pax_global_header00006660000000000000000000000064127662632020014520gustar00rootroot0000000000000052 comment=353717ef6333efbc20d2f210b483854b79686854 snoopy-snoopy-2.4.6/000077500000000000000000000000001276626320200144055ustar00rootroot00000000000000snoopy-snoopy-2.4.6/.github/000077500000000000000000000000001276626320200157455ustar00rootroot00000000000000snoopy-snoopy-2.4.6/.github/CONTRIBUTING.md000066400000000000000000000142261276626320200202030ustar00rootroot00000000000000# Contributing to Snoopy development [![Flattr Snoopy Logger project](http://api.flattr.com/button/flattr-badge-large.png)](https://flattr.com/submit/auto?user_id=a2o&url=https://github.com/a2o/snoopy&title=Snoopy Logger) New ideas are welcome. Most of change requests so far were about additional log data or filtering capabilities, therefore most of development/changes is expected in that area. Initial information about Snoopy hacking is available here: [doc/HACKING.md](doc/HACKING.md) Table of Contents ================= * [Contributing to Snoopy development](#contributing-to-snoopy-development) * [Git branches - persistent](#git-branches---persistent) * [Git branches - transient](#git-branches---transient) * [Creating feature documentation](#creating-feature-documentation) * [Creating pull requests for upstream merges](#creating-pull-requests-for-upstream-merges) ## Git branches - persistent The following git branches are always available in main Snoopy repository: - master: contains latest Snoopy development efforts. All new features snould be based on this branch. - stable: present when master branch has sufficiently drifted from latest stable release, but is still far away from becoming stable. Used for quick bugfixes and stable release maintenance. - install: branch dedicated to Snoopy automated install procedure. When you use it, install-snoopy.sh script is downloaded from this branch. - coverity_scan: when Coverity analysis of a build is required, it is performed using this branch. Usually it lazily follows master branch. Coverity has a limited build submission frequency, thus a dedicated branch has been created to trigger analysis on as-needed basis. - legacy: orphaned branch, which contains imported Snoopy releases from 1.00 to 1.6.1 + changes to bring it in sync with initial commit from master branch. This is a lousy attempt to recreate lost SVN history (commits 1-31). Present for historical completeness only. ## Git branches - transient The following branch-naming patterns are intended for branches whose sole purpose of existence is pull request submission. These branches should have concise naming. Main reason for this is clean git history. When one-line-per- commit history view shows "Merge branch 'contributor/master'" our dear history viewer has no idea what is going on there. But, if instead of that, the first line of that commit message is "Merge branch 'bugfix/invalid-data-from-ttyname'" then a single glance is enough to understand the big picture. Thus pull requests should only be made for concise-named branches that follow these patterns: - bugfix/*: pull request branch, contains one bugfix, - documentation/*: pull request branch, contains documentation work, - enhancement/*: pull request branch, contains one enhancement (not a new feature, but improvement nonetheless) - feature/*: pull request branch, contains a new feature, - refactoring/*: pull request branch, contains code refactoring, ### On what branch should you base your contribution to Snoopy? **As a general rule, base your contribution on MASTER branch.** Exception: - you found a bug that impacts current stable release - base your work on **stable** branch, if it is currently present in Snoopy repo. Maintainer will merge it into master branch. Non-exception: - you have developed a new feature and would like it to land in the next bugfix release: **do not bother**. Bugfix releases are bugfix releases, they are not intended to introduce new features. Base your work on **master** branch. If you somehow manage to convince maintainer(s) that your feature should land in next bugfix release anyway, maintainer will do the integration. ## Creating feature documentation Here is a brief description of Snoopy documentation structure. File /README.md: - general information and quick install instructions; Directory /doc/: - documentation which is useful to average Snoopy user; - /doc/INSTALL.md: detailed installation instructions; - /doc/FAQ.md: location of answers to frequently asked questions; - /doc/DATA-SOURCES.md: general, data-sources-specific information; - /doc/DATA-SOURCE_complex_data_source_name.md: documentation for advanced and configurable data source called "complex_data_source_name", which has its code located in src/datasource/complex_data_source_name.c; (also, do not include "_name" suffix in data source's name:); - /doc/FILTERING.md: filtering-specific information; - /doc/FILTER_complex_filter_name.md: documentation for advanced filter called "complex_filter_name", which has its code located in src/filter/complex_filter_name.c; Directory /doc/internals/: - location of documetation useful to Snoopy developers and contributors; - /doc/internals/README.md: main document about Snoopy internals ## Creating pull requests for upstream merges Commits: - your commits should be easily readable, with concise comments; - your commits should follow the KISS principle: do one thing, and do it well. Branching: - see section about branches above. - branch your contribution branch from Snoopy's master branch; - branch name: feature/my-shiny-new-snoopy-feature-title for new features; - branch name: bugfix/my-totally-non-hackish-workaround for bugfixes; - branch name: master (avoiding creating dedicated branch) may only be used for trivial fixes. Pull requests: - do not create pull requests from master branch; - one pull request should contain one change only (one bugfix or one feature at a time); - if you have developed multiple features and/or bugfixes, create separate branches for each one of them, and request merges for each branch; - Snoopy uses Travis-CI for testing builds. When you submit a pull request, wait for Travis-CI to finish the build and see if everything went smoothly. - the cleaner you code/change/changeset is, the faster it will be merged. - Coverity scan is run on as-needed basis, but keep in mind that you might be "called to court:)" - contacted to defend your contribution should Coverity point out some defects in your code. That is it. May the successfull-patch-submission-force be with you! :) snoopy-snoopy-2.4.6/.github/ISSUE_TEMPLATE.md000066400000000000000000000033571276626320200204620ustar00rootroot00000000000000## Checklist before I submit this issue report I confirm that: - [ ] I have tested this with the latest version of Snoopy available @ https://github.com/a2o/snoopy#i1-version-information-and-download-links (not the latest Snoopy version packaged by your favorite distribution, it might be out of date) - [ ] I have read Snoopy documentation @ https://github.com/a2o/snoopy/blob/master/README.md & https://github.com/a2o/snoopy/tree/master/doc - [ ] I have checked FAQ entries @ https://github.com/a2o/snoopy/blob/master/doc/FAQ.md - [ ] I have checked existing Snoopy issues for duplicates and found none @ https://github.com/a2o/snoopy/issues?q=is%3Aissue ## Issue description - Environment basics (replace 'FILLIN' with actual values from your environment) | Key | Value | Comments | | ----------------------------------- | ----------------- | ---------------------------------| | Architecture: | x86_64 | x86 is not supported anymore | | Linux distribution: | FILLIN | | | Distribution version: | FILLIN | | | Snoopy version: | FILLIN | | | Snoopy config file was used: | FILLIN (yes|no) | snoopy-install.sh enables this by default | | Snoopy threading support enabled: | FILLIN (yes|no) | not enabled by default as of v2.4.4 | ## Issue description - How was Snoopy installed FILLIN (describe installation method - snoopy-install.sh, custom built (provide configure arguments), distro package) ## Issue description - Describe the problem you are having FILLIN ## Expected result FILLIN ## Actual result FILLIN ## Steps to reproduce FILLIN snoopy-snoopy-2.4.6/.github/PULL_REQUEST_TEMPLATE.md000066400000000000000000000035551276626320200215560ustar00rootroot00000000000000Checklists for Pull requests ---------------------------- About pull request itself: - [X] I am submitting a pull request:) - [ ] My submission does one logical thing only (one bugfix, one new feature). If I will want to supply multiple logical changes, I will submit