* [gentoo-commits] proj/autodep:master commit in: logger/src/autodep/logfs/, logger/src/autodep/, logger/src/hook_lib/
@ 2011-06-08 12:28 Александр Берсенев
0 siblings, 0 replies; 3+ messages in thread
From: Александр Берсенев @ 2011-06-08 12:28 UTC (permalink / raw
To: gentoo-commits
commit: fe9c5d3edef96cea2ccc3f83d079cbfa560b6071
Author: Alexander Bersenev <bay <AT> hackerdom <DOT> ru>
AuthorDate: Wed Jun 8 18:28:13 2011 +0000
Commit: Александр Берсенев <bay <AT> hackerdom <DOT> ru>
CommitDate: Wed Jun 8 18:28:13 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/autodep.git;a=commit;h=fe9c5d3e
big commit: part 2, modified python and C part of logger library
---
logger/src/autodep/logfs/fstracer.py | 38 +++++++-----
logger/src/autodep/logfs/fstracer.pyc | Bin 3519 -> 0 bytes
logger/src/autodep/logfs/test_fstracer.py | 4 +-
logger/src/autodep/showfsevents.py | 10 +++-
logger/src/hook_lib/file_hook.c | 99 +++++++++++++++++------------
5 files changed, 90 insertions(+), 61 deletions(-)
diff --git a/logger/src/autodep/logfs/fstracer.py b/logger/src/autodep/logfs/fstracer.py
index a4e0bf5..5c522eb 100644
--- a/logger/src/autodep/logfs/fstracer.py
+++ b/logger/src/autodep/logfs/fstracer.py
@@ -11,6 +11,10 @@ import socket
import select
import re
+import logger_hooklib
+import logger_fusefs
+
+
def unescape(s):
s=re.sub(r'\\r', '\r', s)
s=re.sub(r'\\n', '\n', s)
@@ -42,7 +46,7 @@ def checkfinished(pid):
# run the program and get file access events
-def getfsevents(prog_name,arguments):
+def getfsevents(prog_name,arguments,approach="hooklib"):
events=[]
# generate a random socketname
tmpdir = tempfile.mkdtemp()
@@ -60,16 +64,21 @@ def getfsevents(prog_name,arguments):
#print socketname
pid=os.fork()
- if pid==0:
- # wait while the socket opens
- try:
- os.execvpe(prog_name, arguments,{
- "LD_PRELOAD":"/home/bay/gsoc/logger/src/hook_lib/file_hook.so",
- "LOG_SOCKET":socketname
- })
- except OSError, e:
- print "Failed to launch the programm: %s" % e
+ if pid==0:
+ logger=None
+ if approach=="hooklib":
+ logger=logger_hooklib.logger(socketname)
+ elif approach=="fusefs":
+ logger=logger_fusefs.logger(socketname)
+ else:
+ print "Unknown logging approach"
sys.exit(1)
+
+ logger.execprog(prog_name,arguments)
+
+ # should not get here
+ print "Launch likely was unsuccessful"
+ sys.exit(1)
else:
input = [sock_listen]
connects = 0;
@@ -87,21 +96,18 @@ def getfsevents(prog_name,arguments):
pass
else:
(client,addr)=ret
- #print "Client accepted\n";
- connects+=1;
+ connects+=1; # client accepted
input.append(client)
buffers[client]=''
else:
data=s.recv(65536)
- #print "Recv: %s" % data
- #print "fileno:%d" % s.fileno()
buffers[s]+=data
if not data:
s.close()
input.remove(s)
- #buffers[s]=""
+ buffers[s]=""
connects-=1;
if connects==0:
input.remove(sock_listen)
@@ -130,7 +136,7 @@ def getfsevents(prog_name,arguments):
if len(input)==1 and connects==0:
# seems like there is no connect
- print "It seems like a logger module was unabe to start." + \
+ print "It seems like a logger module was unable to start." + \
"Check that you are not launching a suid program under non-root user."
return []
diff --git a/logger/src/autodep/logfs/fstracer.pyc b/logger/src/autodep/logfs/fstracer.pyc
deleted file mode 100644
index 9aeedac..0000000
Binary files a/logger/src/autodep/logfs/fstracer.pyc and /dev/null differ
diff --git a/logger/src/autodep/logfs/test_fstracer.py b/logger/src/autodep/logfs/test_fstracer.py
index 26253a5..9a3df67 100644
--- a/logger/src/autodep/logfs/test_fstracer.py
+++ b/logger/src/autodep/logfs/test_fstracer.py
@@ -13,13 +13,13 @@ class simple_tests(unittest.TestCase):
['/bin/cat','/etc/passwd']),
[['open', '/etc/passwd']])
- """
+
def test_open_many(self):
filesnum=200
self.assertEqual(fstracer.getfsevents('/bin/cat',
['/bin/cat']+map(lambda x: 'file'+str(x),range(0,filesnum))),
map(lambda x: ['open','file'+str(x)],range(0,filesnum)))
- """
+
def test_parralel(self):
filesnum=200
diff --git a/logger/src/autodep/showfsevents.py b/logger/src/autodep/showfsevents.py
index 8e4647a..b53a1da 100755
--- a/logger/src/autodep/showfsevents.py
+++ b/logger/src/autodep/showfsevents.py
@@ -1,8 +1,16 @@
#!/usr/bin/env python2
import os
+import sys
import logfs.fstracer
-logfs.fstracer.getfsevents("/bin/sh", ["sh" , "-c", "/usr/bin/tac bay_success; /usr/bin/tac bay_god bay_god2"])
+#logfs.fstracer.getfsevents("/bin/sh", ["sh" , "-c", "/usr/bin/tac bay_success; /usr/bin/tac bay_god bay_god2"])
+#events=logfs.fstracer.getfsevents("/bin/cat", ["cat" , "l l l"])
+if len(sys.argv)<2:
+ print "Usage: showfsevents.py <command>"
+ exit(1)
+
+events=logfs.fstracer.getfsevents(sys.argv[1], sys.argv[1:])
+print events
#logfs.fstracer.getfsevents("emerge", ["emerge","--info"])
\ No newline at end of file
diff --git a/logger/src/hook_lib/file_hook.c b/logger/src/hook_lib/file_hook.c
