Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update python3 lines to use __VERSION__ #456

Merged
merged 3 commits into from
Feb 13, 2025
Merged

Update python3 lines to use __VERSION__ #456

Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0cd95e8
Update python3 lines to use __VERSION__
tstromberg Feb 12, 2025
ed38493
Update detection/persistence/unexpected-uid0-daemon-linux.sql
egibs Feb 13, 2025
bd5182e
Update detection/persistence/unexpected-uid0-daemon-linux.sql
egibs Feb 13, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
74 changes: 38 additions & 36 deletions detection/persistence/unexpected-uid0-daemon-linux.sql
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,10 +74,10 @@ WHERE
AND p0.path != ""
AND p0.start_time < (strftime('%s', 'now') - 1200)
AND exception_key NOT IN (
'.tailscaled-wra,/nix/store/__VERSION__/bin/.tailscaled-wrapped,0,system.slice,tailscaled.service,0555',
'(sd-pam),/usr/lib/systemd/systemd-executor,0,user.slice,user-0.slice,0755',
'(sd-pam),/usr/lib/systemd/systemd,0,user.slice,user-0.slice,0755',
'(sd-pam),/usr/lib/systemd/systemd-executor,0,user.slice,user-0.slice,0755',
'(udev-worker),/usr/bin/udevadm,0,system.slice,systemd-udevd.service,0755',
'.tailscaled-wra,/nix/store/__VERSION__/bin/.tailscaled-wrapped,0,system.slice,tailscaled.service,0555',
'/usr/bin/monito,/usr/bin/perl,0,system.slice,monitorix.service,0755',
'abrt-dump-journ,/usr/bin/abrt-dump-journal-core,0,system.slice,abrt-journal-core.service,0755',
'abrt-dump-journ,/usr/bin/abrt-dump-journal-oops,0,system.slice,abrt-oops.service,0755',
Expand Down Expand Up @@ -106,24 +106,22 @@ WHERE
'auditd,/usr/sbin/auditd,0,system.slice,auditd.service,0750',
'auditd,/usr/sbin/auditd,0,system.slice,auditd.service,0755',
'bash,/usr/bin/bash,0,user.slice,user-1000.slice,0755',
'blueman-mechani,/usr/bin/python3.10,0,system.slice,blueman-mechanism.service,0755',
'blueman-mechani,/usr/bin/python__VERSION__,0,system.slice,blueman-mechanism.service,0755',
'blueman-mechanism.service,Bluetooth management mechanism,,200',
'bluetoothd,/usr/lib/bluetooth/bluetoothd,0,system.slice,bluetooth.service,0755',
'bluetoothd,/usr/libexec/bluetooth/bluetoothd,0,system.slice,bluetooth.service,0755',
'boltd,/usr/lib/boltd,0,system.slice,bolt.service,0755',
'boltd,/usr/libexec/boltd,0,system.slice,bolt.service,0755',
'bpfilter_umh,/bpfilter_umh,0,,,',
'ollama,/snap/ollama/__VERSION__/bin/ollama,0,system.slice,snap.ollama.listener.service,0755',
'canonical-livep,/snap/canonical-livepatch/__VERSION__/canonical-livepatchd,0,system.slice,snap.canonical-livepatch.canonical-livepatchd.service,0755',
'cat,/usr/bin/cat,0,user.slice,user-0.slice,0755',
'chainctl,/usr/local/bin/chainctl,0,user.slice,user-1000.slice,0755',
'containerd-shim,/usr/bin/containerd-shim-runc-v2,0,system.slice,containerd.service,0755',
'containerd-shim,/usr/bin/containerd-shim-runc-v2,0,system.slice,docker.service,0755',
'containerd,/nix/store/__VERSION__/bin/containerd,0,system.slice,docker.service,0555',
'containerd,/usr/bin/containerd,0,system.slice,containerd.service,0755',
