calcurse newsboat and auditd aliases

2022-05-01 13:45:12 +05:30 · 2022-05-01 13:45:12 +05:30 · 209a0af18b
commit 209a0af18b
parent 75c1e74fb9
3 changed files with 1868 additions and 1 deletions
--- a/.bash_aliases
+++ b/.bash_aliases
@ -49,4 +49,15 @@ alias gck='git checkout'
 alias gckb='git checkout -b'
 alias gvrf='git rev-parse --verify HEAD'
 alias gscm='git commit -S -m'
+
+# aureport and ausearch
+alias aurepwk='aureport --start this-week'
+alias aurepwkv='aureport --start this-week --key --summary'
+# syscall audit rule for failure to open files due to EPERM with key field access
+# add to syscall.rules
+# -a always,exit -F arch=b64 -S open -S openat -F exit=-EPERM -k access
+# check which files have been attempted
+alias aurfilist='ausearch --start this-week -k access --raw | aureport --file --summary'
+# check the user accounts implicated 
+alias aurlusfi='ausearch --start this-week -k access --raw | aureport --user --summary'
 ~
--- a/.config/calcurse/conf
+++ b/.config/calcurse/conf
@ -8,7 +8,7 @@ appearance.dayseparator=yes
 appearance.emptyline=yes
 appearance.emptyday=--
 appearance.notifybar=yes
-appearance.sidebarwidth=0
+appearance.sidebarwidth=5
 appearance.theme=blue on default
 appearance.todoview=hide-completed
 appearance.headingpos=right-justified
@ -30,3 +30,4 @@ general.systemevents=yes
 notification.command=printf '\a'
 notification.notifyall=flagged-only
 notification.warning=300
+format.appointmenttime=%H:%M
--- a/.config/newsboat/config
+++ b/.config/newsboat/config