Description of problem: Beakerlib functions which are more fancy than: START_DATE_TIME=`date "+%m/%d/%Y %T"` and ausearch -m AVC -ts ${START_DATE_TIME} Something like rlSESetTimestamp [label] rlSECheckAVC [label] ^ ^ This is what I am using at the moment. My current implementation below: # save the timestamp in ausearch friendly format # timestamps are available as global variables TIMESTAMP[_NAME] # Usage: rlSESetTimestamp [timestamp_name] function rlSESetTimestamp() { local STAMP=`date "+%m/%d/%Y %T"` local NAME="TIMESTAMP" [ -z "$1" ] || NAME="${NAME}_$1" eval "export $NAME='$STAMP'" rlLog "Setting timestamp '$NAME' [$STAMP]" } # function checkes whether there are any AVC since the defined TIMESTAMP # Usage: rlSECheckAVC [timestamp_name] function rlSECheckAVC() { local NAME="TIMESTAMP" [ -z "$1" ] || NAME="${NAME}_$1" local STAMP=`eval "echo \\$$NAME"` if [ -z "$STAMP" ]; then rlLogError "Timestamp $NAME is not defined" return 1 else rlRun "ausearch -m AVC -ts $STAMP 2>&1 | grep -v '<no matches>'" 1 "Check AVC since timestamp '$NAME' [$STAMP]" fi }
Journal overhaul is the prerequisite, I like the concept
This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
This is currently covered by library(selinux-policy/common). There seems to be no urge to make it available in upstream. Feel free to reopen this bug in case the beaker library is insufficient.