multiple pull requests. - [ ] I have read and understood CONTRIBUTING guide @ https://github.com/a2o/snoopy/blob/master/.github/CONTRIBUTING.md Code quality: (not applicable for non-code fixes of course) - [ ] My submission is passing test suite run (./configure --enable-everything && make tests) - test suite reports zero unexpected failures. - [ ] My submission is passing Valgrind check (./configure --enable-everything --enable-dev-tools && make valgrind) - Valgrind reports "ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)". Commits: - [ ] My commits are logical, easily readable, with concise comments. - [ ] My commits follow the KISS principle: do one thing, and do it well. Licensing: - [ ] I am the author of submission or have been authorized by submission copyright holder to issue this pull request. Branching: - [ ] My submission is based on master branch. - [ ] My submission is compatible with latest master branch updates (no conflicts, I did a rebase if it was necessary). - [ ] The name of the branch I want to merge upstream is not 'master' (except for only the most trivial fixes, like typos and such). - [ ] My branch name is *feature/my-shiny-new-snoopy-feature-title* (for new features). - [ ] My branch name is *bugfix/my-totally-non-hackish-workaround* (for bugfixes). - [ ] My branch name is *doc/what-i-did-to-documentation* (for documentation updates). Continuous integration: - [ ] Once I will submit this pull request, I will wait for Travis-CI report (normally a couple of minutes) and fix any issues I might have introduced. Pull request description ------------------------ snoopy-snoopy-2.4.6/.gitignore000066400000000000000000000022331276626320200163750ustar00rootroot00000000000000### Files produced by autotools # Makefile.in /aclocal.m4 /autom4te.cache /autoscan.log /build/aux/ar-lib /build/aux/compile /build/aux/config.guess /build/aux/config.sub /build/aux/depcomp /build/aux/install-sh /build/aux/ltmain.sh /build/aux/missing /build/aux/test-driver /build/m4/libtool.m4 /build/m4/lt*.m4 /configure /config.h /config.log /config.status /config.h.in~ /stamp-h? ### Temporary files creating during ./bootstrap.sh run # /configure.tmp ### Files produced by ./configure # Makefile /libtool # Temporary files created during ./configure run /conf*/ /confdefs.h /conftest /conftest.c /conftest.cpp /conftest.err /libtoolT ### Files produced by build process # .dirstamp *.a *.o *.la *.lo .deps/ .libs/ /a.out /src/libsnoopy.so /tests/bin/* !/tests/bin/*.c !/tests/bin/*.h !/tests/bin/Makefile.am /util/* !/util/*.c !/util/*.h !/util/*.in !/util/Makefile.am !/util/*.in /util/Makefile.in /contrib/rhel/snoopy.spec /contrib/sles/snoopy.spec /etc/snoopy.ini ### Files produced by test suite # /tests/*.log /tests/*/*.log /tests/*.trs /tests/*/*.trs ### Coverity files # /cov-int* /build/coverity-settings.conf ### Distribution related files # /debian snoopy-snoopy-2.4.6/.gitmodules000066400000000000000000000000001276626320200165500ustar00rootroot00000000000000snoopy-snoopy-2.4.6/.travis.yml000066400000000000000000000077211276626320200165250ustar00rootroot00000000000000language: c compiler: - gcc # clang is disabled because we already have x4 build matrix # - clang branches: only: - master - stable - coverity_scan ### Package installation was moved to addons.apt.packages setting, to utilize new container infrastructure # #before_install: # - sudo apt-get update -qq # - sudo apt-get install -qq socat sudo: false before_script: - "./bootstrap.sh" env: global: # # Coverity integration # # The next declaration is the encrypted COVERITY_SCAN_TOKEN, created # via the "travis encrypt" command using the project repo's public key # - secure: "WSIKaNG2czmsMv0DqNKiYBuaFp/ChmSEpMmMnn9T0vqQmxPVnFnKg0UaPhXJj9THp24vqJmPoEdQPSjH5GsbbW1YQKgEDOyKfAFs1Uv1yBYnObvlcH0LJQWQjY5ZjnTEpCbP5q4iWj7Cbz/4kTmEZto8mbLyEUBkwt3LHXqHVJh0Tteg0wW2lvuyj/QYqEIm7uzOB5v3gsqpGTeKT7DKV99IuMpoIEAO66+8HzRgvJgQT3XnF4RVUTDYzOF2gUSnS1aLsDzVXbFMGlDjDtSmGEZyUrfQkfX4/Jt0fZMRMiYdbK2+cfHbHSOQQjL0WwnLn3175ZDtkpQynwoGL8KafLli1N7Xh3NP8e+N9r1FV2mwA0gIyLCo3/fSF7ya7BToWJjyIfO/vk4QUoLOR0dbmK7zrVcCJD//DZBTlWc1ZcTDlP8VvmScLqvAndo/03UAdIOo3KjaS7LZsEHr144KGYMEQbYVfGqCOLcL6eRwbi42PgJ1drbINCcb3mfZHhJFrbdBkHTSK3yD1yHb3SbHuCp2ThbVAVi1oAh9FpsN5UEo/guAAR+R7mNGhZFEBYqhaQItdyxegKxPeheNNIxGszyt8cShPL3GqX5sq2/MxTn8SFuXjVzBZoy2MboBg82uk4G8pntOdW6NDJNeugtAYwVdJECKKcucS9B2VciTEpU=" # Build concurency # - MAKE_J: "16" # Signal to snoopy-install.sh that it is running inside Travis-CI build - SNOOPY_TRAVIS_BUILD="true" matrix: # Test builds - SNOOPY_TRAVIS_OPTS="build" - SNOOPY_TRAVIS_OPTS="build --enable-thread-safety" - SNOOPY_TRAVIS_OPTS="build --disable-config-file" - SNOOPY_TRAVIS_OPTS="build --disable-filtering" - SNOOPY_TRAVIS_OPTS="build --disable-config-file --disable-filtering" - SNOOPY_TRAVIS_OPTS="build --enable-everything" - SNOOPY_TRAVIS_OPTS="build --enable-everything --disable-thread-safety" - SNOOPY_TRAVIS_OPTS="build --disable-everything" - SNOOPY_TRAVIS_OPTS="build --disable-everything --enable-config-file" - SNOOPY_TRAVIS_OPTS="build --disable-everything --enable-filtering" - SNOOPY_TRAVIS_OPTS="build --disable-everything --enable-filtering --enable-datasource-uid" - SNOOPY_TRAVIS_OPTS="build --disable-everything --enable-thread-safety" - SNOOPY_TRAVIS_OPTS="build --disable-everything --enable-config-file --enable-filtering --enable-thread-safety" # Test snoopy-install.sh script - SNOOPY_TRAVIS_OPTS="install-script-local release-latest-stable" - SNOOPY_TRAVIS_OPTS="install-script-local local" - SNOOPY_TRAVIS_OPTS="install-script-local download-only" - SNOOPY_TRAVIS_OPTS="install-script-remote release-latest-stable" - SNOOPY_TRAVIS_OPTS="install-script-remote git-master" - SNOOPY_TRAVIS_OPTS="install-script-remote download-only" # Random build configuration flags - SNOOPY_TRAVIS_OPTS="build-random 01" - SNOOPY_TRAVIS_OPTS="build-random 02" - SNOOPY_TRAVIS_OPTS="build-random 03" - SNOOPY_TRAVIS_OPTS="build-random 04" - SNOOPY_TRAVIS_OPTS="build-random 05" - SNOOPY_TRAVIS_OPTS="build-random 06" - SNOOPY_TRAVIS_OPTS="build-random 07" - SNOOPY_TRAVIS_OPTS="build-random 08" - SNOOPY_TRAVIS_OPTS="build-random 09" - SNOOPY_TRAVIS_OPTS="build-random 10" - SNOOPY_TRAVIS_OPTS="build-random 11" - SNOOPY_TRAVIS_OPTS="build-random 12" - SNOOPY_TRAVIS_OPTS="build-random 13" - SNOOPY_TRAVIS_OPTS="build-random 14" - SNOOPY_TRAVIS_OPTS="build-random 15" - SNOOPY_TRAVIS_OPTS="build-random 16" script: - "./build/travis.sh $SNOOPY_TRAVIS_OPTS" addons: # # Install packages: # apt: packages: - socat # # Coverity integration # coverity_scan: project: name: "a2o/snoopy" description: "Build submitted via Travis CI" notification_email: bostjan@a2o.si build_command_prepend: "./bootstrap.sh && ./configure && make distclean && ./configure --enable-everything" build_command: "make -j$MAKE_J" branch_pattern: coverity_scan snoopy-snoopy-2.4.6/COPYING000066400000000000000000000432541276626320200154500ustar00rootroot00000000000000 GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public License is intended to guarantee your freedom to share and change free software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not price. Our General Public Licenses are designed to make sure that you have the freedom to distribute copies of free software (and charge for this service if you wish), that you receive source code or can get it if you want it, that you can change the software or use pieces of it in new free programs; and that you know you can do these things. To protect your rights, we need to make restrictions that forbid anyone to deny you these rights or to ask you to surrender the rights. These restrictions translate to certain responsibilities for you if you distribute copies of the software, or if you modify it. For example, if you distribute copies of such a program, whether gratis or for a fee, you must give the recipients all the rights that you have. You must make sure that they, too, receive or can get the source code. And you must show them these terms so they know their rights. We protect your rights with two steps: (1) copyright the software, and (2) offer you this license which gives you legal permission to copy, distribute and/or modify the software. Also, for each author's protection and ours, we want to make certain that everyone understands that there is no warranty for this free software. If the software is modified by someone else and passed on, we want its recipients to know that what they have is not the original, so that any problems introduced by others will not reflect on the original authors' reputations. Finally, any free program is threatened constantly by software patents. We wish to avoid the danger that redistributors of a free program will individually obtain patent licenses, in effect making the program proprietary. To prevent this, we have made it clear that any patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains a notice placed by the copyright holder saying it may be distributed under the terms of this General Public License. The "Program", below, refers to any such program or work, and a "work based on the Program" means either the Program or any derivative work under copyright law: that is to say, a work containing the Program or a portion of it, either verbatim or with modifications and/or translated into another language. (Hereinafter, translation is included without limitation in the term "modification".) Each licensee is addressed as "you". Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1. You may copy and distribute verbatim copies of the Program's source code as you receive it, in any medium, provided that you conspicuously and appropriately publish on each copy an appropriate copyright notice and disclaimer of warranty; keep intact all the notices that refer to this License and to the absence of any warranty; and give any other recipients of the Program a copy of this License along with the Program. You may charge a fee for the physical act of transferring a copy, and you may at your option offer warranty protection in exchange for a fee. 2. You may modify your copy or copies of the Program or any portion of it, thus forming a work based on the Program, and copy and distribute such modifications or work under the terms of Section 1 above, provided that you also meet all of these conditions: a) You must cause the modified files to carry prominent notices stating that you changed the files and the date of any change. b) You must cause any work that you distribute or publish, that in whole or in part contains or is derived from the Program or any part thereof, to be licensed as a whole at no charge to all third parties under the terms of this License. c) If the modified program normally reads commands interactively when run, you must cause it, when started running for such interactive use in the most ordinary way, to print or display an announcement including an appropriate copyright notice and a notice that there is no warranty (or else, saying that you provide a warranty) and that users may redistribute the program under these conditions, and telling the user how to view a copy of this License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in themselves, then this License, and its terms, do not apply to those sections when you distribute them as separate works. But when you distribute the same sections as part of a whole which is a work based on the Program, the distribution of the whole must be on the terms of this License, whose permissions for other licensees extend to the entire whole, and thus to each and every part regardless of who wrote it. Thus, it is not the intent of this section to claim rights or contest your rights to work written entirely by you; rather, the intent is to exercise the right to control the distribution of derivative or collective works based on the Program. In addition, mere aggregation of another work not based on the Program with the Program (or with a work based on the Program) on a volume of a storage or distribution medium does not bring the other work under the scope of this License. 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b) Accompany it with a written offer, valid for at least three years, to give any third party, for a charge no more than your cost of physically performing source distribution, a complete machine-readable copy of the corresponding source code, to be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, c) Accompany it with the information you received as to the offer to distribute corresponding source code. (This alternative is allowed only for noncommercial distribution and only if you received the program in object code or executable form with such an offer, in accord with Subsection b above.) The source code for a work means the preferred form of the work for making modifications to it. For an executable work, complete source code means all the source code for all modules it contains, plus any associated interface definition files, plus the scripts used to control compilation and installation of the executable. However, as a special exception, the source code distributed need not include anything that is normally distributed (in either source or binary form) with the major components (compiler, kernel, and so on) of the operating system on which the executable runs, unless that component itself accompanies the executable. If distribution of executable or object code is made by offering access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is void, and will automatically terminate your rights under this License. However, parties who have received copies, or rights, from you under this License will not have their licenses terminated so long as such parties remain in full compliance. 5. You are not required to accept this License, since you have not signed it. However, nothing else grants you permission to modify or distribute the Program or its derivative works. These actions are prohibited by law if you do not accept this License. Therefore, by modifying or distributing the Program (or any work based on the Program), you indicate your acceptance of this License to do so, and all its terms and conditions for copying, distributing or modifying the Program or works based on it. 6. Each time you redistribute the Program (or any work based on the Program), the recipient automatically receives a license from the original licensor to copy, distribute or modify the Program subject to these terms and conditions. You may not impose any further restrictions on the recipients' exercise of the rights granted herein. You are not responsible for enforcing compliance by third parties to this License. 7. If, as a consequence of a court judgment or allegation of patent infringement or for any other reason (not limited to patent issues), conditions are imposed on you (whether by court order, agreement or otherwise) that contradict the conditions of this License, they do not excuse you from the conditions of this License. If you cannot distribute so as to satisfy simultaneously your obligations under this License and any other pertinent obligations, then as a consequence you may not distribute the Program at all. For example, if a patent license would not permit royalty-free redistribution of the Program by all those who receive copies directly or indirectly through you, then the only way you could satisfy both it and this License would be to refrain entirely from distribution of the Program. If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances. It is not the purpose of this section to induce you to infringe any patents or other property right claims or to contest validity of any such claims; this section has the sole purpose of protecting the integrity of the free software distribution system, which is implemented by public license practices. Many people have made generous contributions to the wide range of software distributed through that system in reliance on consistent application of that system; it is up to the author/donor to decide if he or she is willing to distribute software through any other system and a licensee cannot impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License may add an explicit geographical distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the limitation as if written in the body of this License. 9. The Free Software Foundation may publish revised and/or new versions of the General Public License from time to time. Such new versions will be similar in spirit to the present version, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version number. If the Program specifies a version number of this License which applies to it and "any later version", you have the option of following the terms and conditions either of that version or of any later version published by the Free Software Foundation. If the Program does not specify a version number of this License, you may choose any version ever published by the Free Software Foundation. 