=AM_SET_LEADING_DOT" + a96="--trace=AM_SILENT_RULES" + a97="--trace=AM_SUBST_NOTMAKE" + a98="--trace=AU_DEFUN" + a99="--trace=LTDL_CONVENIENCE" + a100="--trace=LTDL_INIT" + a101="--trace=LTDL_INSTALLABLE" + a102="--trace=LTOBSOLETE_VERSION" + a103="--trace=LTOPTIONS_VERSION" + a104="--trace=LTSUGAR_VERSION" + a105="--trace=LTVERSION_VERSION" + a106="--trace=LT_AC_PROG_EGREP" + a107="--trace=LT_AC_PROG_GCJ" + a108="--trace=LT_AC_PROG_RC" + a109="--trace=LT_AC_PROG_SED" + a110="--trace=LT_CMD_MAX_LEN" + a111="--trace=LT_CONFIG_LTDL_DIR" + a112="--trace=LT_FUNC_ARGZ" + a113="--trace=LT_FUNC_DLSYM_USCORE" + a114="--trace=LT_INIT" + a115="--trace=LT_LANG" + a116="--trace=LT_LIB_DLLOAD" + a117="--trace=LT_LIB_M" + a118="--trace=LT_OUTPUT" + a119="--trace=LT_PATH_LD" + a120="--trace=LT_PATH_NM" + a121="--trace=LT_PROG_GCJ" + a122="--trace=LT_PROG_GO" + a123="--trace=LT_PROG_RC" + a124="--trace=LT_SUPPORTED_TAG" + a125="--trace=LT_SYS_DLOPEN_DEPLIBS" + a126="--trace=LT_SYS_DLOPEN_SELF" + a127="--trace=LT_SYS_DLSEARCH_PATH" + a128="--trace=LT_SYS_MODULE_EXT" + a129="--trace=LT_SYS_MODULE_PATH" + a130="--trace=LT_SYS_SYMBOL_USCORE" + a131="--trace=LT_WITH_LTDL" + a132="--trace=_AC_AM_CONFIG_HEADER_HOOK" + a133="--trace=_AC_PROG_LIBTOOL" + a134="--trace=_AM_AUTOCONF_VERSION" + a135="--trace=_AM_CONFIG_MACRO_DIRS" + a136="--trace=_AM_DEPENDENCIES" + a137="--trace=_AM_IF_OPTION" + a138="--trace=_AM_MANGLE_OPTION" + a139="--trace=_AM_OUTPUT_DEPENDENCY_COMMANDS" + a140="--trace=_AM_PROG_CC_C_O" + a141="--trace=_AM_PROG_TAR" + a142="--trace=_AM_SET_OPTION" + a143="--trace=_AM_SET_OPTIONS" + a144="--trace=_AM_SUBST_NOTMAKE" + a145="--trace=_LTDL_SETUP" + a146="--trace=_LT_AC_CHECK_DLFCN" + a147="--trace=_LT_AC_FILE_LTDLL_C" + a148="--trace=_LT_AC_LANG_CXX" + a149="--trace=_LT_AC_LANG_CXX_CONFIG" + a150="--trace=_LT_AC_LANG_C_CONFIG" + a151="--trace=_LT_AC_LANG_F77" + a152="--trace=_LT_AC_LANG_F77_CONFIG" + a153="--trace=_LT_AC_LANG_GCJ" + a154="--trace=_LT_AC_LANG_GCJ_CONFIG" + a155="--trace=_LT_AC_LANG_RC_CONFIG" + a156="--trace=_LT_AC_LOCK" + a157="--trace=_LT_AC_PROG_CXXCPP" + a158="--trace=_LT_AC_PROG_ECHO_BACKSLASH" + a159="--trace=_LT_AC_SHELL_INIT" + a160="--trace=_LT_AC_SYS_COMPILER" + a161="--trace=_LT_AC_SYS_LIBPATH_AIX" + a162="--trace=_LT_AC_TAGCONFIG" + a163="--trace=_LT_AC_TAGVAR" + a164="--trace=_LT_AC_TRY_DLOPEN_SELF" + a165="--trace=_LT_CC_BASENAME" + a166="--trace=_LT_COMPILER_BOILERPLATE" + a167="--trace=_LT_COMPILER_OPTION" + a168="--trace=_LT_DLL_DEF_P" + a169="--trace=_LT_LIBOBJ" + a170="--trace=_LT_LINKER_BOILERPLATE" + a171="--trace=_LT_LINKER_OPTION" + a172="--trace=_LT_PATH_TOOL_PREFIX" + a173="--trace=_LT_PREPARE_SED_QUOTE_VARS" + a174="--trace=_LT_PROG_CXX" + a175="--trace=_LT_PROG_ECHO_BACKSLASH" + a176="--trace=_LT_PROG_F77" + a177="--trace=_LT_PROG_FC" + a178="--trace=_LT_PROG_LTMAIN" + a179="--trace=_LT_REQUIRED_DARWIN_CHECKS" + a180="--trace=_LT_WITH_SYSROOT" + a181="--trace=_m4_warn" + a182="--trace=include" + a183="--trace=m4_include" + a184="--trace=m4_pattern_allow" + a185="--trace=m4_pattern_forbid" + a186="--reload-state=/usr/share/autoconf-2.60/autoconf/autoconf.m4f" + a187="--undefine=__m4_version__" + a188="-" + a189="/usr/share/aclocal-1.16/internal/ac-config-macro-dirs.m4" + a190="/usr/share/libtool/aclocal