Function( Function { head: Destructured( FunctionHeadDestructured { ellipsis: true, identifier: None, arguments: [ FunctionHeadDestructuredArgument { identifier: "config", default: None, }, FunctionHeadDestructuredArgument { identifier: "lib", default: None, }, FunctionHeadDestructuredArgument { identifier: "pkgs", default: None, }, ], }, ), body: With( With { expression: Identifier( Identifier { id: "lib", span: Span { start: Position { line: 3, column: 6, }, end: Position { line: 3, column: 9, }, }, }, ), target: LetIn( LetIn { bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "cfg", span: Span { start: Position { line: 6, column: 3, }, end: Position { line: 6, column: 6, }, }, }, ), ], to: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "config", span: Span { start: Position { line: 6, column: 9, }, end: Position { line: 6, column: 15, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "security", span: Span { start: Position { line: 6, column: 16, }, end: Position { line: 6, column: 24, }, }, }, ), Raw( PartRaw { content: "audit", span: Span { start: Position { line: 6, column: 25, }, end: Position { line: 6, column: 30, }, }, }, ), ], default: None, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "enabled", span: Span { start: Position { line: 7, column: 3, }, end: Position { line: 7, column: 10, }, }, }, ), ], to: BinaryOperation( BinaryOperation { left: BinaryOperation( BinaryOperation { left: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "cfg", span: Span { start: Position { line: 7, column: 13, }, end: Position { line: 7, column: 16, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "enable", span: Span { start: Position { line: 7, column: 17, }, end: Position { line: 7, column: 23, }, }, }, ), ], default: None, }, ), operator: EqualTo, right: String( String_ { parts: [ Raw( PartRaw { content: "lock", span: Span { start: Position { line: 7, column: 28, }, end: Position { line: 7, column: 32, }, }, }, ), ], span: Span { start: Position { line: 7, column: 27, }, end: Position { line: 7, column: 33, }, }, }, ), }, ), operator: LogicalOr, right: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "cfg", span: Span { start: Position { line: 7, column: 37, }, end: Position { line: 7, column: 40, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "enable", span: Span { start: Position { line: 7, column: 41, }, end: Position { line: 7, column: 47, }, }, }, ), ], default: None, }, ), }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "failureModes", span: Span { start: Position { line: 9, column: 3, }, end: Position { line: 9, column: 15, }, }, }, ), ], to: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "silent", span: Span { start: Position { line: 10, column: 5, }, end: Position { line: 10, column: 11, }, }, }, ), ], to: Integer( Integer { value: "0", span: Span { start: Position { line: 10, column: 14, }, end: Position { line: 10, column: 15, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "printk", span: Span { start: Position { line: 11, column: 5, }, end: Position { line: 11, column: 11, }, }, }, ), ], to: Integer( Integer { value: "1", span: Span { start: Position { line: 11, column: 14, }, end: Position { line: 11, column: 15, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "panic", span: Span { start: Position { line: 12, column: 5, }, end: Position { line: 12, column: 10, }, }, }, ), ], to: Integer( Integer { value: "2", span: Span { start: Position { line: 12, column: 14, }, end: Position { line: 12, column: 15, }, }, }, ), }, ), ], span: Span { start: Position { line: 9, column: 18, }, end: Position { line: 13, column: 4, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "disableScript", span: Span { start: Position { line: 15, column: 3, }, end: Position { line: 15, column: 16, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "pkgs", span: Span { start: Position { line: 15, column: 19, }, end: Position { line: 15, column: 23, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "writeScript", span: Span { start: Position { line: 15, column: 24, }, end: Position { line: 15, column: 35, }, }, }, ), ], default: None, }, ), arguments: [ String( String_ { parts: [ Raw( PartRaw { content: "audit-disable", span: Span { start: Position { line: 15, column: 37, }, end: Position { line: 15, column: 50, }, }, }, ), ], span: Span { start: Position { line: 15, column: 36, }, end: Position { line: 15, column: 51, }, }, }, ), IndentedString( IndentedString { parts: [ Raw( PartRaw { content: "#!", span: Span { start: Position { line: 16, column: 1, }, end: Position { line: 16, column: 7, }, }, }, ), Interpolation( PartInterpolation { expression: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "pkgs", span: Span { start: Position { line: 16, column: 9, }, end: Position { line: 16, column: 13, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "runtimeShell", span: Span { start: Position { line: 16, column: 14, }, end: Position { line: 16, column: 26, }, }, }, ), ], default: None, }, ), }, ), Raw( PartRaw { content: " -eu\n# Explicitly disable everything, as otherwise journald might start it.