#!/bin/sh -efu

. inotifier-functions.sh

msg_str="$(cat "$DESK_MESSAGE_FILE" 2>/dev/null)"
if [ -z "$msg_str" ]; then
    echo "Using the default user desktop message" >&2
    title_str='You have attempted to run a damaged file'
    msg_str='%s (%s)'
else
    title_str="$(echo "$msg_str" | head -1)"
    msg_str="$(echo "$msg_str" | tail -n +2)"

    if [ -z "$msg_str" ]; then
        msg_str="$title_str"
        echo "Using the default user desktop title" >&2
        title_str='You have attempted to run a damaged file'
    fi
fi

# @400000005cc2f40c1733bc44 Mar 15 23:30:58 comp-core-i5-4570-490e11.localdomain audit[1442]: INTEGRITY_DATA pid=1442 uid=0 auid=0 ses=1 subj=generic_u:generic_r:generic_t:s0 op="appraise_data" cause="IMA-signature-required" comm="notifier.sh" name="/etc/integrity/real_notify.sh" dev="sda2" ino=420510 res=0

if ! check_uid "$UID"; then
    echo "Skip desktop notifications for UID $UID." >&2
    exit 0
fi

#shellcheck disable=SC2034
tail -qF "$LOGDIR/current" | grep --line-buffered "[[:space:]]\\+uid=$UID" | \
    while read -r ts f1 f2 f3 f4 f5 f6 _pid _uid f9 ses subj op cause comm rest; do
        check_timestamp "$ts" || continue
	#shellcheck disable=SC2059
        notify-send -u critical -i warning "$title_str" \
                    "$(printf "$msg_str" "${comm#*=}" "${cause#*=}")"
    done
