[PATCH 2/2] auvirt: Remove workaround for VM name searching

[Steve Grubb]

On Wednesday, February 08, 2012 12:04:58 PM Marcelo Cerri wrote:
> Auvirt adds quotes to the given VM name when creating the search criteria.
> With the previous patch, this workaround is no longer needed and this
> patch removes it.

What you are seeing here is actually a different problem. The description you 
have:

using the example above the following rule will not match:
 ausearch_add_item(au, "vm", "=", "guest-name", how);

But this rule will match:
 ausearch_add_item(au, "vm", "=", "\"guest-name\"", how);

describes the following issue. If you look at the vm field type, it has this 
realtionship in typetab.h:
_S(AUPARSE_TYPE_ESCAPED,	"vm"

Which means that if you are not getting a hit, the search algorithm might need 
fixing. If the searched field type is escaped, the algorithm should escape the 
field and then do the match. For example, what if you have a vm name of "test 
run". It will wind up being escaped and looking like hex encoded ascii. This is 
much worse than just adding quotes.

So, I think the best solution is make this invisible to the outside world. The 
function call ausearch_add_item() should do a type lookup of the field and then 
escape the value if the returned type is AUPARSE_TYPE_ESCAPED.

On output, your program probably wants to call auparse_get_field_type() and if 
its AUPARSE_TYPE_ESCAPED, then call auparse_interpret_field() and output that.

-Steve