\nauditctl -D\nauditctl -e 0 -a task,never\n", span: Span { start: Position { line: 16, column: 1, }, end: Position { line: 20, column: 3, }, }, }, ), ], span: Span { start: Position { line: 15, column: 52, }, end: Position { line: 20, column: 5, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "startScript", span: Span { start: Position { line: 25, column: 3, }, end: Position { line: 25, column: 14, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "pkgs", span: Span { start: Position { line: 25, column: 17, }, end: Position { line: 25, column: 21, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "writeScript", span: Span { start: Position { line: 25, column: 22, }, end: Position { line: 25, column: 33, }, }, }, ), ], default: None, }, ), arguments: [ String( String_ { parts: [ Raw( PartRaw { content: "audit-start", span: Span { start: Position { line: 25, column: 35, }, end: Position { line: 25, column: 46, }, }, }, ), ], span: Span { start: Position { line: 25, column: 34, }, end: Position { line: 25, column: 47, }, }, }, ), IndentedString( IndentedString { parts: [ Raw( PartRaw { content: "#!", span: Span { start: Position { line: 26, column: 1, }, end: Position { line: 26, column: 7, }, }, }, ), Interpolation( PartInterpolation { expression: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "pkgs", span: Span { start: Position { line: 26, column: 9, }, end: Position { line: 26, column: 13, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "runtimeShell", span: Span { start: Position { line: 26, column: 14, }, end: Position { line: 26, column: 26, }, }, }, ), ], default: None, }, ), }, ), Raw( PartRaw { content: " -eu\n# Clear out any rules we may start with\nauditctl -D\n\n# Put the rules in a temporary file owned and only readable by root\nrulesfile=\"$(mktemp)\"\n", span: Span { start: Position { line: 26, column: 1, }, end: Position { line: 32, column: 5, }, }, }, ), Interpolation( PartInterpolation { expression: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "concatMapStrings", span: Span { start: Position { line: 32, column: 7, }, end: Position { line: 32, column: 23, }, }, }, ), arguments: [ Function( Function { head: Simple( FunctionHeadSimple { identifier: "x", }, ), body: String( String_ { parts: [ Raw( PartRaw { content: "echo '", span: Span { start: Position { line: 32, column: 29, }, end: Position { line: 32, column: 39, }, }, }, ), Interpolation( PartInterpolation { expression: Identifier( Identifier { id: "x", span: Span { start: Position { line: 32, column: 37, }, end: Position { line: 32, column: 38, }, }, }, ), }, ), Raw( PartRaw { content: "' >> $rulesfile\n", span: Span { start: Position { line: 32, column: 29, }, end: Position { line: 32, column: 56, }, }, }, ), ], span: Span { start: Position { line: 32, column: 28, }, end: Position { line: 32, column: 57, }, }, }, ), span: Span { start: Position { line: 32, column: 25, }, end: Position { line: 32, column: 57, }, }, }, ), PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "cfg", span: Span { start: Position { line: 32, column: 59, }, end: Position { line: 32, column: 62, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "rules", span: Span { start: Position { line: 32, column: 63, }, end: Position { line: 32, column: 68, }, }, }, ), ], default: None, }, ), ], }, ), }, ), Raw( PartRaw { content: "\n\n# Apply the requested rules\nauditctl -R \"$rulesfile\"\n\n# Enable and configure auditing\nauditctl \\\n -e ", span: Span { start: Position { line: 26, column: 1, }, end: Position { line: 39, column: 10, }, }, }, ), Interpolation( PartInterpolation { expression: IfThenElse( IfThenElse { predicate: BinaryOperation( BinaryOperation { left: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "cfg", span: Span { start: Position { line: 39, column: 15, }, end: Position { line: 39, column: 18, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "enable", span: Span { start: Position { line: 39, column: 19, }, end: Position { line: 39, column: 25, }, }, }, ), ], default: None, }, ), operator: EqualTo, right: String( String_ { parts: [ Raw( PartRaw { content: "lock", span: Span { start: Position { line: 39, column: 30, }, end: Position { line: 39, column: 34, }, }, }, ), ], span: Span { start: Position { line: 39, column: 29, }, end: Position { line: 39, column: 35, }, }, }, ), }, ), then: String( String_ { parts: [ Raw( PartRaw { content: "2", span: Span { start: Position { line: 39, column: 42, }, end: Position { line: 39, column: 43, }, }, }, ), ], span: Span { start: Position { line: 39, column: 41, }, end: Position { line: 39, column: 44, }, }, }, ), else_: String( String_ { parts: [ Raw( PartRaw { content: "1", span: Span { start: Position { line: 39, column: 51, }, end: Position { line: 39, column: 52, }, }, }, ), ], span: Span { start: Position { line: 39, column: 50, }, end: Position { line: 39, column: 53, }, }, }, ), span: Span { start: Position { line: 39, column: 12, }, end: Position { line: 39, column: 53, }, }, }, ), }, ), Raw( PartRaw { content: " \\\n -b ", span: Span { start: Position { line: 26, column: 1, }, end: Position { line: 40, column: 10, }, }, }, ), Interpolation( PartInterpolation { expression: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "toString", span: Span { start: Position { line: 40, column: 12, }, end: Position { line: 40, column: 20, }, }, }, ), arguments: [ PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "cfg", span: Span { start: Position { line: 40, column: 21, }, end: Position { line: 40, column: 24, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "backlogLimit", span: Span { start: Position { line: 40, column: 25, }, end: Position { line: 40, column: 37, }, }, }, ), ], default: None, }, ), ], }, ), }, ), Raw( PartRaw { content: " \\\n -f ", span: Span { start: Position { line: 26, column: 1, }, end: Position { line: 41, column: 10, }, }, }, ), Interpolation( PartInterpolation { expression: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "toString", span: Span { start: Position { line: 41, column: 12, }, end: Position { line: 41, column: 20, }, }, }, ), arguments: [ PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "failureModes", span: Span { start: Position { line: 41, column: 21, }, end: Position { line: 41, column: 33, }, }, }, ), attribute_path: [ Interpolation( PartInterpolation { expression: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "cfg", span: Span { start: Position { line: 41, column: 36, }, end: Position { line: 41, column: 39, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "failureMode", span: Span { start: Position { line: 41, column: 40, }, end: Position { line: 41, column: 51, }, }, }, ), ], default: None, }, ), }, ), ], default: None, }, ), ], }, ), }, ), Raw( PartRaw { content: " \\\n -r ", span: Span { start: Position { line: 26, column: 1, }, end: Position { line: 42, column: 10, }, }, }, ), Interpolation( PartInterpolation { expression: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "toString", span: Span { start: Position { line: 42, column: 12, }, end: Position { line: 42, column: 20, }, }, }, ), arguments: [ PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "cfg", span: Span { start: Position { line: 42, column: 21, }, end: Position { line: 42, column: 24, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "rateLimit", span: Span { start: Position { line: 42, column: 25, }, end: Position { line: 42, column: 34, }, }, }, ), ], default: None, }, ), ], }, ), }, ), Raw( PartRaw { content: "\n", span: Span { start: Position { line: 26, column: 1, }, end: Position { line: 43, column: 3, }, }, }, ), ], span: Span { start: Position { line: 25, column: 48, }, end: Position { line: 43, column: 5, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "stopScript", span: Span { start: Position { line: 45, column: 3, }, end: Position { line: 45, column: 13, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "pkgs", span: Span { start: Position { line: 45, column: 16, }, end: Position { line: 45, column: 20, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "writeScript", span: Span { start: Position { line: 45, column: 21, }, end: Position { line: 45, column: 32, }, }, }, ), ], default: None, }, ), arguments: [ String( String_ { parts: [ Raw( PartRaw { content: "audit-stop", span: Span { start: Position { line: 45, column: 34, }, end: Position { line: 45, column: 44, }, }, }, ), ], span: Span { start: Position { line: 45, column: 33, }, end: Position { line: 45, column: 45, }, }, }, ), IndentedString( IndentedString { parts: [ Raw( PartRaw { content: "#!", span: Span { start: Position { line: 46, column: 