'containerd,/usr/bin/containerd,0,system.slice,docker.service,0755',
'containerd,/usr/sbin/containerd,0,system.slice,docker.service,0755',
'indicator-cpufr,/usr/bin/python3.12,0,system.slice,dbus.service,0755',
'containerd-shim,/usr/bin/containerd-shim-runc-v2,0,system.slice,containerd.service,0755',
'containerd-shim,/usr/bin/containerd-shim-runc-v2,0,system.slice,docker.service,0755',
'cron,/usr/sbin/cron,0,system.slice,cron.service,0755',
'crond,/usr/bin/crond,0,system.slice,cronie.service,0755',
'crond,/usr/sbin/crond,0,system.slice,crond.service,0755',
Expand All @@ -147,10 +145,10 @@ WHERE
'dnsmasq,/usr/bin/dnsmasq,0,system.slice,libvirtd.service,0755',
'dnsmasq,/usr/sbin/dnsmasq,0,system.slice,libvirtd.service,0755',
'doas,/usr/bin/doas,1000,user.slice,user-1000.slice,4755',
'docker-proxy,/usr/bin/docker-proxy,0,system.slice,docker.service,0755',
'docker-proxy,/usr/libexec/docker/docker-proxy,0,system.slice,docker.service,0755',
'docker,/usr/bin/docker,0,user.slice,user-1000.slice,0755',
'docker,/usr/local/bin/docker,0,user.slice,user-1000.slice,0755',
'docker-proxy,/usr/bin/docker-proxy,0,system.slice,docker.service,0755',
'docker-proxy,/usr/libexec/docker/docker-proxy,0,system.slice,docker.service,0755',
'dockerd,/nix/store/__VERSION__/libexec/docker/dockerd,0,system.slice,docker.service,0555',
'dockerd,/snap/docker/__VERSION__/bin/dockerd,0,system.slice,snap.docker.dockerd.service,0755',
'dockerd,/usr/bin/dockerd,0,system.slice,docker.service,0755',
Expand All @@ -159,10 +157,10 @@ WHERE
'elastic-endpoin,/opt/Elastic/Endpoint/elastic-endpoint,0,elasticendpoint,,0500',
'elastic-endpoin,/opt/Elastic/Endpoint/elastic-endpoint,0,system.slice,ElasticEndpoint.service,0500',
'elastic-endpoin,/var/opt/Elastic/Endpoint/elastic-endpoint,0,elasticendpoint,,0500',
'execsnoop-bpfcc,/usr/bin/python3.10,0,system.slice,com.system76.Scheduler.service,0755',
'firewalld,/usr/bin/python3.10,0,system.slice,firewalld.service,0755',
'firewalld,/usr/bin/python3.12,0,system.slice,firewalld.service,0755',
'firewalld,/usr/bin/python3.13,0,system.slice,firewalld.service,0755',
'execsnoop-bpfcc,/usr/bin/python__VERSION__,0,system.slice,com.system76.Scheduler.service,0755',
'firewalld,/usr/bin/python__VERSION__,0,system.slice,firewalld.service,0755',
'firewalld,/usr/bin/python__VERSION__,0,system.slice,firewalld.service,0755',
'firewalld,/usr/bin/python__VERSION__,0,system.slice,firewalld.service,0755',
'firewalld,/usr/bin/python__VERSION__,0,system.slice,firewalld.service,0755',
'fish,/usr/bin/fish,0,user.slice,user-1000.slice,0755',
'flatpak-system-,/usr/lib/flatpak-system-helper,0,system.slice,flatpak-system-helper.service,0755',
Expand Down Expand Up @@ -208,8 +206,9 @@ WHERE
'incusd,/usr/libexec/incus/incusd,0,lxc.monitor.cheerful-parakeet,,0755',
'incusd,/usr/libexec/incus/incusd,0,lxc.monitor.pure-dodo,,0755',
'incusd,/usr/libexec/incus/incusd,0,system.slice,incus.service,0755',
'input-remapper-,/usr/bin/python3.12,0,system.slice,input-remapper.service,0755',
'input-remapper-,/usr/bin/python3.13,0,system.slice,input-remapper.service,0755',