index ec7658e..d17becc 100644
--- a/logger/src/hook_lib/file_hook.c
+++ b/logger/src/hook_lib/file_hook.c
@@ -12,6 +12,7 @@
#define _FCNTL_H
#include <bits/fcntl.h>
+#include <bits/stat.h>
#include <sys/socket.h>
#include <sys/un.h>
@@ -23,21 +24,28 @@
int (*_open)(const char * pathname, int flags, ...);
int (*_open64)(const char * pathname, int flags, ...);
+FILE * (*_fopen)(const char *path, const char *mode);
+FILE * (*_fopen64)(const char *path, const char *mode);
int (*_execve)(const char *filename, char *const argv[],char *const envp[]);
pid_t (*_fork)();
-FILE *log_file_handle; // one of these two vars will be used for logging
+FILE *log_file; // one of these two vars will be used for logging
int log_socket=-1;
int is_log_into_socket=0;
void __doinit(){
+ //stat(NULL,NULL);
_open = (int (*)(const char * pathname, int flags, ...)) dlsym(RTLD_NEXT, "open");
_open64 = (int (*)(const char * pathname, int flags, ...)) dlsym(RTLD_NEXT, "open64");
+ _fopen = (FILE * (*)(const char *path, const char *mode)) dlsym(RTLD_NEXT, "fopen");
+ _fopen64 = (FILE * (*)(const char *path, const char *mode)) dlsym(RTLD_NEXT, "fopen64");
_execve = (int (*)(const char *filename, char *const argv[],char *const envp[])) dlsym(RTLD_NEXT, "execve");
_fork = (pid_t (*)()) dlsym(RTLD_NEXT, "fork");
- if(_open==NULL || _open64==NULL || execve==NULL || _fork==NULL) {
+ if(_open==NULL || _open64==NULL ||
+ _fopen==NULL || _fopen64==NULL ||
+ execve==NULL || _fork==NULL) {
fprintf(stderr,"Failed to load original functions of hook\n");
exit(1);
}
@@ -48,7 +56,7 @@ void __doinit(){
fprintf(stderr,"Using stderr as output for logs "
"because the LOG_SOCKET environment variable isn't defined.\n");
- log_file_handle=stderr;
+ log_file=stderr;
} else {
is_log_into_socket=1;
@@ -56,9 +64,7 @@ void __doinit(){
fprintf(stderr,"Unable to create a unix-socket %s: socket name is too long,exiting\n", log_socket_name);
exit(1);
}
-
- //fprintf(stderr,"Using a socket for logging: %s\n",log_socket_name);
-
+
log_socket=socket(AF_UNIX, SOCK_STREAM, 0);
if(log_socket==-1) {
fprintf(stderr,"Unable to create a unix-socket %s: %s\n", log_socket_name, strerror(errno));
@@ -76,9 +82,9 @@ void __doinit(){
exit(1);
}
- log_file_handle=fdopen(log_socket,"r+");
+ log_file=fdopen(log_socket,"r+");
- if(log_file_handle==NULL) {
+ if(log_file==NULL) {
fprintf(stderr,"Unable to open a socket for a steam writing: %s\n", strerror(errno));
exit(1);
}
@@ -86,8 +92,8 @@ void __doinit(){
}
void __dofini() {
- fflush(log_file_handle);
- fclose(log_file_handle);
+ fflush(log_file);
+ fclose(log_file);
if(is_log_into_socket)
close(log_socket);
@@ -125,12 +131,6 @@ void __print_escaped(FILE *fh ,const char *s){
}
/*
- * Fprint
-*/
-
-//void __fprint
-
-/*
* Get a pid of the parent proccess
* Parse the /proc/pid/stat
* We need a first number after last ')' character
@@ -140,14 +140,14 @@ pid_t __getparentpid(pid_t pid){
snprintf(filename,MAXPATHLEN, "/proc/%d/stat",pid);
FILE *stat_file_handle=fopen(filename,"r");
if(stat_file_handle==NULL) {
- fprintf(log_file_handle,"NULL");
+ fprintf(log_file,"NULL");
return 0;
}
char filedata[MAXFILEBUFFLEN];
size_t bytes_readed=fread(filedata,sizeof(char),MAXFILEBUFFLEN,stat_file_handle);
if(bytes_readed==0 || bytes_readed>=MAXFILEBUFFLEN) {
- fprintf(log_file_handle,"NULL");
+ fprintf(log_file,"NULL");
fclose(stat_file_handle);
return 0;
}
@@ -156,7 +156,7 @@ pid_t __getparentpid(pid_t pid){
char *beg_scan_offset=rindex(filedata,')');
if(beg_scan_offset==NULL) {
- fprintf(log_file_handle,"NULL");
+ fprintf(log_file,"NULL");
fclose(stat_file_handle);
return 0;
}
@@ -164,7 +164,7 @@ pid_t __getparentpid(pid_t pid){
pid_t parent_pid;
int tokens_readed=sscanf(beg_scan_offset,") %*c %d",&parent_pid);
if(tokens_readed!=1) {
- fprintf(log_file_handle,"NULL");
+ fprintf(log_file,"NULL");
fclose(stat_file_handle);
return 0;
}
@@ -185,7 +185,7 @@ void __print_cmdline(pid_t pid) {
snprintf(filename,MAXPATHLEN, "/proc/%d/cmdline",pid);
FILE *cmdline_file_handle=fopen(filename,"r");
if(cmdline_file_handle==NULL) {
- fprintf(log_file_handle,"UNKNOWN");
+ fprintf(log_file,"UNKNOWN");
return;
}
@@ -197,14 +197,14 @@ void __print_cmdline(pid_t pid) {
int i;
for(i=0; i<readed; i++) {
if(read_buffer[i]==0) {
- __print_escaped(log_file_handle,last_printed);
- fprintf(log_file_handle,"\\0");
+ __print_escaped(log_file,last_printed);
+ fprintf(log_file,"\\0");
last_printed=read_buffer+i+1;
}
}
read_buffer[readed]=0;
if(last_printed<read_buffer+readed)
- __print_escaped(log_file_handle,last_printed); // print rest of buffer
+ __print_escaped(log_file,last_printed); // print rest of buffer
} while(readed==MAXFILEBUFFLEN);
fclose(cmdline_file_handle);
@@ -213,26 +213,26 @@ void __print_cmdline(pid_t pid) {
/*
