#!/bin/bash

## Copyright (C) 2020 - 2025 ENCRYPTED SUPPORT LLC <adrelanos@whonix.org>
## See the file COPYING for copying conditions.

## https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/22

## Not using sudo hardcoded below.
## https://forums.whonix.org/t/full-system-apparmor-policy-testers-wanted/10381/29
if [ "$(id -u)" != "0" ]; then
   echo "ERROR: Must run as root." >&2
   echo "sudo $0" >&2
   exit 112
fi

while read -r -d $'\n' line; do
   line=$(echo "$line" | grep "ALLOWED\|DENIED")
   line=$(echo "$line" | sed -e 's/pid=.* comm/comm/g')
   line=$(echo "$line" | sed -e 's/ fsuid.*//g')
   if [ "$line" = "" ]; then
      continue
   fi
   echo "$line"
done < <( journalctl _TRANSPORT=audit --follow --lines=0 --output cat "${@}" )