10. If you wish to incorporate parts of the Program into other free programs whose distribution conditions are different, write to the author to ask for permission. For software which is copyrighted by the Free Software Foundation, write to the Free Software Foundation; we sometimes make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. END OF TERMS AND CONDITIONS How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it free software which everyone can redistribute and change under these terms. To do so, attach the following notices to the program. It is safest to attach them to the start of each source file to most effectively convey the exclusion of warranty; and each file should have at least the "copyright" line and a pointer to where the full notice is found. Copyright (C) This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. The hypothetical commands `show w' and `show c' should show the appropriate parts of the General Public License. Of course, the commands you use may be called something other than `show w' and `show c'; they could even be mouse-clicks or menu items--whatever suits your program. You should also get your employer (if you work as a programmer) or your school, if any, to sign a "copyright disclaimer" for the program, if necessary. Here is a sample; alter the names: Yoyodyne, Inc., hereby disclaims all copyright interest in the program `Gnomovision' (which makes passes at compilers) written by James Hacker. , 1 April 1989 Ty Coon, President of Vice This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. snoopy-snoopy-2.4.6/ChangeLog000066400000000000000000000477551276626320200162010ustar00rootroot00000000000000------------------------------------------------------------------------------- Snoopy Logger ChangeLog ------------------------------------------------------------------------------- 2016-08-14 - Version 2.4.6 -------------------------- o Bugfix (#106 @ GitHub): fix segmentation faults of Network Manager on CentOS 7 when using DHCP address configuration. (thanks tkimball83, p64 @ GitHub for reporting it, and jmtysonjr @ GitHub for verifying the bugfix) o Internal: replace ini parsing library iniparser with inih (triggered by #106 @ Github) 2016-03-05 - Version 2.4.5 -------------------------- o Bugfix (#102 @ GitHub): fix broken validation of --with-syslog-facility configure argument for LOCALx values. Build test updated to prevent regressions. (reported by lhmerino @ GitHub) o Bugfix: filter/only_tty: treat errors as if command does not have a tty associated with it o Bugfix: filter/only_tty: treat errors as if command does not have a tty associated with it o Tests: fix timestamp provider (ms) range test condition (bugfix found at user alasdairdc @ GitHub). o Install (#90 @ GitHub): Add support for installing local Snoopy packages with install script. (Suggested by PSKyne@Github) o Install (#90 @ GitHub): snoopy-install.sh now has a download-only mode. (Suggested by PSKyne@github) o Install: Reenabled 'make check' in install-snoopy.sh. The test that was was causing the most grief was datasource_domain test, which is disabled now. o Install (#98 @ GitHub): Add support for bootstrapping git builds on older OS releases (i.e. CentOS 6). Package builds are not affected by this. This is now done automatically by bootstrap.sh script. o Infrastructure (#94 @ GitHub): Migrated Travis-CI to container-based builds. Builds are not much faster, but their startup is indeed speedier. o Infrastructure: Added 16 builds to Travis-CI which use random selection of ./configure flags. This should ensure valid builds with all possible (valid) ./configure flag selections. o Refactoring: move src/libsnoopy.c/.h contents to more appropriate location: src/eventsource/execve_wrapper.c/.h 2015-08-28 - Version 2.4.4 -------------------------- o Thread safety: all remaining strtok() function calls were replaced with their thread-safe counterparts - strtok_r(). o Thread safety: all localtime() function calls were replaced with their thread-safe counterparts - localtime_r(). o Thread safety: all ttyname() functions were replaced with their thread-safe counterparts - ttyname_r(). o Thread safety info: the remaining non-thread-safe functions that are used are: - getenv() - strerror() getenv() does not have any thread-safe counterpart, so it was left as it was. If anyone uses threaded programs that do lots of execv() calls, then these programs should modify environment and execute programs in mutexed manner. strerror() is used in lib/liblcthw as define, therefore an easy fix is not possible. This doubly linked list implementation needs a general overhaul anyway. o RH packaging bugfix: do not fail the installation if directory already exists. (Brendan Germain - bcg62@github) o Feature: added new filter only_tty. Logs only commands associated with a TTY. (Jack DeLoach - urq@github) o Bugfix (#92 @ GitHub): fix false warning about open file descriptors when running valgrind. 2015-06-18 - Version 2.4.3 -------------------------- o Build bugfix: include forgotten files in distribution package (version detection script, some test files, etc). 2015-06-18 - Version 2.4.2 -------------------------- o Version skipped. 2015-06-18 - Version 2.4.1 -------------------------- o Bugfix: tests/datasource/snoopy_version was failing because regex was untested on full-release (non-development/preview) versions. Fixed. 2015-06-18 - Version 2.4.0 -------------------------- o Change: configuration file (snoopy.ini) support is now enabled by default. o Change: filtering support is now enabled by default. o Change: Removal of deprecated feature: removed ./configure flag --enable-root-only. An error message will be emited by ./configure if this deprecated flag is encountered. General filtering should be used instead, like this: --enable-filtering --with-filter-chain="only_uid:0". o Enhancement: EXPERIMENTAL support for thread-safety added. o Feature: added new datasource snoopy_threads, that returns count of threads that Snoopy is currently configured for. o Feature: added new dummy data source: snoopy_literal. Returns its own argument. o Feature: added new data source: tid (Thread ID). o Feature: added new data source: tid_kernel (Thread ID, as retured by Linux kernel). o Feature: syslog ident string is now configurable, via ./configure line or via snoopy.ini. o Feature: added two new data sources: hostname and domain. o Feature: added a new output: devnull - writes to /dev/null black hole. o Feature: added a new output: devtty - writes to /dev/tty directly. o Feature: added two new outputs: stderr and stdout. o Feature: added new data source: snoopy_literal (dummy) o Feature: Full test suite is now implemented. It contains unit tests for every datasource, filter and all outputs that can actually be tested (testing syslog output provider is a bit inconvenient, for example). Additionally there are combined tests that check Snoopy functionality as a whole, as much as this can be done. Config file parsing is tested too. This test suite is now used at the following occasions: - when installing Snoopy via snoopy-install.sh script, - when submitting contribution pull request on GitHub, - when creating release package. o Bugfixes: see git history for details. o Internal feature: created generic argument parser. It should be used by all subcomponents that require CSV argument parsing. o Internal enhancement: iniparser upgraded to version 4.0. Also migrated to git submodule. o Internal enhancement: iniparser migrated to nested autotools subpackage. o Internal refactoring: make all arguments (that are applicable to be changed) to datasources, filters and outputs, constant string pointers. o Build bugfix: actually halt if some required header file, function or library is missing. Before this fix it only displayed "checking for X... no" error message and the process went on (not for all resources, but for many). o Build refactoring: do not build development tools by default o Build refactoring: now supports --enable-everything configuration flag. o Build refactoring: optimize configuration process, output relevant settings for review. o Build refactoring: optimized configure.ac to use way less code than before. This was achieved by abstracting common stuff into special macros stored in build/snoopy.m4. o Build refactoring: switched to non-verbose build output by default. Use 'make V=1' to revert to the old (verbose) behaviour. o Build refactoring: enabled -std=c99 and -pedantic build flags, to catch even more potential errors. o Release process: all release packages are now checked with CI provided by Travis-CI.org. o Release process: all release packages are now checked with Coverity Scan. o Release process: all release packages are now checked with "make distcheck" make target, to ensure proper builds. o Contribution process: all pull requests are automatically checked by Travis-CI. 2015-05-28 - Version 2.3.2 -------------------------- o Bugfix (#73 @ GitHub): fixed installation problem on systems that do not set executable flag for shared library files. (reported by Evgenii Terechkov - evgkrsk @ GitHub) 2015-05-24 - Version 2.3.1 -------------------------- o Bugfix (#68 @ GitHub): fixed build failure on SLES - mismatching prototype in error.c/.h (reported by GitHub user @tparkercbn). 