* Format of log string: time event file flags result parents
*/
-void __hook_log(const char *event_type, const char *filename, char* result, int err) {
+void __hook_log(const char *event_type, const char *filename, int result, int err) {
- fprintf(log_file_handle,"%lld ",(unsigned long long)time(NULL));
+ fprintf(log_file,"%lld ",(unsigned long long)time(NULL));
- __print_escaped(log_file_handle, event_type);
- fprintf(log_file_handle," ");
- __print_escaped(log_file_handle, filename);
- fprintf(log_file_handle," %s %d ", result, err);
+ __print_escaped(log_file, event_type);
+ fprintf(log_file," ");
+ __print_escaped(log_file, filename);
+ fprintf(log_file," %d %d %d", result, err, getpid());
// TODO: add a parent processes in output
- pid_t pid;
- __getparentpid(getpid());
- for(pid=getpid();pid!=0;pid=__getparentpid(pid)){
- __print_cmdline(pid);
- if(pid!=1)
- fprintf(log_file_handle,",");
+// pid_t pid;
+// __getparentpid(getpid());
+// for(pid=getpid();pid!=0;pid=__getparentpid(pid)){
+// __print_cmdline(pid);
+// if(pid!=1)
+// fprintf(log_file,",");
- }
+// }
- fprintf(log_file_handle,"\n");
- fflush(log_file_handle);
+ fprintf(log_file,"\n");
+ fflush(log_file);
}
int open(const char * pathname, int flags, mode_t mode) {
@@ -242,7 +242,7 @@ int open(const char * pathname, int flags, mode_t mode) {
else
ret=_open(pathname, flags, 0);
- __hook_log("open",pathname,"todo",errno);
+ __hook_log("open",pathname,ret,errno);
return ret;
}
@@ -255,14 +255,29 @@ int open64(const char * pathname, int flags, mode_t mode) {
else
ret=_open64(pathname, flags, 0);
- __hook_log("open64",pathname,"todo",errno);
+ __hook_log("open",pathname,ret,errno);
return ret;
}
+FILE *fopen(const char *path, const char *mode) {
+ FILE *ret;
+ ret=_fopen(path,mode);
+ __hook_log("open",path,0,errno);
+ return ret;
+}
+
+FILE *fopen64(const char *path, const char *mode) {
+ FILE *ret;
+ ret=_fopen64(path,mode);
+ __hook_log("open",path,0,errno);
+ return ret;
+}
+
+
int execve(const char *filename, char *const argv[],
char *const envp[]) {
- __hook_log("execve",filename,"todo",0);
+ __hook_log("execve",filename,0,0);
int ret=_execve(filename, argv, envp);
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] proj/autodep:master commit in: logger/src/autodep/logfs/, logger/src/autodep/, logger/src/hook_lib/
@ 2011-06-30 20:04 Александр Берсенев
0 siblings, 0 replies; 3+ messages in thread
From: Александр Берсенев @ 2011-06-30 20:04 UTC (permalink / raw
To: gentoo-commits
commit: a211bf1d95a0adae7aa76539fcc9789aa0c1644c
Author: Alexander Bersenev <bay <AT> hackerdom <DOT> ru>
AuthorDate: Fri Jul 1 02:04:09 2011 +0000
Commit: Александр Берсенев <bay <AT> hackerdom <DOT> ru>
CommitDate: Fri Jul 1 02:04:09 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/autodep.git;a=commit;h=a211bf1d
fixed a very nasty issue with environment variables
---
logger/src/autodep/logfs/fstracer.py | 17 ++-
logger/src/autodep/showfsevents.py | 1 +
logger/src/hook_lib/file_hook.c | 280 +++++++++++++++++++++++++++++-----
3 files changed, 253 insertions(+), 45 deletions(-)
diff --git a/logger/src/autodep/logfs/fstracer.py b/logger/src/autodep/logfs/fstracer.py
index 7ceb36e..1b99f8e 100644
--- a/logger/src/autodep/logfs/fstracer.py
+++ b/logger/src/autodep/logfs/fstracer.py
@@ -132,10 +132,10 @@ def getfsevents(prog_name,arguments,approach="hooklib",filterproc=defaultfilter)
sock_listen.setsockopt(socket.SOL_SOCKET, socket.SO_REUSEADDR, 1)
sock_listen.bind(socketname)
- sock_listen.listen(1024)
+ sock_listen.listen(64)
# enable connect a socket for anyone
os.chmod(tmpdir,stat.S_IRUSR|stat.S_IWUSR|stat.S_IXUSR|stat.S_IROTH|stat.S_IWOTH|stat.S_IXOTH)
- os.chmod(socketname,stat.S_IRUSR|stat.S_IWUSR|stat.S_IROTH|stat.S_IWOTH)
+ os.chmod(socketname,stat.S_IRUSR|stat.S_IWUSR|stat.S_IXUSR|stat.S_IROTH|stat.S_IWOTH|stat.S_IXOTH)
except socket.error, e:
print "Failed to create a socket for exchange data with the logger: %s" % e
@@ -168,19 +168,26 @@ def getfsevents(prog_name,arguments,approach="hooklib",filterproc=defaultfilter)
stop=0
was_first_connect=False
+ #print "fileno listen: %d",sock_listen.fileno()
+
while stop==0:
sock_events = epoll.poll(3)
for fileno, sock_event in sock_events:
if fileno == sock_listen.fileno():
+ #print "\n\nEVENT\n\n"
ret = sock_listen.accept()
+ #print ret
if ret is None:
+ # print "\n\nPASS\n\n"
pass
else:
(client,addr)=ret
+ # print client
connects+=1; # client accepted
was_first_connect=True
epoll.register(client.fileno(), select.EPOLLIN)
clients[client.fileno()]=client
+ #print "opened %d" % client.fileno()
#elif sock_event & select.EPOLLHUP:
#epoll.unregister(fileno)
#clients[fileno].close()
@@ -196,7 +203,7 @@ def getfsevents(prog_name,arguments,approach="hooklib",filterproc=defaultfilter)
clients[fileno].close()
del clients[fileno]
connects-=1
- #print "closing!!"