/libtool.m4" + a191="/usr/share/libtool/aclocal/ltargz.m4" + a192="/usr/share/libtool/aclocal/ltdl.m4" + a193="/usr/share/libtool/aclocal/ltoptions.m4" + a194="/usr/share/libtool/aclocal/ltsugar.m4" + a195="/usr/share/libtool/aclocal/ltversion.m4" + a196="/usr/share/libtool/aclocal/lt~obsolete.m4" + a197="/usr/share/aclocal-1.16/amversion.m4" + a198="/usr/share/aclocal-1.16/auxdir.m4" + a199="/usr/share/aclocal-1.16/cond.m4" + a200="/usr/share/aclocal-1.16/depend.m4" + a201="/usr/share/aclocal-1.16/depout.m4" + a202="/usr/share/aclocal-1.16/init.m4" + a203="/usr/share/aclocal-1.16/install-sh.m4" + a204="/usr/share/aclocal-1.16/lead-dot.m4" + a205="/usr/share/aclocal-1.16/make.m4" + a206="/usr/share/aclocal-1.16/missing.m4" + a207="/usr/share/aclocal-1.16/options.m4" + a208="/usr/share/aclocal-1.16/prog-cc-c-o.m4" + a209="/usr/share/aclocal-1.16/runlog.m4" + a210="/usr/share/aclocal-1.16/sanity.m4" + a211="/usr/share/aclocal-1.16/silent.m4" + a212="/usr/share/aclocal-1.16/strip.m4" + a213="/usr/share/aclocal-1.16/substnot.m4" + a214="/usr/share/aclocal-1.16/tar.m4" + a215="configure.ac" record 3 of type 1307(CWD) has 2 fields line=10 file=test4.log event time: 1655465404.819:27091, host=(null) - type=CWD (CWD) - cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1/contrib/minizip" (/usr/src/RPM/BUILD/zlib-1.2.11-alt1/contrib/minizip) + type=CWD + cwd="/usr/src/RPM/BUILD/zlib-1.2.11-alt1/contrib/minizip" record 4 of type 1302(PATH) has 15 fields line=11 file=test4.log event time: 1655465404.819:27091, host=(null) - type=PATH (PATH) - item=0 (0) - name="/usr/bin/m4" (/usr/bin/m4) - inode=40839 (40839) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=0 + name="/usr/bin/m4" + inode=40839 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 5 of type 1302(PATH) has 15 fields line=12 file=test4.log event time: 1655465404.819:27091, host=(null) - type=PATH (PATH) - item=1 (1) - name="/lib64/ld-linux-aarch64.so.1" (/lib64/ld-linux-aarch64.so.1) - inode=33874 (33874) - dev=00:30 (00:30) - mode=0100755 (file,755) - ouid=582 (unknown(582)) - ogid=582 (unknown(582)) - rdev=00:00 (00:00) - nametype=NORMAL (NORMAL) - cap_fp=0 (none) - cap_fi=0 (none) - cap_fe=0 (0) - cap_fver=0 (0) - cap_frootid=0 (0) + type=PATH + item=1 + name="/lib64/ld-linux-aarch64.so.1" + inode=33874 + dev=00:30 + mode=0100755 + ouid=582 + ogid=582 + rdev=00:00 + nametype=NORMAL + cap_fp=0 + cap_fi=0 + cap_fe=0 + cap_fver=0 + cap_frootid=0 record 6 of type 1327(PROCTITLE) has 2 fields line=13 file=test4.log event time: 1655465404.819:27091, host=(null) - type=PROCTITLE (PROCTITLE) - proctitle=2F7573722F62696E2F6D34002D2D6E657374696E672D6C696D69743D31303234002D2D676E75002D2D696E636C7564653D2F7573722F73686172652F6175746F636F6E662D322E3630002D2D64656275673D61666C71002D2D666174616C2D7761726E696E67002D2D646562756766696C653D6175746F6D3474652E63616368 (/usr/bin/m4 --nesting-limit=1024 --gnu --include=/usr/share/autoconf-2.60 --debug=aflq --fatal-warning --debugfile=autom4te.cach) + type=PROCTITLE + proctitle=2F7573722F62696E2F6D34002D2D6E657374696E672D6C696D69743D31303234002D2D676E75002D2D696E636C7564653D2F7573722F73686172652F6175746F636F6E662D322E3630002D2D64656275673D61666C71002D2D666174616C2D7761726E696E67002D2D646562756766696C653D6175746F6D3474652E63616368 Test 11 Done