2015-05-11 - Version 2.3.0 -------------------------- o Feature: new data source: datetime (returns current date and time in ISO8601 format). o Feature (#54 @ GitHub): new data sources: timestamp, timestamp_ms and timestamp_us o Feature (#55 @ GitHub): file output is now configurable with ./configure flag --with-default-output=OUTPUT_SPEC. o Feature (#53 @ GitHub): file output provider implemented. Snoopy is now capable of logging directly to file, if filesystem permissions do not prevent it. o Bugfixes: resolved all nine Coverity bugs (#80899-#80909), covering various resource leaks, unchecked string writes etc. o Bugfixes: resolved six additional coverity bugs (82437-82442) o Refactoring build process: config file comments now reflect which data sources, filters and outputs are available in given Snoopy installation/ package/build. o Refactoring build process: all data sources, filters and outputs can now be enabled/disabled individually by ./configure flags. This should make Snoopy less vulnerable if securing installation by reducing attack surface is desired. Each group (data sources, filters and outputs) can also be disabled with a single --enable-all-* ./configure flag. o Refactoring build process: removed all stale files which are copied/symlinked by autoreconf; updated makefiles to enable building outside of source tree; renamed some outputs to maintain naming consistency; reduced complexity and size of configure.ac by abstracting certain functionality into dedicated macros; moved as many build-time files as possible from root into build/aux/ directory; o Enhancement: specify in debian build recipe that libsnoopy package is to supersed old 'snoopy' package. (Contributed by Frederic Mora) o Refactoring: do not include filtering code if filtering is not enabled on ./configure line. o Refactoring #50 (GitHub): change ./configure flag --enable-filter to --enable-filtering, to prepare Snoopy for future changes (per-datasource, per-filter and per-output configure flags). o Bug #49 (GitHub): reset configuration values back to their corresponding defaults when running final cleanup. This prevents buffer overflows on next Snoopy invocations when config file is not found anymore. o Enhancement #48: do not include code for config file in the final library when config file is not enabled at all (via ./configure argument). o Feature #45: new filter that excludes Snoopy log entries from certain processes. (Code contributed by Frederic Mora) o Bug #44 / Enhancement #42: upgraded iniparser compotent to latest git version, the one that was included before was causing problems in threaded environments (java). o Refactoring #41: change term "input provider" to "data source", to more accurately reflect what is actually going on in that part of code. o Enhancement #42: upgraded included iniparser component to latest git version. This hopefully resolves issues with threaded processes. o Repository refactoring: removed all files that are created/copied by autotools suite, and added them to gitignore. o Include documentation in release packages from now on. 2015-04-27 - Version 2.2.8 --------------------------- o Bugfix #39: prevent double freeing of message_format and filter_chain variables when snoopy.ini suddenly disappears from filesystem. (reported by Ariel Zach) o Bugfix #39-2: Fix invalid parsing in rpname input provider - check the line that is read from /proc/PID/status and verify that it is non-empty and that it actually contains colon character before attempting to parse it. (reported and initial fix authored by Ariel Zach) o Bugfix #46: prevent bufffer overflow in cmdline input provider (reported by Ariel Zach) o Bugfix and refactoring: rpname input provider was leaking some memory, and it was made more logically structured (variables and if conditions were changed to more logical and coherent naming, to align it better with the rest of Snoopy code). o Bugfix #47: Bugfix #39 inadvertently introduced a doublefree bug when filter chain was specified in snoopy.ini. (reported by Ariel Zach) 2015-03-26 - Version 2.2.7 --------------------------- o Feature: added new input provider %{rpname} - gets root process name (submitted by Ariel Zach) 2015-03-06 - Version 2.2.6 --------------------------- o Feature: added new input provider %{env_all} - logs whole environment o Feature: added new input provider %{pid} - provides process id o Feature: added new input provider %{ppid} - provides parent process id o Bugfix: Fixed improper return value checking in all input providers that work with literal usernames and groups. This was causing shutdown hangs on RH/CentOS 7 systems that use systemd, with additional special conitions: - compiled-in message_format must have included these input providers, - when only configured in snoopy.ini, they did not trigger this bug. 2015-03-04 - Version 2.2.5 --------------------------- o Bugfix: devlog output provider was not resetting configuration to original values after it called socket output provider as its subroutine. o Bugfix: added support for 'make install DESTDIR=...' in etc/Makefile.am o Bugfix: fixed installation of snoopy.ini in nonexistent directory 2015-01-27 - Version 2.2.4 --------------------------- o Bugfix: devlog output was not implemented properly, it was missing log facility and log level specification. This resulted in Snoopy output appearing on user's console, as everything was treated with EMERG severity. On CentOS/RH messages of this severity are forwarded to console by default. o Bugfix: Install configuration file with .NEW suffix, and warn the user. 2015-01-27 - Version 2.2.3 --------------------------- o Bugfix: fixed compilation issues on pre 2.09 glibc platforms (SOCK_NONBLOCK, SOCK_CLOEXEC missing) 2015-01-20 - Version 2.2.2 --------------------------- o Bugfix: fixed compilation issues on pre 2.12 glibc platforms (getsid) 2015-01-11 - Version 2.2.1 --------------------------- o Feature: added support for configurable output selection o Feature: added dummy input provider: snoopy_version o Bugfix: changed default output provider from syslog to devlog (non-blocking socket as workaround for systemd's buffered/blocking /dev/log socket) 2015-01-11 - Version 2.2.0 --------------------------- o Never released. 2014-11-08 - Version 2.1.0 --------------------------- o Enhancement: strict checking of ./configure --with-syslog-* values o Enhancement: enabled configuration of syslog facility and level from configuration file 2014-11-07 - Version 2.0.1 --------------------------- o Bugfix: fixed uninitialized pointer in filter/exclude_uid.c and only_uid.c o Enhancement: prefix all iniparser errors with "SNOOPY " prefix, so it is evident where errors are coming from o Bugfix: changed --with-config-file to --enable-config-file. Having two ways to specify where configuration file exists is redundant and confusing. 2014-11-05 - Version 2.0.0 --------------------------- o Feature: Added support for custom message format specification at configuration time o Feature: New input providers: - egroup (thanks Sébastien Gross) - env (thanks Taylor Kimball) - eusername (thanks Sébastien Gross) - group (thanks Sébastien Gross) - login (thanks Sébastien Gross) - username (thanks Sébastien Gross) - tty_uid (thanks Tony Malkowski) - tty_username o Feature: Implemented internal filtering, with the following filters available: - exclude_uid - only_root - only_uid o Feature: Added optional support for INI configuration file o Feature: Added envp data to intputdatastorage if execve() is used. Prepared for future inputs to consume it. o Feature: Created snoopy-enable and snoopy-disable system scripts. o Distro packaging: added debian/ubuntu packaging data (by Sebastien Gross) o Distro packaging: added rhel/centos package spec file (by Jeremy Brown) o Refactoring: Separated data gathering into separate functions, to be used at will - now they are called "input providers" o Refactoring: Removed external filtering, to be replaced with internal filtering capability in the making o Refactoring: Removed logging exclusion via prefix, was created for exclusion of logging of external filter commands o Refactoring: switched to autotools completely o Refactoring: all builds now use -Wall and -Werror o Refactoring: removed --enable-cwd-logging (superseded by message formatting options and input provider) o Refactoring: Snoopy library is now called libsnoopy.so instead of snoopy.so, to conform to autotools syntax o Refactoring: ./configure: removed many bugs, added proper syntax and error messages to help user decide what she wants o Refactoring: added 'proper' (unified) error handling o Refactoring: moved input testing to separate executable, which does not get installed, but is only intended for development/debugging o Refactoring: created proper initialization/shutdown methods o Documentation: added into about writing new input providers o Bugfix: fixed compilation failure on debian in inputs/cwd.c (thanks Sébastien Gross) o Bugfix: missing snoopy.ini in distribution tarball (thanks Jeremy Brown) o Bugfix: When uninstalling, also disable Snoopy (remove from /etc/ld.so.preload). 