'indicator-cpufr,/usr/bin/python__VERSION__,0,system.slice,dbus.service,0755',
'input-remapper-,/usr/bin/python__VERSION__,0,system.slice,input-remapper.service,0755',
'input-remapper-,/usr/bin/python__VERSION__,0,system.slice,input-remapper.service,0755',
'ir_agent,/opt/rapid7/ir_agent/components/insight_agent/__VERSION__/ir_agent,0,system.slice,ir_agent.service,',
'ir_agent,/opt/rapid7/ir_agent/components/insight_agent/__VERSION__/ir_agent,0,system.slice,ir_agent.service,0700',
'ir_agent,/opt/rapid7/ir_agent/ir_agent,0,system.slice,ir_agent.service,',
Expand All @@ -218,12 +217,13 @@ WHERE
'iwd,/usr/lib/iwd/iwd,0,system.slice,iwd.service,0755',
'just,/usr/bin/just,0,user.slice,user-1000.slice,0755',
'keyd,/usr/local/bin/keyd,0,system.slice,keyd.service,0755',
'launcher,/opt/kolide-k2/bin/launcher-updates/__VERSION__/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/opt/kolide-k2/bin/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/opt/kolide-k2/bin/launcher-updates/__VERSION__/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/usr/lib/opt/kolide-k2/bin/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/usr/local/kolide-k2/bin/launcher-updates/__VERSION__/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/usr/local/kolide-k2/bin/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/usr/local/kolide-k2/bin/launcher-updates/__VERSION__/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/var/kolide-k2/k2device.kolide.com/updates/launcher/__VERSION__/launcher,0,system.slice,launcher.kolide-k2.service,0755',
'launcher,/var/vanta/launcher,0,system.slice,vanta.service,0755',
'libvirtd,/usr/bin/libvirtd,0,system.slice,libvirtd.service,0755',
'libvirtd,/usr/sbin/libvirtd,0,system.slice,libvirtd.service,0755',
'lightdm,/nix/store/__VERSION__/bin/lightdm,0,system.slice,display-manager.service,0555',
Expand All @@ -247,18 +247,15 @@ WHERE
'mc,/usr/bin/mc,0,user.slice,user-0.slice,0755',
'mcelog,/usr/sbin/mcelog,0,system.slice,mcelog.service,0755',
'metalauncher,/var/vanta/metalauncher,0,system.slice,vanta.service,0755',
'launcher,/var/vanta/launcher,0,system.slice,vanta.service,0755',
'osqueryd,/var/vanta/osqueryd,0,system.slice,vanta.service,0755',
'osquery-vanta.e,/var/vanta/osquery-vanta.ext,0,system.slice,vanta.service,0755',
'ModemManager,/usr/sbin/ModemManager,0,system.slice,ModemManager.service,0755',
'mount.ntfs,/usr/bin/ntfs-3g,0,system.slice,udisks2.service,0755',
'multipassd,/snap/multipass/__VERSION__/bin/multipassd,0,system.slice,snap.multipass.multipassd.service,0755',
'multipathd,/usr/sbin/multipathd,0,system.slice,multipathd.service,0755',
'nessus-service,/opt/nessus/sbin/nessus-service,0,system.slice,nessusd.service,0755',
'nessusd,/opt/nessus/sbin/nessusd,0,system.slice,nessusd.service,0755',
'networkd-dispat,/usr/bin/python__VERSION__,0,system.slice,networkd-dispatcher.service,0755',
'networkd-dispat,/usr/bin/python3.10,0,system.slice,networkd-dispatcher.service,0755',
'networkd-dispat,/usr/bin/python3.12,0,system.slice,networkd-dispatcher.service,0755',
'networkd-dispat,/usr/bin/python__VERSION__,0,system.slice,networkd-dispatcher.service,0755',