+ #print "closed %d"%fileno
continue
message=record.split("\0")
@@ -258,12 +265,14 @@ def getfsevents(prog_name,arguments,approach="hooklib",filterproc=defaultfilter)
return []
if len(clients)==0 and iszombie(pid):
break
+
+ #print "\n\nRETURNING!!!!\n\n"
+
os.wait()
epoll.unregister(sock_listen.fileno())
epoll.close()
sock_listen.close()
-
return events
diff --git a/logger/src/autodep/showfsevents.py b/logger/src/autodep/showfsevents.py
index 2b04709..20264e1 100755
--- a/logger/src/autodep/showfsevents.py
+++ b/logger/src/autodep/showfsevents.py
@@ -14,6 +14,7 @@ if len(sys.argv)<2:
events=logfs.fstracer.getfsevents(sys.argv[1], sys.argv[1:],approach="hooklib")
print "Program finished, analyzing dependencies"
+#exit(0);
# get unique filenames
filenames={}
for stage in events:
diff --git a/logger/src/hook_lib/file_hook.c b/logger/src/hook_lib/file_hook.c
index 7c846e2..2958cb7 100644
--- a/logger/src/hook_lib/file_hook.c
+++ b/logger/src/hook_lib/file_hook.c
@@ -22,6 +22,8 @@
#define MAXFILEBUFFLEN 2048
#define MAXSOCKETMSGLEN 8192
+#define MAXENVSIZE 65536
+#define MAXENVITEMSIZE 256
//extern int errorno;
@@ -31,16 +33,27 @@ int (*_open)(const char * pathname, int flags, ...);
int (*_open64)(const char * pathname, int flags, ...);
FILE * (*_fopen)(const char *path, const char *mode);
FILE * (*_fopen64)(const char *path, const char *mode);
-int (*_execve)(const char *filename, char *const argv[],char *const envp[]);
ssize_t (*_read)(int fd, void *buf, size_t count);
ssize_t (*_write)(int fd, const void *buf, size_t count);
size_t (*_fread)(void *ptr, size_t size, size_t nmemb, FILE *stream);
size_t (*_fwrite)(const void *ptr, size_t size, size_t nmemb, FILE *stream);
+int (*_execve)(const char *filename, char *const argv[],char *const envp[]);
+int (*_execv)(const char *path, char *const argv[]);
+int (*_execvp)(const char *file, char *const argv[]);
+int (*_fexecve)(int fd, char *const argv[], char *const envp[]);
+
+int (*_system)(const char *command);
+
+pid_t (*_fork)();
+
+int (*_setenv)(const char *name, const char *value, int overwrite);
int (*_close)(int fd); // we hooking this, because some programs closes our socket
int log_socket=-1;
+char log_socket_orig[MAXSOCKETPATHLEN];
+
void __doinit(){
_open = (int (*)(const char * pathname, int flags, ...)) dlsym(RTLD_NEXT, "open");
_open64 = (int (*)(const char * pathname, int flags, ...)) dlsym(RTLD_NEXT, "open64");
@@ -51,52 +64,70 @@ void __doinit(){
_read= (ssize_t (*)(int fd, void *buf, size_t count)) dlsym(RTLD_NEXT, "read");
_write= (ssize_t (*)(int fd, const void *buf, size_t count)) dlsym(RTLD_NEXT, "write");
+ _fork = (pid_t (*)()) dlsym(RTLD_NEXT, "fork");
_execve = (int (*)(const char *filename, char *const argv[],char *const envp[])) dlsym(RTLD_NEXT, "execve");
+ _execv = (int (*)(const char *path, char *const argv[])) dlsym(RTLD_NEXT, "execv");
+ _execvp = (int (*)(const char *file, char *const argv[])) dlsym(RTLD_NEXT, "execvp");
+ _fexecve = (int (*)(int fd, char *const argv[], char *const envp[])) dlsym(RTLD_NEXT, "fexecve");
+
+ _system = (int (*)(const char *command)) dlsym(RTLD_NEXT, "system");
+
+
+ _setenv=(int (*)(const char *name, const char *value, int overwrite)) dlsym(RTLD_NEXT, "setenv");
_close= (int (*)(int fd)) dlsym(RTLD_NEXT, "close");
if(_open==NULL || _open64==NULL ||
_fopen==NULL || _fopen64==NULL ||
- execve==NULL || _read==NULL || _write==NULL || close==NULL) {
+ _read==NULL || _write==NULL ||
+ _fork==NULL || _execve==NULL || _execv==NULL || _fexecve==NULL || _execvp==NULL ||
+ _system==NULL || _setenv==NULL || _close==NULL) {
fprintf(stderr,"Failed to load original functions of hook\n");
exit(1);
}
char *log_socket_name=getenv("LOG_SOCKET");
+
if(log_socket_name==NULL) {
fprintf(stderr,"LOG_SOCKET environment variable isn't defined."