2013-04-06 - Version 1.9.0 --------------------------- o Bugfix: fixed bug with unclosed /dev/log descriptor which caused hangs o Feature: System-dependent exec() argument length support added (thanks Jeff Schroeder) o Refactoring: README updated with Markdown format, for nicer display at github 2013-02-03 - Version 1.8.1 --------------------------- o Bugfix: enable.sh was not /bin/sh compliant, fixed (thanks "phe") 2011-03-06 - Version 1.8.0 --------------------------- o Feature: syslog facility is now configurable o Feature: syslog level is now configurable o Feature: external filter support available o Feature: single path prefix filtering available 2010-10-10 - Version 1.7.10 --------------------------- o Fixed bug with long command lines (thanks Luis Fernando Muñoz Mejías) 2010-10-10 - Version 1.7.6 --------------------------- o Quick fix of buggy patch applied in previous release 2010-10-10 - Version 1.7.5 --------------------------- o Build for 64bit machines and destdir support for RPMs (Aldemira) o Fixed 1-byte memory leak introduced in previous release 2010-09-24 - Version 1.7.2 --------------------------- o Logs current tty (initial patch provided by Aldemira user on SourceForge) 2010-02-11 - Version 1.6.1 --------------------------- o Logs current working directory 2010-02-09 - Version 1.6.0 --------------------------- o Uses autotools now o Changed installation procedure o Rewritten logging function to avoid memory leaks o No more segfaults on 64bit platforms o Program name and argument lengths limited to 4096 bytes o Many thanks to otheus for supplying a patch on SourceForge one and a half years ago, it helped tremendously. 2010-02-09 - Version 1.5.0 --------------------------- o Updated to compile and work without segfaults on 32bit and 64bit platforms o Project maintenance taken over by Bostjan Skufca Sun December 10 - Version 1.3 ------------------------------ o Altered logging mechanism for performance o Added new way of logging (can choose) o Added an integrity check (optional) Wed October 25 - Version 1.2a ----------------------------- o ROOT_ONLY behavior now works again, thanks to adrian.head@bytecomm.com.au for notifying us! Thu October 10 - Version 1.2 ----------------------------- o Fixed small bug with rather adverse side effects. Thu August 17 - Version 1.1 ---------------------------- o Added support for execv(). Although execv() calls execve() [as described in the man page], execv() calls don't seem to log. They now do. Will investigate this issue a bit further. o Made logging code modular, as to accomodate for the extra overload that execv() brought. Thu August 3 - Version 1.00 ---------------------------- o Cleaned up the codebase a bit o Added the output of username and sid (PID of the login shell) to the logged output o Fixed install.sh to be compatible with older (v1.0) bash shells snoopy-snoopy-2.4.6/Makefile.am000066400000000000000000000040701276626320200164420ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Local configuration changes # AUTOMAKE_OPTIONS = foreign subdir-objects ACLOCAL_AMFLAGS = -I build/m4 ### Subdir processing order # # Process etc/ before other subdirs # # If Snoopy has config file enabled, then there is a small time frame # between installation of library and subsequent installation of # initial configuration file where iniparser emits an error about # configuration file not being found. Therefore we first install # configuration file and only then the Snoopy library itself. # # Also, lib/ must be processed before src/, as iniparser is needed # there if config file is enabled. # SUBDIRS = if CONFIGFILE_ENABLED SUBDIRS += etc SUBDIRS += lib endif SUBDIRS += src SUBDIRS += util SUBDIRS += doc SUBDIRS += tests ### Additional files to distribute in distribution package # EXTRA_DIST = \ build/get-version.sh \ README.md ### Make check aliases # checks: check test: check tests: check ### Enable/disable targets # enable: install echo ; \ $(top_builddir)/util/snoopy-enable ; \ echo ; disable: echo ; \ $(top_builddir)/util/snoopy-disable \ echo ; # Disable it if we are uninstalling it, to avoid error messages # about missing library that should be preloaded. uninstall-local: disable ### Clean these files additionally # # Clean release files clean-local: rm -rf snoopy-[0-9].[0-9].* ; \ rm -f snoopy-*.tar.gz* ; \ rm -f snoopy-latest-*.txt ; \ rm -rf cov-int* ; # Clean all files that were generated by bootstrap.sh or autoscan maintainer-clean-local: rm -f aclocal.m4 ; \ rm -f autoscan.log ; \ rm -fr build/aux/ ; \ rm -fr build/m4/ ; \ rm -f configure ; ### Maintainer targets # # # Bootstrap: simplify maintainer's life # .PHONY: bootstrap bootstrap: maintainer-clean ./bootstrap.sh # # # Valgrind: run valgrind # .PHONY: valgrind valgrind: all valgrind -v \ --error-exitcode=1 \ --track-fds=yes \ --smc-check=all \ --leak-check=full \ --undef-value-errors=yes \ --track-origins=yes \ ./util/snoopy-run-everything ; snoopy-snoopy-2.4.6/README.md000066400000000000000000000233161276626320200156710ustar00rootroot00000000000000# Snoopy Logger Snoopy is a tiny library that logs all executed commands (+ arguments) on your system. [![Flattr Snoopy Logger project](http://api.flattr.com/button/flattr-badge-large.png)](https://flattr.com/submit/auto?user_id=a2o&url=https://github.com/a2o/snoopy&title=Snoopy Logger) Master: [![Build Status - Master](https://travis-ci.org/a2o/snoopy.svg?branch=master)](https://travis-ci.org/a2o/snoopy/branches) [![Coverity Scan](https://scan.coverity.com/projects/4973/badge.svg?flat=1)](https://scan.coverity.com/projects/4973) Stable: [![Build Status - Stable](https://travis-ci.org/a2o/snoopy.svg?branch=stable)](https://travis-ci.org/a2o/snoopy/branches) Chat: [![Join the chat at https://gitter.im/a2o/snoopy](https://badges.gitter.im/a2o/snoopy.svg)](https://gitter.im/a2o/snoopy?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge&utm_content=badge) INFO: Snoopy is not a reliable auditing solution. Rogue users can easily manipulate environment to avoid logging by Snoopy. See [this FAQ entry](https://github.com/a2o/snoopy/blob/master/doc/FAQ.md#5-i-see-no-snoopy-output-after-initial-user-login). ## Table of contents * [Snoopy Logger](#snoopy-logger) * [Table of contents](#table-of-contents) * [News](#news) * [Installation](#installation) * [I.1 Version information and download links](#i1-version-information-and-download-links) * [Output](#output) * [Configuration](#configuration) * [Support](#support) * [S.1 Keep all communication public](#s1-all-keep-communication-public) * [S.2 Supported Snoopy versions](#s2-supported-snoopy-versions) * [S.3 Reporting bugs](#s3-reporting-bugs) * [S.4 Feature requests](#s4-feature-requests) * [S.5 Free support](#s5-free-support) * [S.6 Commercial support](#s6-commercial-support) * [Contributing to Snoopy development](#contributing-to-snoopy-development) * [License](#license) * [Credits](#credits) ## News 2016-09-14: **Snoopy 2.4.6 released!** Maintenance release. 2016-03-05: **Snoopy 2.4.5 released!** Maintenance release. 2015-08-28: **Snoopy 2.4.4 released!** Mainly maintenance release, with new filter: only_tty, which should cut down noise from non-tty processes considerably. 2015-06-18: **Snoopy 2.4.0 released!