'networkd-dispat,/usr/bin/python__VERSION__,0,system.slice,networkd-dispatcher.service,0755',
'NetworkManager,/usr/bin/NetworkManager,0,system.slice,NetworkManager.service,0755',
'NetworkManager,/usr/sbin/NetworkManager,0,system.slice,NetworkManager.service,0755',
'newgrp,/usr/bin/newgrp,1000,user.slice,user-1000.slice,4755',
Expand All @@ -267,14 +264,18 @@ WHERE
'nm-dispatcher,/usr/libexec/nm-dispatcher,0,system.slice,NetworkManager-dispatcher.service,0755',
'nm-openvpn-serv,/usr/libexec/nm-openvpn-service,0,system.slice,NetworkManager.service,0755',
'nvidia-powerd,/usr/bin/nvidia-powerd,0,system.slice,nvidia-powerd.service,0755',
'ollama,/snap/ollama/__VERSION__/bin/ollama,0,system.slice,snap.ollama.listener.service,0755',
'ollama_llama_se,/tmp/ollama__VERSION__/runners/cpu_avx2/ollama_llama_server,0,system.slice,snap.ollama.listener.service,',
'orbit,/opt/orbit/bin/orbit/linux/stable/orbit,0,system.slice,orbit.service,0755',
'osquery-extensi,/nix/store/__VERSION__/bin/osquery-extension.ext,0,system.slice,kolide-launcher.service,0555',
'osquery-vanta.e,/var/vanta/osquery-vanta.ext,0,system.slice,vanta.service,0755',
'osqueryd,/nix/store/__VERSION__/bin/osqueryd,0,system.slice,kolide-launcher.service,0555',
'osqueryd,/opt/orbit/bin/osqueryd/linux/stable/osqueryd,0,system.slice,orbit.service,0755',
'osqueryd,/usr/lib/opt/kolide-k2/bin/osqueryd,0,system.slice,launcher.kolide-k2.service,0755',
'osqueryd,/usr/local/kolide-k2/bin/osqueryd-updates/__VERSION__/osqueryd,0,system.slice,launcher.kolide-k2.service,0755',
'osqueryd,/usr/local/kolide-k2/bin/osqueryd,0,system.slice,launcher.kolide-k2.service,0755',
'osqueryd,/usr/local/kolide-k2/bin/osqueryd-updates/__VERSION__/osqueryd,0,system.slice,launcher.kolide-k2.service,0755',
'osqueryd,/var/kolide-k2/k2device.kolide.com/updates/osqueryd/__VERSION__/osqueryd,0,system.slice,launcher.kolide-k2.service,0755',
'osqueryd,/var/vanta/osqueryd,0,system.slice,vanta.service,0755',
'osqueryi,/usr/bin/osqueryd,0,user.slice,user-1000.slice,0755',
'osqueryi,/var/usrlocal/bin/osqueryi,0,user.slice,user-1000.slice,0755',
'ostree,/usr/bin/ostree,0,system.slice,ostree-finalize-staged-hold.service,0755',
Expand All @@ -293,9 +294,9 @@ WHERE
'power-profiles-,/usr/lib/power-profiles-daemon,0,system.slice,power-profiles-daemon.service,0755',
'power-profiles-,/usr/libexec/power-profiles-daemon,0,system.slice,power-profiles-daemon.service,0755',
'pwrstatd,/usr/sbin/pwrstatd,0,system.slice,pwrstatd.service,0700',
'python3,/usr/bin/python__VERSION__,0,system.slice,dbus.service,0755',
'python3,/usr/bin/python__VERSION__,0,system.slice,system-dbus\x2d:1.1\x2dorg.pop_os.transition_system.slice,0755',
'python3,/usr/bin/python__VERSION__,0,system.slice,ubuntu-advantage.service,0755',
'python3,/usr/bin/python3.10,0,system.slice,system-dbus\x2d:1.1\x2dorg.pop_os.transition_system.slice,0755',
'python3,/usr/bin/python3.12,0,system.slice,dbus.service,0755',
'qemu-ga,/usr/bin/qemu-ga,0,system.slice,qemu-guest-agent.service,0755',
'qemu-nbd,/usr/bin/qemu-nbd,0,user.slice,user-1000.slice,0755',