"Are this library launched by server?\n");
exit(1);
- } else {
- if(strlen(log_socket_name)>=MAXSOCKETPATHLEN) {
- fprintf(stderr,"Unable to create a unix-socket %s: socket name is too long,exiting\n", log_socket_name);
- exit(1);
- }
-
- log_socket=socket(AF_UNIX, SOCK_SEQPACKET, 0);
- if(log_socket==-1) {
- fprintf(stderr,"Unable to create a unix-socket %s: %s\n", log_socket_name, strerror(errno));
- exit(1);
- }
-
- struct sockaddr_un serveraddr;
- memset(&serveraddr, 0, sizeof(serveraddr));
- serveraddr.sun_family = AF_UNIX;
- strcpy(serveraddr.sun_path, log_socket_name);
-
- int ret=connect(log_socket, (struct sockaddr *)&serveraddr, SUN_LEN(&serveraddr));
- if(ret==-1) {
- fprintf(stderr,"Unable to connect a unix-socket: %s\n", strerror(errno));
- exit(1);
- }
- }
+ }
+ strcpy(log_socket_orig,getenv("LOG_SOCKET"));
+ //fprintf(stderr,"%d %s\n",getpid(),log_socket_name);
+
+
+ if(strlen(log_socket_name)>=MAXSOCKETPATHLEN) {
+ fprintf(stderr,"Unable to create a unix-socket %s: socket name is too long,exiting\n", log_socket_name);
+ exit(1);
+ }
+
+ log_socket=socket(AF_UNIX, SOCK_SEQPACKET, 0);
+ if(log_socket==-1) {
+ fprintf(stderr,"Unable to create a unix-socket %s: %s\n", log_socket_name, strerror(errno));
+ exit(1);
+ }
+
+ struct sockaddr_un serveraddr;
+ memset(&serveraddr, 0, sizeof(serveraddr));
+ serveraddr.sun_family = AF_UNIX;
+ strcpy(serveraddr.sun_path, log_socket_name);
+
+
+ int ret=connect(log_socket, (struct sockaddr *)&serveraddr, SUN_LEN(&serveraddr));
+ if(ret==-1) {
+ fprintf(stderr,"Unable to connect a unix-socket %d %s: %s\n", getpid(),log_socket_name, strerror(errno));
+ fflush(stderr);
+ //execlp("/bin/bash","/bin/bash",NULL);
+ exit(1);
+ }
}
void __dofini() {
- //close(log_socket);
+ close(log_socket);
}
void _init() {
@@ -110,7 +141,7 @@ void _fini() {
/*
* Format of log string: time event filename stage result/err
*/
-static void __raw_log_event(const char *event_type, const char *filename, char *result,int err, char* stage) {
+static int __raw_log_event(const char *event_type, const char *filename, char *result,int err, char* stage) {
//printf("lololo:%s %s %s\n",event_type,filename,stage);
char msg_buff[MAXSOCKETMSGLEN];
@@ -123,19 +154,20 @@ static void __raw_log_event(const char *event_type, const char *filename, char *
(unsigned long long)time(NULL),0,event_type,0,filename,0,stage,0,result);
}
- if(bytes_to_send>=MAXSOCKETMSGLEN) return;
- if(send(log_socket,msg_buff,bytes_to_send,0)==-1) {
- printf("BAYBAY!!!11 %d %d\n",log_socket, getpid());
- sleep(100500);
- }
+ if(bytes_to_send>=MAXSOCKETMSGLEN)
+ return 0;
+
+ if(send(log_socket,msg_buff,bytes_to_send,0)==-1)
+ return 0;
+ return 1;
}
/*
* Log an event
*/
-static void __log_event(const char *event_type, const char *filename, char *result,int err, char* stage) {
- __raw_log_event(event_type,filename,result,err,stage);
+static int __log_event(const char *event_type, const char *filename, char *result,int err, char* stage) {
+ return __raw_log_event(event_type,filename,result,err,stage);
}
/*
@@ -167,7 +199,7 @@ ssize_t __get_path_by_fd(int fd, char *output, int output_len) {
static int __is_event_allowed(const char *event_type,const char *filename, char* stage) {
char answer[8];
int bytes_recieved;
-
+ //printf("asking %s\n",filename);
pthread_mutex_lock( &socketblock );
@@ -180,8 +212,11 @@ static int __is_event_allowed(const char *event_type,const char *filename, char*
return 1;
else if(strcmp(answer,"DENY")==0)
return 0;
- else
+ else {
fprintf(stderr,"Protocol error, text should be ALLOW or DENY, got: %s",answer);
+
+ exit(1);
+ }
return 0;
}
@@ -198,10 +233,10 @@ int open(const char * path, int flags, mode_t mode) {
}
- if(flags & O_CREAT)
+ //if(flags & O_CREAT)
ret=_open(path, flags, mode);
- else
- ret=_open(path, flags, 0);
+ //else
+ // ret=_open(path, flags, 0);
if(ret==-1)
__log_event("open",fullpath,"ERR",errno,stage);
@@ -311,7 +346,27 @@ ssize_t write(int fd,const void *buf, size_t count){
return ret;
}
+pid_t fork(void) {
+ //fprintf(stderr,"prefork %s %s\n",getenv("LOG_SOCKET"),log_socket_orig);
+ //int succ=
+ setenv("LOG_SOCKET",log_socket_orig,1);
+
+ //fprintf(stderr,"prefork %s%p%p%d %s\n",getenv("LOG_SOCKET"),_setenv,setenv,succ,log_socket_orig);
+
+ int ret=_fork();
+ // we must to handle fork for reconnect a socket
+
+ if(ret==0) {
+