1, }, end: Position { line: 46, column: 7, }, }, }, ), Interpolation( PartInterpolation { expression: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "pkgs", span: Span { start: Position { line: 46, column: 9, }, end: Position { line: 46, column: 13, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "runtimeShell", span: Span { start: Position { line: 46, column: 14, }, end: Position { line: 46, column: 26, }, }, }, ), ], default: None, }, ), }, ), Raw( PartRaw { content: " -eu\n# Clear the rules\nauditctl -D\n\n# Disable auditing\nauditctl -e 0\n", span: Span { start: Position { line: 46, column: 1, }, end: Position { line: 52, column: 3, }, }, }, ), ], span: Span { start: Position { line: 45, column: 46, }, end: Position { line: 52, column: 5, }, }, }, ), ], }, ), }, ), ], target: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "options", span: Span { start: Position { line: 54, column: 3, }, end: Position { line: 54, column: 10, }, }, }, ), ], to: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "security", span: Span { start: Position { line: 55, column: 5, }, end: Position { line: 55, column: 13, }, }, }, ), Raw( PartRaw { content: "audit", span: Span { start: Position { line: 55, column: 14, }, end: Position { line: 55, column: 19, }, }, }, ), ], to: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "enable", span: Span { start: Position { line: 56, column: 7, }, end: Position { line: 56, column: 13, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "mkOption", span: Span { start: Position { line: 56, column: 16, }, end: Position { line: 56, column: 24, }, }, }, ), arguments: [ Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "type", span: Span { start: Position { line: 57, column: 9, }, end: Position { line: 57, column: 13, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "types", span: Span { start: Position { line: 57, column: 23, }, end: Position { line: 57, column: 28, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "enum", span: Span { start: Position { line: 57, column: 29, }, end: Position { line: 57, column: 33, }, }, }, ), ], default: None, }, ), arguments: [ List( List { elements: [ Identifier( Identifier { id: "false", span: Span { start: Position { line: 57, column: 36, }, end: Position { line: 57, column: 41, }, }, }, ), Identifier( Identifier { id: "true", span: Span { start: Position { line: 57, column: 42, }, end: Position { line: 57, column: 46, }, }, }, ), String( String_ { parts: [ Raw( PartRaw { content: "lock", span: Span { start: Position { line: 57, column: 48, }, end: Position { line: 57, column: 52, }, }, }, ), ], span: Span { start: Position { line: 57, column: 47, }, end: Position { line: 57, column: 53, }, }, }, ), ], span: Span { start: Position { line: 57, column: 34, }, end: Position { line: 57, column: 55, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "default", span: Span { start: Position { line: 58, column: 9, }, end: Position { line: 58, column: 16, }, }, }, ), ], to: Identifier( Identifier { id: "false", span: Span { start: Position { line: 58, column: 23, }, end: Position { line: 58, column: 28, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "description", span: Span { start: Position { line: 59, column: 9, }, end: Position { line: 59, column: 20, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "lib", span: Span { start: Position { line: 59, column: 23, }, end: Position { line: 59, column: 26, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "mdDoc", span: Span { start: Position { line: 59, column: 27, }, end: Position { line: 59, column: 32, }, }, }, ), ], default: None, }, ), arguments: [ IndentedString( IndentedString { parts: [ Raw( PartRaw { content: "Whether to enable the Linux audit system. The special `lock' value can be used to\nenable auditing and prevent disabling it until a restart. Be careful about locking\nthis, as it will prevent you from changing your audit configuration until you\nrestart. If possible, test your configuration using build-vm beforehand.