'qualys-cloud-ag,/usr/local/qualys/cloud-agent/bin/qualys-cloud-agent,0,system.slice,qualys-cloud-agent.service,0700',
Expand All @@ -307,10 +308,10 @@ WHERE
'runc,/usr/bin/runc,0,system.slice,docker.service,0755',
'scdaemon,/usr/libexec/scdaemon,0,system.slice,packagekit.service,0755',
'scdaemon,/usr/libexec/scdaemon,0,user.slice,user-1000.slice,0755',
'sddm,/usr/bin/sddm,0,system.slice,sddm.service,0755',
'sddm-helper,/usr/lib/sddm/sddm-helper,0,user.slice,user-1000.slice,0755',
'sddm-helper,/usr/lib/x86_64-linux-gnu/sddm/sddm-helper,0,user.slice,user-1000.slice,0755',
'sddm-helper,/usr/libexec/sddm-helper,0,user.slice,user-1000.slice,0755',
'sddm,/usr/bin/sddm,0,system.slice,sddm.service,0755',
'sedispatch,/usr/sbin/sedispatch,0,system.slice,auditd.service,0755',
'sg,/usr/bin/newgrp,1000,user.slice,user-1000.slice,4755',
'sh,/nix/store/__VERSION__/bin/bash,0,system.slice,znapzend.service,0555',
Expand Down Expand Up @@ -340,6 +341,7 @@ WHERE
'switcheroo-cont,/usr/libexec/switcheroo-control,0,system.slice,switcheroo-control.service,0755',
'system76-power,/usr/bin/system76-power,0,system.slice,com.system76.PowerDaemon.service,0755',
'system76-schedu,/usr/bin/system76-scheduler,0,system.slice,com.system76.Scheduler.service,0755',
'systemd,/usr/lib/systemd/systemd,0,user.slice,user-0.slice,0755',
'systemd-coredum,/nix/store/__VERSION__/lib/systemd/systemd-coredump,0,,,0555',
'systemd-homed,/usr/lib/systemd/systemd-homed,0,system.slice,systemd-homed.service,0755',
'systemd-hostnam,/usr/lib/systemd/systemd-hostnamed,0,system.slice,systemd-hostnamed.service,0755',
Expand All @@ -358,23 +360,23 @@ WHERE
'systemd-udevd,/usr/bin/udevadm,0,system.slice,systemd-udevd.service,0755',
'systemd-userdbd,/usr/lib/systemd/systemd-userdbd,0,system.slice,systemd-userdbd.service,0755',
'systemd-userwor,/usr/lib/systemd/systemd-userwork,0,system.slice,systemd-userdbd.service,0755',
'systemd,/usr/lib/systemd/systemd,0,user.slice,user-0.slice,0755',
'tailscaled,/usr/bin/tailscaled,0,system.slice,tailscaled.service,0755',
'tailscaled,/usr/sbin/tailscaled,0,system.slice,tailscaled.service,0755',
'tcpdump,/usr/bin/tcpdump,0,user.slice,user-1000.slice,0755',
'thermald,/usr/sbin/thermald,0,system.slice,thermald.service,0755',
'touchegg,/usr/bin/touchegg,0,system.slice,touchegg.service,0755',
'tuned,/usr/bin/python3.12,0,system.slice,tuned.service,0755',
'tuned,/usr/bin/python3.13,0,system.slice,tuned.service,0755',
'tuned,/usr/bin/python__VERSION__,0,system.slice,tuned.service,0755',
'tuned,/usr/bin/python__VERSION__,0,system.slice,tuned.service,0755',
'tuned-ppd,/usr/bin/python__VERSION__,0,system.slice,tuned-ppd.service,0755',
'ubuntu-advantag,/usr/libexec/ubuntu-advantage-desktop-daemon,0,system.slice,ubuntu-advantage-desktop-daemon.service,0755',
'udisksd,/nix/store/__VERSION__/libexec/udisks2/udisksd,0,system.slice,udisks2.service,0555',
'udisksd,/usr/lib/udisks2/udisksd,0,system.slice,udisks2.service,0755',
'udisksd,/usr/libexec/udisks2/udisksd,0,system.slice,udisks2.service,0755',
'unattended-upgr,/usr/bin/python__VERSION__,0,system.slice,apt-daily-upgrade.service,0755',