+ __dofini(); // reinit connection for clildren
+ __doinit(); // because now it is different processes
+ } else {
+ //fprintf(stderr,"fork new: %d LOG_SOCKET=%s\n", ret,getenv("LOG_SOCKET"));
+ //sleep(3);
+ }
+ return ret;
+}
int execve(const char *filename, char *const argv[],
char *const envp[]) {
@@ -319,17 +374,160 @@ int execve(const char *filename, char *const argv[],
__log_event("open",filename,"OK",0,__get_stage());
else
__log_event("open",filename,"ERR",2,__get_stage());
-
+ //fprintf(stderr,"executing %s pid=%d", filename,getpid());
+ char *new_envp[MAXENVSIZE];
+ char new_ld_preload[MAXENVITEMSIZE];
+ char new_log_socket[MAXENVITEMSIZE];
+
+ int ld_preload_valid=0;
+ int log_socket_valid=0;
+ int i;
+ for(i=0;envp[i];i++){
+ if(strncmp(envp[i],"LD_PRELOAD=",11)==0)
+ if(strcmp(envp[i]+11,getenv("LD_PRELOAD"))==0)
+ ld_preload_valid=1;
+ if(strncmp(envp[i],"LOG_SOCKET=",11)==0)
+ if(strcmp(envp[i]+11,log_socket_orig)==0)
+ log_socket_valid=1;
+ }
+ if(!ld_preload_valid || !log_socket_valid) {
+ snprintf(new_ld_preload,MAXENVITEMSIZE,"LD_PRELOAD=%s",getenv("LD_PRELOAD"));
+ snprintf(new_log_socket,MAXENVITEMSIZE,"LOG_SOCKET=%s",log_socket_orig);
+ for(i=0; envp[i] && i<MAXENVSIZE-3; i++) {
+ if(strncmp(envp[i],"LD_PRELOAD=",11)==0) {
+ new_envp[i]=new_ld_preload;
+ ld_preload_valid=1;
+ } else if(strncmp(envp[i],"LOG_SOCKET=",11)==0) {
+ new_envp[i]=new_log_socket;
+ log_socket_valid=1;
+ } else {
+ new_envp[i]=envp[i];
+ }
+ }
+
+ if(!ld_preload_valid) {
+ new_envp[i]=new_ld_preload;
+ i++;
+ }
+ if(!log_socket_valid) {
+ new_envp[i]=new_log_socket;
+ i++;
+ }
+ new_envp[i]=NULL;
+ envp=new_envp;
+// for(i=0;envp[i];i++){
+// printf("BAY: %s\n",envp[i]);
+// }
+
+ }
+
+ fflush(stderr);
int ret=_execve(filename, argv, envp);
return ret;
}
+//int clone(int (*fn)(void *), void *child_stack,
+// int flags, void *arg, ...) {
+// fprintf(stderr,"clone pid=%d",getpid());
+// fflush(stderr);
+
+// return -1;//_clone(fn,child_stack,flags,arg);
+//}
+
+
+/*int fexecve(int fd, char *const argv[], char *const envp[]) {
+ fprintf(stderr,"fexecuting pid=%d",getpid());
+ fflush(stderr);
+ return _fexecve(fd,argv,envp);
+}
+
+int execle(const char *path, const char *arg, ...) {
+ fprintf(stderr,"fexecluting pid=%d",getpid());
+ fflush(stderr);
+//
+ return 0;
+}
+
+int execl(const char *path, const char *arg, ...){
+ fprintf(stderr,"execluting 1 pid=%d",getpid());
+ fflush(stderr);
+//
+ return 0;
+}
+
+int execv(const char *path, char *const argv[]){
+ fprintf(stderr,"execvuting 1 pid=%d",getpid());
+ fflush(stderr);
+ _execv(path,argv);
+ return 0;
+}
+
+int execvp(const char *file, char *const argv[]){
+ fprintf(stderr,"execvpting 1 pid=%d",getpid());
+ fflush(stderr);
+
+ return _execvp(file,argv);
+
+ return 0;
+}
+
+
+int execvpe(const char *file, char *const argv[],
+ char *const envp[]){
+ fprintf(stderr,"execvpeting 1 pid=%d",getpid());
+ fflush(stderr);
+//
+ return 0;
+}
+
+int execlp(const char *file, const char *arg, ...){
+ fprintf(stderr,"execlpeting 1 pid=%d",getpid());
+ fflush(stderr);
+//
+ return 0;
+}
+
+int rexec(char **ahost, int inport, char *user,
+ char *passwd, char *cmd, int *fd2p){
+ fprintf(stderr,"rexec 1 pid=%d",getpid());
+ fflush(stderr);
+//
+ return 0;
+}
+
+int system(const char *command) {
+ fprintf(stderr,"rexec 1 pid=%d cmd=%s",getpid(),command);
+ fflush(stderr);
+
+ return _system(command);
+ return 0;
+
+}*/
+
+
+
+int setenv(const char *name, const char *value, int overwrite) {
+ //printf (" CHANGING name: %s, value: %s",name,value);
+ if(strcmp(name,"LD_PRELOAD")==0 ||
+ strcmp(name,"LOG_SOCKET")==0) return -1;
+ int ret=_setenv(name,value,overwrite);
+ return ret;
+}
+
+//int putenv(char *string){
+// fprintf(stderr,"putenv 1 pid=%d cmd=%s",getpid(),string);
+// fflush(stderr);
+//
+// //return _system(command);
+// return 0;
+//}
+
+
int close(int fd) {
if(fd!=log_socket) {
return _close(fd);
}
return -1;
}
-
^ permalink raw reply related [flat|nested] 3+ messages in thread
* [gentoo-commits] proj/autodep:master commit in: logger/src/autodep/logfs/, logger/src/autodep/, logger/src/hook_lib/
@ 2011-07-03 13:41 Александр Берсенев
0 siblings, 0 replies; 3+ messages in thread
From: Александр Берсенев @ 2011-07-03 13:41 UTC (permalink / raw
To: gentoo-commits
commit: a1d60fa6ca3bf5fc264b68d88e6769bf35f7a51e
Author: Alexander Bersenev <bay <AT> hackerdom <DOT> ru>
