105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
# File 'lib/resources/auditd.rb', line 105
def syscall_rules_for(line)
syscalls = syscalls_for(line)
action, list = action_list_for(line)
fields = rule_fields_for(line)
key_field, fields_nokey = remove_key_from(fields)
key = key_in(key_field.join(''))
arch = arch_in(fields)
path = path_in(fields)
perms = perms_in(fields)
exit_field = exit_in(fields)
syscalls.each do |s|
@params.push(
{
'syscall' => s,
'list' => list,
'action' => action,
'fields' => fields,
'key' => key,
'arch' => arch,
'path' => path,
'permissions' => perms,
'exit' => exit_field,
'fields_nokey' => fields_nokey,
},
)
end
end
|