'unattended-upgr,/usr/bin/python__VERSION__,0,system.slice,unattended-upgrades.service,0755',
'unattended-upgr,/usr/bin/python__VERSION__,0,system.slice,unattended-upgrades.service,0755',
'unattended-upgr,/usr/bin/python__VERSION__,0,system.slice,unattended-upgrades.service,0755',
'unattended-upgr,/usr/bin/python__VERSION__,0,system.slice,unattended-upgrades.service,0755',
'unattended-upgr,/usr/bin/python3.10,0,system.slice,unattended-upgrades.service,0755',
'unattended-upgr,/usr/bin/python3.12,0,system.slice,apt-daily-upgrade.service,0755',
'unattended-upgr,/usr/bin/python3.12,0,system.slice,unattended-upgrades.service,0755',
'unattended-upgr,/usr/bin/python3.9,0,system.slice,unattended-upgrades.service,0755',
'upowerd,/usr/lib/upowerd,0,system.slice,upower.service,0755',
'upowerd,/usr/libexec/upower/upowerd,0,system.slice,upower.service,0755',
'upowerd,/usr/libexec/upowerd,0,system.slice,upower.service,0755',
Expand All @@ -390,9 +392,9 @@ WHERE
'wpa_supplicant,/usr/bin/wpa_supplicant,0,system.slice,wpa_supplicant.service,0755',
'wpa_supplicant,/usr/sbin/wpa_supplicant,0,system.slice,wpa_supplicant.service,0755',
'X,/nix/store/__VERSION__/bin/Xorg,0,system.slice,display-manager.service,0555',
'xdg-desktop-por,/usr/libexec/xdg-desktop-portal,0,user.slice,user-1000.slice,0755',
'xdg-desktop-por,/usr/libexec/xdg-desktop-portal-gnome,0,user.slice,user-1000.slice,0755',
'xdg-desktop-por,/usr/libexec/xdg-desktop-portal-gtk,0,user.slice,user-1000.slice,0755',
'xdg-desktop-por,/usr/libexec/xdg-desktop-portal,0,user.slice,user-1000.slice,0755',
'xdg-document-po,/usr/libexec/xdg-document-portal,0,user.slice,user-1000.slice,0755',
'xdg-permission-,/usr/libexec/xdg-permission-store,0,user.slice,user-0.slice,0755',
'xdg-permission-,/usr/libexec/xdg-permission-store,0,user.slice,user-1000.slice,0755',
Expand All @@ -403,11 +405,11 @@ WHERE
'yum,/usr/bin/python__VERSION__,0,user.slice,user-1000.slice,0755',
'zed,/nix/store/__VERSION__/bin/zed,0,system.slice,zfs-zed.service,0555',
'zed,/usr/sbin/zed,0,system.slice,zfs-zed.service,0755',
'zfs-auto-snapsh,/nix/store/__VERSION__/bin/ruby,0,system.slice,zfs-snapshot-frequent.service,0555',
'zfs-auto-snapsh,/nix/store/__VERSION__/bin/ruby,0,system.slice,zfs-snapshot-hourly.service,0555',
'zfs,/nix/store/__VERSION__/bin/zfs,0,system.slice,zfs-snapshot-frequent.service,0555',
'zfs,/nix/store/__VERSION__/bin/zfs,0,system.slice,zfs-snapshot-hourly.service,0555',
'zfs,/nix/store/__VERSION__/bin/zfs,0,system.slice,znapzend.service,0555'
egibs marked this conversation as resolved.
Show resolved Hide resolved
'zfs-auto-snapsh,/nix/store/__VERSION__/bin/ruby,0,system.slice,zfs-snapshot-frequent.service,0555',
'zfs-auto-snapsh,/nix/store/__VERSION__/bin/ruby,0,system.slice,zfs-snapshot-hourly.service,0555',
egibs marked this conversation as resolved.
Show resolved Hide resolved
)
AND NOT exception_key LIKE '%beat,%/opt/Elastic/Agent/data/elastic-%/components/%beat,0,system.slice,elastic-agent.service,%'
AND NOT exception_key LIKE 'abrt-dbus,/usr/sbin/abrt-dbus,0,system.slice,system-dbus%org.freedesktop.problems.slice,%'
Expand Down
Loading