On 18 May 2007, at 5:57 PM, Manuel Wolfshant wrote:
Lee Kok Seng wrote:
Hello,
Here is version 1.0.4 of the script previously posted.
Hi
Under centos 4.5 (perl-5.8.5-36.RHEL4.i386) and Fedora 6 (perl-5.8.8-10) I get:
Use of uninitialized value in pattern match (m//) at ./avctree.pl line 133.
pl version 1.0.4+, Copyright (C) 2007, LEE, "Kok Seng" (kokseng
at ieee dot org)
Could you please fix this ?
manuel
Lee Kok Seng wrote:
Hello,
Here is version 1.0.4 of the script previously posted.
And this is on another centos (4.4) :
[root@imap ~]# ./avctree.pl --log=all Use of uninitialized value in pattern match (m//) at ./avctree.pl line 133. readline() on closed filehandle LOGF at ./avctree.pl line 197. readline() on closed filehandle LOGF at ./avctree.pl line 197.
Hello,
Thanks for the report. Here is the fix.
/ks -------------------------------------------------------------- [cut]---------------------------------------------------------- Index: avctree =================================================================== --- avctree (revision 21) +++ avctree (working copy) @@ -27,7 +27,7 @@ # 1.0.2 --re option allow context to mean scontext or tcontext, all to mean any key # 1.0.3 added --age option to select based on age of message # 1.0.4 added --uniq option to show messages that are unique -my $version='1.0.4+'; +my $version='1.0.4++'; use strict; use warnings; my ($thisScript) = ($0 =~ /.*?/*(\w+)$/); @@ -115,7 +115,7 @@ my $skiptags = defined($tagsARG)?0:1; ## Option: log files my @logOPT = grep -e $_, split /,|\n|\r/, $logARG if (defined ($logARG)); -@logOPT = ('/var/log/messages','/var/log/kernel','/var/log/debug','/ var//log/audit') +@logOPT = ('/var/log/audit','/var/log/kernel','/var/log/messages','/ var/log/debug') if (defined($logARG) && ((!scalar @logOPT) || grep /all/, @logOPT)); @logOPT = ('/var/log/audit') if (!scalar @logOPT && -e '/var/log/ audit'); @logOPT = ('/var/log/kernel') if (!scalar @logOPT && -e '/var/log/ kernel'); @@ -130,7 +130,7 @@ ## Option: age my @ageOPT = split /,|\n|\r/, $ageARG if (defined($ageARG)); @ageOPT = ('10m') if (defined($ageARG) && !scalar @ageOPT); -my ($age, $tu) = ($ageOPT[0] =~ /\s*([\d.]+)\s*([smhdw]).*/); +my ($age, $tu) = ($ageOPT[0] =~ /\s*([\d.]+)\s*([smhdw]).*/) if @ageOPT; undef $ageARG if (!defined($age)); $age *= defined($tu)?($tu eq 'm'?60:($tu eq 'h'?3600:($tu eq 'd'? 86400:($tu eq 'w'?604800:1)))):1 if (defined($ageARG)); ## ------------------------------------------------------------------------ ---------------------- @@ -191,7 +191,8 @@ my $tmax = defined($avc->{'_tcontext_max_'})?$avc-> {'_tcontext_max_'}:0; my $smax = defined($avc->{'_scontext_max_'})?$avc-> {'_scontext_max_'}:0; my $rex = undef; - + + return if ( ! -e $logfile ); open LOGF, '<' . $logfile || die "Cannot open input file: $logfile"; while (<LOGF>) { @@ -235,16 +236,19 @@ # Check if this message is unique my $uniq = 1; + #print "\n $this{scontext} $this{tcontext} $this{comm} $this {action} $this{tclass}"; if (defined($uniqARG)&&defined($avc{'scontext'})&&defined($avc {'scontext'}->{$this{'scontext'}})) { foreach (@{$avc{'scontext'}->{$this{'scontext'}}}) { + #print "\n $_->{scontext} $_->{tcontext} $_->{comm} $_-> {action} $_->{tclass}"; + if ($_->{'tcontext'} eq $this{'tcontext'} && ($_->{'comm'} eq $this{'comm'})&& - ($_->{'name'} eq $this{'name'}) && ($_->{'tclass'} eq $this{'tclass'}) && ($_->{'action'} eq $this{'action'}) && - (!defined($_->{'dev'}) || $_->{'dev'} eq $this{'dev'}) && - (!defined($_->{'ino'}) || $_->{'ino'} eq $this{'ino'}) && - (!defined($_->{'key'}) || $_->{'key'} eq $this{'key'}) + (!defined($_->{'name'}) || (defined($this{'name'}) && $_-> {'name'} eq $this{'name'})) && + (!defined($_->{'dev'}) || (defined($this{'dev'}) && $_->{'dev'} eq $this{'dev'})) && + (!defined($_->{'ino'}) || (defined($this{'ino'}) && $_->{'ino'} eq $this{'ino'})) && + (!defined($_->{'key'}) || (defined($this{'key'}) && $_->{'key'} eq $this{'key'})) ) { $_->{'_same_'} = [()] if (!defined($_->{'_same_'})); push @{$_->{'_same_'}}, %this; @@ -336,10 +340,11 @@ readLOG(%avc, $_, scalar @reOPT?@reOPT:undef) foreach (@logLIST); # Decide which category to print @catOPT = (sort keys %avc) if (defined($catARG) && (! scalar @catOPT) || grep /all/,@catOPT ) ; -@catOPT = @catDEF if (!defined($catARG)); +@catOPT = grep !/^\s*$/, @catDEF if (!defined($catARG)); print "\n> $thisScript version $version, Copyright (C) 2007, LEE, "Kok Seng" (kokseng at ieee dot org)"; print "\n> Notice: get help and condition of usage inforamtion regarding this script: $thisScript --help"; -print "\n> File(s) parsed: ", join ', ', @logOPT, " Key(s) : ", join ', ', @catOPT; +print "\n> File(s) parsed: ", join ', ', @logOPT; +print "\n> Key(s) : " . join(', ', @catOPT); print "\n> Regular expression = ", join ' or ', @reOPT if (scalar @reOPT); print "\n> Age not more than ", $ageARG, " (", $age, " seconds)" if (defined($ageARG)); print "\n> Unique mode is ON" if (defined($uniqARG));