AuthorDate: Sun Jul 3 19:40:37 2011 +0000
Commit: Александр Берсенев <bay <AT> hackerdom <DOT> ru>
CommitDate: Sun Jul 3 19:40:37 2011 +0000
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/autodep.git;a=commit;h=a1d60fa6
work with usersandbox feature, futher work for outout
---
logger/src/autodep/logfs/__init__.pyc | Bin 138 -> 0 bytes
logger/src/autodep/logfs/fstracer.py | 5 +++--
logger/src/autodep/showfsevents.py | 33 ++++++++++++++++++++++++---------
logger/src/hook_lib/file_hook.c | 27 ++++++++++++++++++++-------
4 files changed, 47 insertions(+), 18 deletions(-)
diff --git a/logger/src/autodep/logfs/__init__.pyc b/logger/src/autodep/logfs/__init__.pyc
deleted file mode 100644
index ae3151f..0000000
Binary files a/logger/src/autodep/logfs/__init__.pyc and /dev/null differ
diff --git a/logger/src/autodep/logfs/fstracer.py b/logger/src/autodep/logfs/fstracer.py
index 66b1de3..c724b61 100644
--- a/logger/src/autodep/logfs/fstracer.py
+++ b/logger/src/autodep/logfs/fstracer.py
@@ -74,7 +74,7 @@ def getparentpid(pid):
if match==None:
print "Failed to get parent process. Format of /proc/<pid>/stat is incorrect. Did you change a kernel?"
return 1
-
+
return int(match.group(1))
except IOError,e:
@@ -200,9 +200,10 @@ def getfsevents(prog_name,arguments,approach="hooklib",filterproc=defaultfilter)
continue
message=record.split("\0")
- #if message[3]!="unknown":
+ #if message[3]=="compile": #and message[1]=="debug":
#print message
+
try:
if message[4]=="ASKING":
if filterproc(message[1],message[2],message[3]):
diff --git a/logger/src/autodep/showfsevents.py b/logger/src/autodep/showfsevents.py
index cc4bec6..b738a76 100755
--- a/logger/src/autodep/showfsevents.py
+++ b/logger/src/autodep/showfsevents.py
@@ -9,23 +9,30 @@ import logfs.fstracer
import logfs.portage_utils
args_parser=optparse.OptionParser("%prog [options] <command>")
+args_parser.add_option("-b", "--block",action="store", type="string",
+ dest="packages", default="", help="block an access to files from this packages")
args_parser.add_option("-v", action="store_true", dest="verbose",
default=False, help="show accessed files")
args_parser.add_option("-u", "--unknown", action="store_true", dest="show_unknown_stage",
default=False, help="show unknown stage")
-args_parser.add_option("-b", "--block",action="store", type="string",
- dest="packages", default="", help="block an access to files from this packages")
+
+args_parser.add_option("--hooklib",action="store_const", dest="approach",
+ const="hooklib", help="use ld_preload logging approach(default)")
+args_parser.add_option("--fusefs",action="store_const", dest="approach",
+ const="fusefs", help="use fuse logging approach(slow, but reliable)")
+args_parser.set_defaults(approach="hooklib")
+
args_parser.epilog="Example: %s -b lsof,cowsay emerge bash" % (os.path.basename(sys.argv[0]))
args_parser.disable_interspersed_args()
(options, args) = args_parser.parse_args()
+#print options
+#print args
if len(args)==0:
args_parser.print_help()
exit(1)
-#print args
-#print options
filter_function=lambda eventname,filename,stage: True
@@ -45,7 +52,7 @@ if options.packages:
return not filename in files_to_block
filter_function=filter
-events=logfs.fstracer.getfsevents(args[0], args,approach="fusefs",filterproc=filter_function)
+events=logfs.fstracer.getfsevents(args[0], args,approach=options.approach,filterproc=filter_function)
print "Program finished, analyzing dependencies"
# get unique filenames
@@ -114,7 +121,15 @@ for stage in sorted(events):
filesinfo[filename]["notfound"]=fail_events[filename]
#print events_converted_for_output
-
+
+# explicit check for launching with non-emerge application
+was_emerge_process=False
+for package in packagesinfo:
+ if len(packagesinfo[package].keys())>1:
+ was_emerge_process=True
+ break
+
+# generating output
stagesorder={"clean":1,"setup":2,"unpack":3,"prepare":4,"configure":5,"compile":6,"test":7,
"install":8,"preinst":9,"postinst":10,"prerm":11,"postrm":12,"unknown":13}
@@ -126,7 +141,7 @@ for package in sorted(packagesinfo):
stages=[]
for stage in sorted(packagesinfo[package].keys(), key=stagesorder.get):
- if stage!="unknown" or options.show_unknown_stage:
+ if stage!="unknown" or options.show_unknown_stage or not was_emerge_process:
stages.append(stage)
if len(stages)!=0:
@@ -159,7 +174,7 @@ for package in sorted(packagesinfo):