** Many changes, see the ChangeLog. Experimental thread safety added. All users are encouraged to upgrade to Snoopy version 2.4.0+ immediately. ## Installation The easiest way to start using Snoopy is to execute one of the following commands (as root). To install the latest **STABLE** version of Snoopy, use this command: rm -f snoopy-install.sh && wget -O snoopy-install.sh https://github.com/a2o/snoopy/raw/install/doc/install/bin/snoopy-install.sh && chmod 755 snoopy-install.sh && ./snoopy-install.sh stable To install the latest **DEVELOPMENT** version of Snoopy, use this: rm -f snoopy-install.sh && wget -O snoopy-install.sh https://github.com/a2o/snoopy/raw/install/doc/install/bin/snoopy-install.sh && chmod 755 snoopy-install.sh && ./snoopy-install.sh git-master That is it. Detailed installation instructions are available here: [doc/INSTALL.md](doc/INSTALL.md) ### I.1 Version information and download links | Version | Download URI | | ---------------------------- | ---------------------------------------------------------- | | Latest stable release | http://source.a2o.si/download/snoopy/snoopy-2.4.6.tar.gz | | Latest development release | (N/A, clone this git repo, use master branch) | | All releases | http://source.a2o.si/download/snoopy/ | ## Output This is what typical Snoopy output looks like: 2015-02-11T19:05:10+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679 tty:/dev/pts/2 cwd:/root filename:/usr/bin/cat]: cat /etc/fstab.BAK 2015-02-11T19:05:15+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679 tty:/dev/pts/2 cwd:/root filename:/usr/bin/rm]: rm -f /etc/fstab.BAK 2015-02-11T19:05:19+00:00 labrat-1 snoopy[896]: [uid:0 sid:11679 tty:/dev/pts/2 cwd:/root filename:/usr/bin/tail]: tail -f /var/log/messages These are default output locations on various Linux distributions: * CentOS: /var/log/secure * Debian: /var/log/auth.log * Ubuntu: /var/log/auth.log * others: /var/log/messages (potentially, not necessarily) For actual output destination check your syslog configuration. ## Configuration Most parts of Snoopy are/can be/should be configured at build time. However, since version 2.0.0 Snoopy supports optional configuration file. Snoopy's automated installation procedure enables configuration file support by default. Configuration file path is /etc/snoopy.ini. For additional information consult comments in default configuration file [etc/snoopy.ini](etc/snoopy.ini.in) and read appropriate sections of [doc/INSTALL.md](doc/INSTALL.md). ## Support ### S.1 Keep all communication public Due to the fact that you need support, there is a good chance someone else will stumble upon the same issue soon too. For this reason it is crucial that all communication is kept public. Search engines can then pick this content up, index it, and hopefully present it to the next soul with the same problem. GitHub is currently *the* meeting point for all Snoopy-related content. Therefore you should use GitHub issues for any kind of communication about Snoopy, with the sole exception of commercial support - that should be the only reason for contacting maintainer directly via email. ### S.2 Supported Snoopy versions **Only latest released version of Snoopy is "supported"!** Any version that is not the latest (stable or development) is not supported. Please do not submit any bugfix/feature/change requests related to old and thus unsupported Snoopy versions. ### S.3 Reporting bugs **If you encounter an issue with Snoopy, proceed with the following steps:** 1. make sure you are using the latest version of Snoopy! 1. this DOES NOT mean the last version 'apt-get install snoopy' provides, 2. this means the latest version available at https://github.com/a2o/snoopy/ 2. consult FAQ first: [doc/FAQ.md](doc/FAQ.md), 3. search the internets (using Google for example), 4. search the Snoopy issue tracker: https://github.com/a2o/snoopy/issues/, 5. if the problem still persist, create a new issue on GitHub, but you must: 1. make sure your issue is reproducible using the latest version of Snoopy, 2. provide the following data: 1. Snoopy version used and how did you install it? 2. Linux distribution you are using? 3. Which software is crashing because of Snoopy (whole system, one program)? 4. Trace of your program that crashes. 3. if possible, provide a patch (by creating a pull request on GitHub) that fixes (or at least tries to fix) the reported issue. ### S.4 Feature requests "I need Snoopy to do this and that!" Heard too many times. This is Open Source software. It is created, maintained and contributed to by people who donate their time and expertise to the project. Therefore donated time is primarily spent on topics of their interest, so naturally Snoopy is subjected to FOSS toilet paradox: designing a futuristic toilet is fun, but fixing it when it gets clogged is something no one is willing to do for free. You can read the extensive explanation of this analogy here: http://blog.enfranchisedmind.com/2009/07/fyi-my-open-source-users/ If you need a specific feature that is currently not implemented, you have three options: 1. Implement it yourself. Once done, you can: 1. contribute it back to Snoopy by creating a pull request - you are welcome to do so; 2. keep your code private, no one is stopping you (but make sure you comply with license restrictions). 2. Ask someone (who has required expertise) to do it. Payment may be expected. 3. Commercial support. **However**, if you think you have came up with a very nice feature, but you do not know how to implement it, yet you think other people might find use for it, do not hesitate and open an Issue on GitHub: https://github.com/a2o/snoopy/issues That way the idea will be kept around and maybe someone will pick it up and implement it. ### S.5 Free support Use GitHub Issues: https://github.com/a2o/snoopy/issues Do not send email to maintainers for free support. ### S.6 Commercial support Commercial support for Snoopy is available. Contact current maintainer via email for details. ## Contributing to Snoopy development See [CONTRIBUTING.md](CONTRIBUTING.md). See [doc/internals/README.md](doc/internals/README.md) for information about internal structure of Snoopy and how all pieces fit together. ## License Snoopy is released under GNU General Public License version 2. Snoopy was originally released under GNU GPLv2 license, and during the course of it's life various people contributed code to it under the same license. Therefore Snoopy continues to be released under GNU GPLv2 license, as this is the only license all contributors agreed to, up to this point. Should some entity (individual or corporation) desire to obtain Snoopy under a different license (commercial, for example), a consent from all contributors will be required. ## Credits Snoopy development is currently located at the following URI: http://github.com/a2o/snoopy/ Additional git mirrors (read-only) are available here: https://gitlab.com/a2o/snoopy/ https://bitbucket.org/bostjan/snoopy/ https://git.teon.si/a2o/snoopy/ Snoopy Logger was originally created and maintained by: Marius Aamodt Eriksen Mike Baker List of contributors is available at the following locations: - in the Snoopy's ChangeLog file; - in the list of pull requests on GitHub. Snoopy is currently maintained by: Bostjan Skufca snoopy-snoopy-2.4.6/bootstrap.sh000077500000000000000000000047451276626320200167730ustar00rootroot00000000000000#!/bin/bash ### Shell setup # # Treat all errors as fatal and trace the progress # set -e ### Check autotools version # RES=`autoreconf --version | head -n1 | cut -d' ' -f4 | sed -e 's/\.//'` if [ "$RES" -lt "268" ]; then IGNORE_OLD_TOOLCHAIN="${1:-no}" if [[ "$IGNORE_OLD_TOOLCHAIN" != "geezer-os" ]] && [[ "$IGNORE_OLD_TOOLCHAIN" != "old-fart" ]] ; then echo echo "###" echo "### WARNING:" echo "### WARNING: Your autotools version is too old." echo "### WARNING:" echo "###" echo "### More information and workaround is available here:" echo "### https://github.com/a2o/snoopy/blob/master/doc/HACKING.md#older-oses" echo "###" echo "### The workaround is now performed by ./bootstrap.sh automatically." echo "### This warning can be suppressed by using the following command:" echo "###" echo "### ./bootstrap.sh geezer-os" echo "###" echo else echo echo "### INFO: Ignoring too-old autotools suite." echo fi echo "BOOTSTRAP: Adjusting configure.ac for old OS:" MYDIR=`dirname $0` SNOOPY_VERSION_LITERAL=`$MYDIR/build/get-version.sh | sed -e 's/$/-geezer-os/'` SNOOPY_VERSION_CONFIGURE_AC=`echo "$SNOOPY_VERSION_LITERAL" | sed -e 's/^/ [/' | sed -e 's/$/],/'` echo -n "BOOTSTRAP: - version from script to literal string '$SNOOPY_VERSION_LITERAL'... " sed -i "s/^ m4_esyscmd_s.