\n", span: Span { start: Position { line: 60, column: 1, }, end: Position { line: 64, column: 9, }, }, }, ), ], span: Span { start: Position { line: 59, column: 33, }, end: Position { line: 64, column: 11, }, }, }, ), ], }, ), }, ), ], span: Span { start: Position { line: 56, column: 25, }, end: Position { line: 65, column: 8, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "failureMode", span: Span { start: Position { line: 67, column: 7, }, end: Position { line: 67, column: 18, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "mkOption", span: Span { start: Position { line: 67, column: 21, }, end: Position { line: 67, column: 29, }, }, }, ), arguments: [ Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "type", span: Span { start: Position { line: 68, column: 9, }, end: Position { line: 68, column: 13, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "types", span: Span { start: Position { line: 68, column: 23, }, end: Position { line: 68, column: 28, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "enum", span: Span { start: Position { line: 68, column: 29, }, end: Position { line: 68, column: 33, }, }, }, ), ], default: None, }, ), arguments: [ List( List { elements: [ String( String_ { parts: [ Raw( PartRaw { content: "silent", span: Span { start: Position { line: 68, column: 37, }, end: Position { line: 68, column: 43, }, }, }, ), ], span: Span { start: Position { line: 68, column: 36, }, end: Position { line: 68, column: 44, }, }, }, ), String( String_ { parts: [ Raw( PartRaw { content: "printk", span: Span { start: Position { line: 68, column: 46, }, end: Position { line: 68, column: 52, }, }, }, ), ], span: Span { start: Position { line: 68, column: 45, }, end: Position { line: 68, column: 53, }, }, }, ), String( String_ { parts: [ Raw( PartRaw { content: "panic", span: Span { start: Position { line: 68, column: 55, }, end: Position { line: 68, column: 60, }, }, }, ), ], span: Span { start: Position { line: 68, column: 54, }, end: Position { line: 68, column: 61, }, }, }, ), ], span: Span { start: Position { line: 68, column: 34, }, end: Position { line: 68, column: 63, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "default", span: Span { start: Position { line: 69, column: 9, }, end: Position { line: 69, column: 16, }, }, }, ), ], to: String( String_ { parts: [ Raw( PartRaw { content: "printk", span: Span { start: Position { line: 69, column: 24, }, end: Position { line: 69, column: 30, }, }, }, ), ], span: Span { start: Position { line: 69, column: 23, }, end: Position { line: 69, column: 31, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "description", span: Span { start: Position { line: 70, column: 9, }, end: Position { line: 70, column: 20, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "lib", span: Span { start: Position { line: 70, column: 23, }, end: Position { line: 70, column: 26, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "mdDoc", span: Span { start: Position { line: 70, column: 27, }, end: Position { line: 70, column: 32, }, }, }, ), ], default: None, }, ), arguments: [ String( String_ { parts: [ Raw( PartRaw { content: "How to handle critical errors in the auditing system", span: Span { start: Position { line: 70, column: 34, }, end: Position { line: 70, column: 86, }, }, }, ), ], span: Span { start: Position { line: 70, column: 33, }, end: Position { line: 70, column: 87, }, }, }, ), ], }, ), }, ), ], span: Span { start: Position { line: 67, column: 30, }, end: Position { line: 71, column: 8, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "backlogLimit", span: Span { start: Position { line: 73, column: 7, }, end: Position { line: 73, column: 19, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "mkOption", span: Span { start: Position { line: 73, column: 22, }, end: Position { line: 73, column: 30, }, }, }, ), arguments: [ Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "type", span: Span { start: Position { line: 74, column: 9, }, end: Position { line: 74, column: 13, }, }, }, ), ], to: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "types", span: Span { start: Position { line: 74, column: 23, }, end: Position { line: 74, column: 28, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "int", span: Span { start: Position { line: 74, column: 29, }, end: Position { line: 74, column: 32, }, }, }, ), ], default: None, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "default", span: Span { start: Position { line: 75, column: 9, }, end: Position { line: 75, column: 16, }, }, }, ), ], to: Integer( Integer { value: "64", span: Span { start: Position { line: 75, column: 23, }, end: Position { line: 75, column: 25, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "description", span: Span { start: Position { line: 76, column: 9, }, end: Position { line: 76, column: 20, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "lib", span: Span { start: Position { line: 76, column: 23, }, end: Position { line: 76, column: 26, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "mdDoc", span: Span { start: Position { line: 76, column: 27, }, end: Position { line: 76, column: 32, }, }, }, ), ], default: None, }, ), arguments: [ IndentedString( IndentedString { parts: [ Raw( PartRaw { content: "The maximum number of outstanding audit buffers allowed; exceeding this is\nconsidered a failure and handled in a manner specified by failureMode.\n", span: Span { start: Position { line: 77, column: 1, }, end: Position { line: 79, column: 9, }, }, }, ), ], span: Span { start: Position { line: 76, column: 33, }, end: Position { line: 79, column: 11, }, }, }, ), ], }, ), }, ), ], span: Span { start: Position { line: 73, column: 31, }, end: Position { line: 80, column: 8, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "rateLimit", span: Span { start: Position { line: 82, column: 7, }, end: Position { line: 82, column: 16, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "mkOption", span: Span { start: Position { line: 82, column: 19, }, end: Position { line: 82, column: 27, }, }, }, ), arguments: [ Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "type", span: Span { start: Position { line: 83, column: 9, }, end: Position { line: 83, column: 13, }, }, }, ), ], to: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "types", span: Span { start: Position { line: 83, column: 23, }, end: Position { line: 83, column: 28, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "int", span: Span { start: Position { line: 83, column: 29, }, end: Position { line: 83, column: 32, }, }, }, ), ], default: None, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "default", span: Span { start: Position { line: 84, column: 9, }, end: Position { line: 84, column: 16, }, }, }, ), ], to: Integer( Integer { value: "0", span: Span { start: Position { line: 84, column: 23, }, end: Position { line: 84, column: 24, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "description", span: Span { start: Position { line: 85, column: 9, }, end: Position { line: 85, column: 20, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "lib", span: Span { start: Position { line: 85, column: 23, }, end: Position { line: 85, column: 26, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "mdDoc", span: Span { start: Position { line: 85, column: 27, }, end: Position { line: 85, column: 32, }, }, }, ), ], default: None, }, ), arguments: [ IndentedString( IndentedString { parts: [ Raw( PartRaw { content: "The maximum messages per second permitted before triggering a failure as\nspecified by failureMode. Setting it to zero disables the limit.\n", span: Span { start: Position { line: 86, column: 1, }, end: Position { line: 88, column: 9, }, }, }, ), ], span: Span { start: Position { line: 85, column: 33, }, end: Position { line: 88, column: 11, }, }, }, ), ], }, ), }, ), ], span: Span { start: Position { line: 82, column: 28, }, end: Position { line: 89, column: 8, }, }, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "rules", span: Span { start: Position { line: 91, column: 7, }, end: Position { line: 91, column: 12, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: Identifier( Identifier { id: "mkOption", span: Span { start: Position { line: 91, column: 15, }, end: Position { line: 91, column: 23, }, }, }, ), arguments: [ Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "type", span: Span { start: Position { line: 92, column: 9, }, end: Position { line: 92, column: 13, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "types", span: Span { start: Position { line: 92, column: 23, }, end: Position { line: 92, column: 28, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "listOf", span: Span { start: Position { line: 92, column: 29, }, end: Position { line: 92, column: 35, }, }, }, ), ], default: None, }, ), arguments: [ PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "types", span: Span { start: Position { line: 92, column: 36, }, end: Position { line: 92, column: 41, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "str", span: Span { start: Position { line: 92, column: 42, }, end: Position { line: 92, column: 45, }, }, }, ), ], default: None, }, ), ], }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "default", span: Span { start: Position { line: 93, column: 9, }, end: Position { line: 93, column: 16, }, }, }, ), ], to: List( List { elements: [], span: Span { start: Position { line: 93, column: 23, }, end: Position { line: 93, column: 25, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "example", span: Span { start: Position { line: 94, column: 9, }, end: Position { line: 94, column: 16, }, }, }, ), ], to: List( List { elements: [ String( String_ { parts: [ Raw( PartRaw { content: "-a exit,always -F arch=b64 -S execve", span: Span { start: Position { line: 94, column: 26, }, end: Position { line: 94, column: 62, }, }, }, ), ], span: Span { start: Position { line: 94, column: 25, }, end: Position { line: 94, column: 63, }, }, }, ), ], span: Span { start: Position { line: 94, column: 23, }, end: Position { line: 94, column: 65, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "description", span: Span { start: Position { line: 95, column: 9, }, end: Position { line: 95, column: 20, }, }, }, ), ], to: FunctionApplication( FunctionApplication { function: PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "lib", span: Span { start: Position { line: 95, column: 23, }, end: Position { line: 95, column: 26, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "mdDoc", span: Span { start: Position { line: 95, column: 27, }, end: Position { line: 95, column: 32, }, }, }, ), ], default: None, }, ), arguments: [ IndentedString( IndentedString { parts: [ Raw( PartRaw { content: "The ordered audit rules, with each string appearing as one line of the audit.rules file.\n", span: Span { start: Position { line: 96, column: 1, }, end: Position { line: 97, column: 9, }, }, }, ), ], span: Span { start: Position { line: 95, column: 33, }, end: Position { line: 97, column: 11, }, }, }, ), ], }, ), }, ), ], span: Span { start: Position { line: 91, column: 24, }, end: Position { line: 98, column: 8, }, }, }, ), ], }, ), }, ), ], span: Span { start: Position { line: 55, column: 22, }, end: Position { line: 99, column: 6, }, }, }, ), }, ), ], span: Span { start: Position { line: 54, column: 13, }, end: Position { line: 100, column: 4, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "config", span: Span { start: Position { line: 102, column: 3, }, end: Position { line: 102, column: 9, }, }, }, ), ], to: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "systemd", span: Span { start: Position { line: 103, column: 5, }, end: Position { line: 103, column: 12, }, }, }, ), Raw( PartRaw { content: "services", span: Span { start: Position { line: 103, column: 13, }, end: Position { line: 103, column: 21, }, }, }, ), Raw( PartRaw { content: "audit", span: Span { start: Position { line: 103, column: 22, }, end: Position { line: 103, column: 27, }, }, }, ), ], to: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "description", span: Span { start: Position { line: 104, column: 7, }, end: Position { line: 104, column: 18, }, }, }, ), ], to: String( String_ { parts: [ Raw( PartRaw { content: "Kernel Auditing", span: Span { start: Position { line: 104, column: 22, }, end: Position { line: 104, column: 37, }, }, }, ), ], span: Span { start: Position { line: 104, column: 21, }, end: Position { line: 104, column: 38, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "wantedBy", span: Span { start: Position { line: 105, column: 7, }, end: Position { line: 105, column: 15, }, }, }, ), ], to: List( List { elements: [ String( String_ { parts: [ Raw( PartRaw { content: "basic.target", span: Span { start: Position { line: 105, column: 21, }, end: Position { line: 105, column: 33, }, }, }, ), ], span: Span { start: Position { line: 105, column: 20, }, end: Position { line: 105, column: 34, }, }, }, ), ], span: Span { start: Position { line: 105, column: 18, }, end: Position { line: 105, column: 36, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "unitConfig", span: Span { start: Position { line: 107, column: 7, }, end: Position { line: 107, column: 17, }, }, }, ), ], to: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "ConditionVirtualization", span: Span { start: Position { line: 108, column: 9, }, end: Position { line: 108, column: 32, }, }, }, ), ], to: String( String_ { parts: [ Raw( PartRaw { content: "!container", span: Span { start: Position { line: 108, column: 36, }, end: Position { line: 108, column: 46, }, }, }, ), ], span: Span { start: Position { line: 108, column: 35, }, end: Position { line: 108, column: 47, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "ConditionSecurity", span: Span { start: Position { line: 109, column: 9, }, end: Position { line: 109, column: 26, }, }, }, ), ], to: List( List { elements: [ String( String_ { parts: [ Raw( PartRaw { content: "audit", span: Span { start: Position { line: 109, column: 32, }, end: Position { line: 109, column: 37, }, }, }, ), ], span: Span { start: Position { line: 109, column: 31, }, end: Position { line: 109, column: 38, }, }, }, ), ], span: Span { start: Position { line: 109, column: 29, }, end: Position { line: 109, column: 40, }, }, }, ), }, ), ], span: Span { start: Position { line: 107, column: 20, }, end: Position { line: 110, column: 8, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "path", span: Span { start: Position { line: 113, column: 7, }, end: Position { line: 113, column: 11, }, }, }, ), ], to: List( List { elements: [ PropertyAccess( PropertyAccess { expression: Identifier( Identifier { id: "pkgs", span: Span { start: Position { line: 113, column: 16, }, end: Position { line: 113, column: 20, }, }, }, ), attribute_path: [ Raw( PartRaw { content: "audit", span: Span { start: Position { line: 113, column: 21, }, end: Position { line: 113, column: 26, }, }, }, ), ], default: None, }, ), ], span: Span { start: Position { line: 113, column: 14, }, end: Position { line: 113, column: 28, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "serviceConfig", span: Span { start: Position { line: 115, column: 7, }, end: Position { line: 115, column: 20, }, }, }, ), ], to: Map( Map { recursive: false, bindings: [ KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "Type", span: Span { start: Position { line: 116, column: 9, }, end: Position { line: 116, column: 13, }, }, }, ), ], to: String( String_ { parts: [ Raw( PartRaw { content: "oneshot", span: Span { start: Position { line: 116, column: 17, }, end: Position { line: 116, column: 24, }, }, }, ), ], span: Span { start: Position { line: 116, column: 16, }, end: Position { line: 116, column: 25, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "RemainAfterExit", span: Span { start: Position { line: 117, column: 9, }, end: Position { line: 117, column: 24, }, }, }, ), ], to: Identifier( Identifier { id: "true", span: Span { start: Position { line: 117, column: 27, }, end: Position { line: 117, column: 31, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "ExecStart", span: Span { start: Position { line: 118, column: 9, }, end: Position { line: 118, column: 18, }, }, }, ), ], to: String( String_ { parts: [ Raw( PartRaw { content: "@", span: Span { start: Position { line: 118, column: 22, }, end: Position { line: 118, column: 72, }, }, }, ), Interpolation( PartInterpolation { expression: IfThenElse( IfThenElse { predicate: Identifier( Identifier { id: "enabled", span: Span { start: Position { line: 118, column: 28, }, end: Position { line: 118, column: 35, }, }, }, ), then: Identifier( Identifier { id: "startScript", span: Span { start: Position { line: 118, column: 41, }, end: Position { line: 118, column: 52, }, }, }, ), else_: Identifier( Identifier { id: "disableScript", span: Span { start: Position { line: 118, column: 58, }, end: Position { line: 118, column: 71, }, }, }, ), span: Span { start: Position { line: 118, column: 25, }, end: Position { line: 118, column: 71, }, }, }, ), }, ), Raw( PartRaw { content: " audit-start", span: Span { start: Position { line: 118, column: 22, }, end: Position { line: 118, column: 84, }, }, }, ), ], span: Span { start: Position { line: 118, column: 21, }, end: Position { line: 118, column: 85, }, }, }, ), }, ), KeyValue( BindingKeyValue { from: [ Raw( PartRaw { content: "ExecStop", span: Span { start: Position { line: 119, column: 9, }, end: Position { line: 119, column: 17, }, }, }, ), ], to: String( String_ { parts: [ Raw( PartRaw { content: "@", span: Span { start: Position { line: 119, column: 22, }, end: Position { line: 119, column: 36, }, }, }, ), Interpolation( PartInterpolation { expression: Identifier( Identifier { id: "stopScript", span: Span { start: Position { line: 119, column: 25, }, end: Position { line: 119, column: 35, }, }, }, ), }, ), Raw( PartRaw { content: " audit-stop", span: Span { start: Position { line: 119, column: 22, }, end: Position { line: 119, column: 47, }, }, }, ), ], span: Span { start: Position { line: 119, column: 21, }, end: Position { line: 119, column: 48, }, }, }, ), }, ), ], span: Span { start: Position { line: 115, column: 23, }, end: Position { line: 120, column: 8, }, }, }, ), }, ), ], span: Span { start: Position { line: 103, column: 30, }, end: Position { line: 121, column: 6, }, }, }, ), }, ), ], span: Span { start: Position { line: 102, column: 12, }, end: Position { line: 122, column: 4, }, }, }, ), }, ), ], span: Span { start: Position { line: 53, column: 4, }, end: Position { line: 123, column: 2, }, }, }, ), span: Span { start: Position { line: 5, column: 1, }, end: Position { line: 123, column: 2, }, }, }, ), span: Span { start: Position { line: 3, column: 1, }, end: Position { line: 123, column: 2, }, }, }, ), span: Span { start: Position { line: 1, column: 1, }, end: Position { line: 123, column: 2, }, }, }, )