"""
for stage in sorted(events, key=stagesorder.get):
- succ_events=events[stage][0]-
+ succ_events=events[stage][0]
fail_events=events[stage][1]
print "On stage %s:" % stage
for filename in sorted(succ_events, key=file_to_package.get):
@@ -195,4 +210,4 @@ for stage in sorted(events, key=stagesorder.get):
print file_to_package[filename],
print
"""
-##logfs.fstracer.getfsevents("emerge", ["emerge","--info"])
\ No newline at end of file
+##logfs.fstracer.getfsevents("emerge", ["emerge","--info"])
diff --git a/logger/src/hook_lib/file_hook.c b/logger/src/hook_lib/file_hook.c
index 4ad6b97..9012b20 100644
--- a/logger/src/hook_lib/file_hook.c
+++ b/logger/src/hook_lib/file_hook.c
@@ -53,6 +53,7 @@ int (*_close)(int fd); // we hooking this, because some programs closes our sock
int log_socket=-1;
char log_socket_name[MAXSOCKETPATHLEN];
+char ld_preload_orig[MAXPATHLEN];
void __doconnect(){
if(strlen(log_socket_name)>=MAXSOCKETPATHLEN) {
@@ -104,8 +105,16 @@ void _init() {
fprintf(stderr,"Unable to create a unix-socket %s: socket name is too long,exiting\n", log_socket_name);
exit(1);
}
+
strcpy(log_socket_name,log_socket_env);
+ if(getenv("LD_PRELOAD")==NULL) {
+ fprintf(stderr,"Unable to find LD_PRELOAD environment variable. "
+ "Library will load only with this variable defined");
+ exit(1);
+ }
+
+ strcpy(ld_preload_orig,getenv("LD_PRELOAD"));
_open = (int (*)(const char * pathname, int flags, ...)) dlsym(RTLD_NEXT, "open");
_open64 = (int (*)(const char * pathname, int flags, ...)) dlsym(RTLD_NEXT, "open64");
@@ -247,8 +256,8 @@ int open(const char * path, int flags, mode_t mode) {
realpath(path,fullpath);
char *stage=__get_stage();
if(! __is_event_allowed("open",fullpath,stage)) {
- errno=2; // not found
__log_event("open",fullpath,"DENIED",errno,stage);
+ errno=2; // not found
return -1;
}
@@ -270,8 +279,8 @@ int open64(const char * path, int flags, mode_t mode) {
realpath(path,fullpath);
char *stage=__get_stage();
if(! __is_event_allowed("open",fullpath,stage)) {
- errno=2; // not found
__log_event("open",path,"DENIED",errno,stage);
+ errno=2; // not found
return -1;
}
@@ -294,8 +303,8 @@ FILE *fopen(const char *path, const char *mode) {
char *stage=__get_stage();
if(! __is_event_allowed("open",fullpath,stage)) {
- errno=2; // not found
__log_event("open",path,"DENIED",errno,stage);
+ errno=2; // not found
return NULL;
}
@@ -316,8 +325,8 @@ FILE *fopen64(const char *path, const char *mode) {
char *stage=__get_stage();
if(! __is_event_allowed("open",fullpath,stage)) {
- errno=2; // not found
__log_event("open",fullpath,"DENIED",errno,stage);
+ errno=2; // not found
return NULL;
}
@@ -346,6 +355,9 @@ ssize_t read(int fd, void *buf, size_t count){
else
__log_event("read",fullpath,"OK",0,stage);
}
+
+ //__log_event("debug",fullpath,"ERR",getpid(),stage);
+
errno=saved_errno;
return ret;
}
@@ -372,7 +384,8 @@ pid_t fork(void) {
//int succ=
_setenv("LOG_SOCKET",log_socket_name,1);
-
+ _setenv("LD_PRELOAD",ld_preload_orig,1);
+ //ld_preload_orig
//fprintf(stderr,"prefork %s%p%p%d %s\n",getenv("LOG_SOCKET"),_setenv,setenv,succ,log_socket_orig);
int ret=_fork();
@@ -407,14 +420,14 @@ int execve(const char *filename, char *const argv[],
int i;
for(i=0;envp[i];i++){
if(strncmp(envp[i],"LD_PRELOAD=",11)==0)
- if(strcmp(envp[i]+11,getenv("LD_PRELOAD"))==0)
+ if(strcmp(envp[i]+11,ld_preload_orig)==0)
ld_preload_valid=1;
if(strncmp(envp[i],"LOG_SOCKET=",11)==0)
if(strcmp(envp[i]+11,log_socket_name)==0)
log_socket_valid=1;
}
if(!ld_preload_valid || !log_socket_valid) {
- snprintf(new_ld_preload,MAXENVITEMSIZE,"LD_PRELOAD=%s",getenv("LD_PRELOAD"));
+ snprintf(new_ld_preload,MAXENVITEMSIZE,"LD_PRELOAD=%s",ld_preload_orig);
snprintf(new_log_socket,MAXENVITEMSIZE,"LOG_SOCKET=%s",log_socket_name);
for(i=0; envp[i] && i<MAXENVSIZE-3; i++) {
if(strncmp(envp[i],"LD_PRELOAD=",11)==0) {
^ permalink raw reply related [flat|nested] 3+ messages in thread
end of thread, other threads:[~2011-07-03 19:40 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-06-30 20:04 [gentoo-commits] proj/autodep:master commit in: logger/src/autodep/logfs/, logger/src/autodep/, logger/src/hook_lib/ Александр Берсенев
-- strict thread matches above, loose matches on Subject: below --
2011-07-03 13:41 Александр Берсенев
2011-06-08 12:28 Александр Берсенев
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox