From cf925fd16ac21ec5708e4c34fc3581cf74b14393 Mon Sep 17 00:00:00 2001
From: Abhishek Anand <raianand@users.noreply.github.com>
Date: Thu, 5 Sep 2024 18:29:29 +0530
Subject: [PATCH] fix audit rules

---
 dist/index.js        | 8 +++-----
 src/audit_rules.js   | 2 --
 src/main.js          | 2 +-
 src/scripts/audit.sh | 5 +++--
 src/version.js       | 2 +-
 5 files changed, 8 insertions(+), 11 deletions(-)

diff --git a/dist/index.js b/dist/index.js
index 3497a30..e0dfd98 100644
--- a/dist/index.js
+++ b/dist/index.js
@@ -121976,8 +121976,6 @@ async function auditRulesTemplate({ homeDir, workingDir }) {
 -w /etc/docker/daemon.json -p wa -k bolt_monitored_docker_daemon_changes
 
 -w /var/log/audit/audit.log -p wa -k bolt_monitored_audit_log_changes
-
--e 2
 `
 }
 
@@ -122279,7 +122277,7 @@ module.exports = {
 /***/ ((module) => {
 
 const auditScriptBase64 = () => {
-  return 'IyEgL2Jpbi9iYXNoCgpkZWJ1Zz0kMQoKaWYgW1sgIiRkZWJ1ZyIgPT0gInRydWUiIF1dOyB0aGVuCglzZXQgLXgKZmkKCmlmICEgY29tbWFuZCAtdiBhdWRpdGQgJj4vZGV2L251bGw7IHRoZW4KCWVjaG8gIkluc3RhbGxpbmcgYXVkaXRkLi4uIgoJc3VkbyBhcHQtZ2V0IGluc3RhbGwgYXVkaXRkIC15CgllY2hvICJhdWRpdGQgaW5zdGFsbGVkIHN1Y2Nlc3NmdWxseS4iCmVsc2UKCWVjaG8gImF1ZGl0ZCBpcyBhbHJlYWR5IGluc3RhbGxlZC4iCmZpCgojIFNjcmlwdCBleHBlY3RzIGF1ZGl0LnJ1bGVzIGZpbGUgdG8gYmUgaW4gdGhlIHNhbWUgZGlyZWN0b3J5CiMgTW92ZSBhdWRpdC5ydWxlcyBmaWxlIHRvIC9ldGMvYXVkaXQvcnVsZXMuZC8gZGlyZWN0b3J5Cm12IGF1ZGl0LnJ1bGVzIC9ldGMvYXVkaXQvcnVsZXMuZC8KCiMgUmVzdGFydCBhdWRpdGQgc2VydmljZSB0byBhcHBseSB0aGUgbmV3IHJ1bGVzCnNlcnZpY2UgYXVkaXRkIHJlc3RhcnQKCmF1ZGl0Y3RsIC13ICQyIC1wIHdhIC1rIGJvbHRfbW9uaXRvcmVkX3dkX2NoYW5nZXMKCmF1ZGl0Y3RsIC1lIDIKCgoK'
+  return 'IyEgL2Jpbi9iYXNoCgp3b3JraW5nRGlyPSQxCmRlYnVnPSQyCgppZiBbWyAiJGRlYnVnIiA9PSAidHJ1ZSIgXV07IHRoZW4KCXNldCAteApmaQoKaWYgISBjb21tYW5kIC12IGF1ZGl0ZCAmPi9kZXYvbnVsbDsgdGhlbgoJZWNobyAiSW5zdGFsbGluZyBhdWRpdGQuLi4iCglzdWRvIGFwdC1nZXQgaW5zdGFsbCBhdWRpdGQgLXkKCWVjaG8gImF1ZGl0ZCBpbnN0YWxsZWQgc3VjY2Vzc2Z1bGx5LiIKZWxzZQoJZWNobyAiYXVkaXRkIGlzIGFscmVhZHkgaW5zdGFsbGVkLiIKZmkKCiMgU2NyaXB0IGV4cGVjdHMgYXVkaXQucnVsZXMgZmlsZSB0byBiZSBpbiB0aGUgc2FtZSBkaXJlY3RvcnkKIyBNb3ZlIGF1ZGl0LnJ1bGVzIGZpbGUgdG8gL2V0Yy9hdWRpdC9ydWxlcy5kLyBkaXJlY3RvcnkKbXYgYXVkaXQucnVsZXMgL2V0Yy9hdWRpdC9ydWxlcy5kLwoKIyBSZXN0YXJ0IGF1ZGl0ZCBzZXJ2aWNlIHRvIGFwcGx5IHRoZSBuZXcgcnVsZXMKc2VydmljZSBhdWRpdGQgcmVzdGFydAoKYXVkaXRjdGwgLXcgJHdvcmtpbmdEaXIgLXAgd2EgLWsgYm9sdF9tb25pdG9yZWRfd2RfY2hhbmdlcwoKYXVkaXRjdGwgLWUgMgoKCgo='
 }
 
 module.exports = {
@@ -122731,7 +122729,7 @@ async function run() {
     core.info('Setting up auditd...')
     const auditRules = await auditRulesTemplate({ homeDir, workingDir })
     fs.writeFileSync('audit.rules', auditRules)
-    await exec(`sudo bash audit.sh ${isDebugMode}`)
+    await exec(`sudo bash audit.sh ${workingDir} ${isDebugMode}`)
     core.info('Setting up auditd... done')
 
     benchmark('setup-auditd')
@@ -123424,7 +123422,7 @@ module.exports = {
 /***/ 49554:
 /***/ ((module) => {
 
-const releaseVersion = 'v1.7.0-rc.2'
+const releaseVersion = 'v1.7.0-rc.3'
 
 module.exports = {
   releaseVersion
diff --git a/src/audit_rules.js b/src/audit_rules.js
index 5e6d2b4..8a6f919 100644
--- a/src/audit_rules.js
+++ b/src/audit_rules.js
@@ -27,8 +27,6 @@ async function auditRulesTemplate({ homeDir, workingDir }) {
 -w /etc/docker/daemon.json -p wa -k bolt_monitored_docker_daemon_changes
 
 -w /var/log/audit/audit.log -p wa -k bolt_monitored_audit_log_changes
-
--e 2
 `
 }
 
diff --git a/src/main.js b/src/main.js
index f98e602..322aa1e 100644
--- a/src/main.js
+++ b/src/main.js
@@ -92,7 +92,7 @@ async function run() {
     core.info('Setting up auditd...')
     const auditRules = await auditRulesTemplate({ homeDir, workingDir })
     fs.writeFileSync('audit.rules', auditRules)
-    await exec(`sudo bash audit.sh ${isDebugMode}`)
+    await exec(`sudo bash audit.sh ${workingDir} ${isDebugMode}`)
     core.info('Setting up auditd... done')
 
     benchmark('setup-auditd')
diff --git a/src/scripts/audit.sh b/src/scripts/audit.sh
index 3bd6465..1d1ad7e 100755
--- a/src/scripts/audit.sh
+++ b/src/scripts/audit.sh
@@ -1,6 +1,7 @@
 #! /bin/bash
 
-debug=$1
+workingDir=$1
+debug=$2
 
 if [[ "$debug" == "true" ]]; then
 	set -x
@@ -21,7 +22,7 @@ mv audit.rules /etc/audit/rules.d/
 # Restart auditd service to apply the new rules
 service auditd restart
 
-auditctl -w $2 -p wa -k bolt_monitored_wd_changes
+auditctl -w $workingDir -p wa -k bolt_monitored_wd_changes
 
 auditctl -e 2
 
diff --git a/src/version.js b/src/version.js
index 89129f0..a136c34 100644
--- a/src/version.js
+++ b/src/version.js
@@ -1,4 +1,4 @@
-const releaseVersion = 'v1.7.0-rc.2'
+const releaseVersion = 'v1.7.0-rc.3'
 
 module.exports = {
   releaseVersion