*/$SNOOPY_VERSION_CONFIGURE_AC/" configure.ac echo "done." echo "BOOTSTRAP: All done." echo "BOOTSTRAP: IMPORTANT NOTICE: Do not commit these changes!" echo fi ### Check if submodules are checked out, and do it if not # if [ ! -e lib/iniparser/.git ]; then echo "###" echo "### Cloning git submodules:" echo "###" echo git submodule init git submodule update fi ### Clear cache # if [ -d autom4te.cache ]; then rm -rf autom4te.cache fi ### Bug in aclocal: manually create m4 directory if it does not exist # if [ ! -d build/m4 ]; then mkdir -p build/m4 fi if [ ! -d lib/iniparser/build/m4 ]; then mkdir -p lib/iniparser/build/m4 fi ### Signal process start # echo "###" echo "### Starting AutoTools run:" echo "###" echo ### Run autotools # autoreconf -i -v ### Remove stale/backup files # rm -f config.h.in~ ### Signal success and exit # echo echo "###" echo "### AutoTools run was completed sucessfully." echo "### You should run ./configure now." echo "###" echo snoopy-snoopy-2.4.6/build/000077500000000000000000000000001276626320200155045ustar00rootroot00000000000000snoopy-snoopy-2.4.6/build/Makefile.am.common000066400000000000000000000004121276626320200210240ustar00rootroot00000000000000### Autoconf defaults # MAINTAINERCLEANFILES = Makefile.in ### Automake defaults # # Note: # -I$(top_srcdir) is here for #include 'lib/iniparser/src/iniparser.h' to work # AM_CFLAGS = -Wall -Werror -Wextra -Wno-unused-parameter -std=c99 -pedantic -I$(top_srcdir) snoopy-snoopy-2.4.6/build/coverity-settings.conf.SAMPLE000066400000000000000000000001451276626320200230350ustar00rootroot00000000000000COVERITY_EMAIL=`git config user.email` COVERITY_TOKEN="" COVERITY_BUILD_VERSION=`git rev-parse HEAD` snoopy-snoopy-2.4.6/build/get-random-configure-flags.sh000077500000000000000000000107711276626320200231570ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u MYDIR=`dirname $0` ### Collect all ./configure settings # # Ignore the following switches: # --only-root (deprecated), # --enable-dev-tools (not needed), # --output-file (always needed) # --output-socket (always needed) # OTHERS=" everything config-file error-logging thread-safety all-datasources all-outputs filtering all-filters " DATASOURCES=`cat $MYDIR/../configure.ac | grep SNOOPY_CONFIGURE_DATASOURCE_ | cut -d'[' -f2 | cut -d']' -f1 | sed -e 's/^/datasource-/'` FILTERS=`cat $MYDIR/../configure.ac | grep SNOOPY_CONFIGURE_FILTER_ | cut -d'[' -f2 | cut -d']' -f1 | sed -e 's/^/filter-/'` OUTPUTS=`cat $MYDIR/../configure.ac | grep SNOOPY_CONFIGURE_OUTPUT_ | cut -d'[' -f2 | cut -d']' -f1 | sed -e 's/^/output-/' | grep -Ev '^output-(file|socket)$'` ALL_CONFIGURE_OPTS="$OTHERS $DATASOURCES $FILTERS $OUTPUTS" # Make associative array for this declare -A ALL_CONFIG_OPTS_ASSOC for OPT in $ALL_CONFIGURE_OPTS; do ALL_CONFIG_OPTS_ASSOC[$OPT]="unspecified" done ### Select random set of options # for OPT in "${!ALL_CONFIG_OPTS_ASSOC[@]}"; do RN=$[ RANDOM % 3 ] case $RN in 0) ALL_CONFIG_OPTS_ASSOC[$OPT]="enable" ;; 1) ALL_CONFIG_OPTS_ASSOC[$OPT]="disable" ;; 2) ALL_CONFIG_OPTS_ASSOC[$OPT]="unspecified" ;; esac done ### Adjust selections # # Thread safety needs to be enabled for this datasource # if [ "${ALL_CONFIG_OPTS_ASSOC["datasource-snoopy_threads"]}" == "enable" ]; then ALL_CONFIG_OPTS_ASSOC["thread-safety"]="enable" fi if [[ "${ALL_CONFIG_OPTS_ASSOC["everything"]}" == "enable" ]] || [[ "${ALL_CONFIG_OPTS_ASSOC["all-datasources"]}" == "enable" ]]; then if [ "${ALL_CONFIG_OPTS_ASSOC["datasource-snoopy_threads"]}" != "disable" ]; then ALL_CONFIG_OPTS_ASSOC["thread-safety"]="enable" fi fi if [[ "${ALL_CONFIG_OPTS_ASSOC["everything"]}" == "unspecified" ]] && [[ "${ALL_CONFIG_OPTS_ASSOC["all-datasources"]}" == "unspecified" ]]; then if [ "${ALL_CONFIG_OPTS_ASSOC["datasource-snoopy_threads"]}" != "disable" ]; then ALL_CONFIG_OPTS_ASSOC["thread-safety"]="enable" fi fi ### Build output # SELECTED_OPTS="" for OPT in "${!ALL_CONFIG_OPTS_ASSOC[@]}"; do case ${ALL_CONFIG_OPTS_ASSOC[$OPT]} in enable) SELECTED_OPTS="$SELECTED_OPTS --enable-$OPT" ;; disable) SELECTED_OPTS="$SELECTED_OPTS --disable-$OPT" ;; esac done ### Add --with-syslog-facility flag by chance - manual for now # RN=$[ RANDOM % 2 ] case $RN in 0) # Skip ;; 1) SYSLOG_FACILITIES=( "AUTH" "AUTHPRIV" "CRON" "DAEMON" "FTP" "KERN" "LOCAL0" "LOCAL1" "LOCAL2" "LOCAL3" "LOCAL4" "LOCAL5" "LOCAL6" "LOCAL7" "LPR" "MAIL" "NEWS" "SYSLOG" "USER" "UUCP" ) SELECTED_SYSLOG_FACILITY=${SYSLOG_FACILITIES[$RANDOM % ${#SYSLOG_FACILITIES[@]} ]} # Also decide if we prefix it with LOG_ or not RN=$[ RANDOM % 2 ] case $RN in 0) PREFIX="LOG_" ;; 1) PREFIX="" ;; esac SELECTED_OPTS="$SELECTED_OPTS --with-syslog-facility=${PREFIX}${SELECTED_SYSLOG_FACILITY}" ;; esac ### Add --with-syslog-level flag by chance - manual for now # RN=$[ RANDOM % 2 ] case $RN in 0) # Skip ;; 1) SYSLOG_LEVELS=( "EMERG" "ALERT" "CRIT" "ERR" "WARNING" "NOTICE" "INFO" "DEBUG" ) SELECTED_SYSLOG_LEVEL=${SYSLOG_LEVELS[$RANDOM % ${#SYSLOG_LEVELS[@]} ]} # Also decide if we prefix it with LOG_ or not RN=$[ RANDOM % 2 ] case $RN in 0) PREFIX="LOG_" ;; 1) PREFIX="" ;; esac SELECTED_OPTS="$SELECTED_OPTS --with-syslog-level=${PREFIX}${SELECTED_SYSLOG_LEVEL}" ;; esac ### Add --with-syslog-ident flag by chance - manual for now # RN=$[ RANDOM % 2 ] case $RN in 0) # Skip ;; 1) SELECTED_OPTS="$SELECTED_OPTS --with-syslog-ident=FAKERANDOMSTRINGTODO" ;; esac ### Final output # echo $SELECTED_OPTS snoopy-snoopy-2.4.6/build/get-version.sh000077500000000000000000000041151276626320200203060ustar00rootroot00000000000000#!/bin/bash ### Description # # Expected output: # 1. 2.3.1 # 2. 2.3.1-dirty # 3. snoopy-2.3.1-146-gCOMMIT # 4. snoopy-2.3.1-146-gCOMMIT-dirty # # Options 1. and 2. are presented when current commit corresponds to explicit git tag. # Options 3. and 4. are for other occasions. # If tree is dirty, then add "-dirty" suffix. # ### Configure shell first # set -e set -u ### Check arguments # MODE=${1:-all} case $MODE in 'all') ;; 'git') ;; 'changelog') ;; *) echo "ERROR: Invalid mode: $MODE" exit 1 ;; esac #### First get current commit ## #CURRENT_COMMIT_HASH=`git rev-parse HEAD` # # # #### Check if current commit has corresponding tag ## #if git show-ref --tags | grep "^$CURRENT_COMMIT_HASH refs/tags" > /dev/null; then # CURRENT_TAG=`git show-ref --tags | grep "^$CURRENT_COMMIT_HASH refs/tags" | awk '{print $2}' | sed -e 's#^refs/tags##'` # CURRENT_PACKAGE_VERSION=`echo "$CURRENT_TAG" | sed -e 's/snoopy-//'` # # ### Is tree dirty? # # # if git describe --tags --dirty | grep -- '-dirty$' > /dev/null; then # CURRENT_PACKAGE_VERSION="${CURRENT_PACKAGE_VERSION}-dirty" # fi #else # # Here '-dirty' gets appended automatically # CURRENT_PACKAGE_VERSION=`git describe --tags --dirty` #fi ### Get current Snoopy version from git, if applicable # # Used for building from git, and for making RC packages # if [ "$MODE" == "all" -o "$MODE" == "git" ]; then if [ -d .git ]; then CURRENT_PACKAGE_VERSION=`git describe --tags --dirty | sed -e 's/^snoopy-//'` echo $CURRENT_PACKAGE_VERSION exit 0 fi fi ### Otherwise get it from ChangeLog # # Used only if ./bootstrap.sh is run from distribution package, not from git # if [ "$MODE" == "all" -o "$MODE" == "changelog" ]; then if [ -f ChangeLog ]; then CURRENT_PACKAGE_VERSION=`cat ChangeLog | grep -E '^[-0-9]+ - Version [.0-9]+$' | head -n1 | awk '{print $4}'` echo $CURRENT_PACKAGE_VERSION exit 0 fi fi ### Signal error # echo "Unable to determine Snoopy version (mode=$MODE)!" exit 1 snoopy-snoopy-2.4.6/build/snoopy.m4000066400000000000000000000313611276626320200173010ustar00rootroot00000000000000# # SNOOPY LOGGER # # File: snoopy.m4 # # Copyright (c) 2015 Bostjan Skufca # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software Foundation, # Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # ### ### PROGRAM CHECK Macros ### # # GENERAL ENTITY: ./configure output # # Args: # 1: program name to check, exact case # 2: variable to define, usually upper case (is prefixed with SNOOPY_PROG_ and suffixed with _FOUND) # 3: additional info if program is not found # AU_DEFUN([SNOOPY_PROG_CHECK], [ AC_CHECK_PROG(SNOOPY_PROG_$2_FOUND, $1, yes) if test x"$SNOOPY_PROG_$2_FOUND" != x"yes" ; then AC_MSG_ERROR([Please install "$1" program. Reason: $3]) fi ]) ### ### EVERYTHING default value ### # # Defines a variable based on if --enable/--disable-everything was specified, # and if not, the default value provided. # # Set default value # # Args: # 1: valuevariable to check # AU_DEFUN([SNOOPY_CONFIGURE_ENABLE_EVERYTHING_SET], [ if test "x$1" == "xyes"; then everything_enabled="yes" elif test "x$1" == "xno"; then everything_enabled="no" elif test "x$1" == "xunspecified"; then everything_enabled="unspecified" else AC_MSG_ERROR([--enable-everything does not take an argument. Got: $enableval]) fi ]) # Get default value # # Args: # 1: variable name to define # 2: default value, if no --enable/--disable-everything is specified. # AU_DEFUN([SNOOPY_CONFIGURE_ENABLE_EVERYTHING_GET], [ if test "x$everything_enabled" == "xyes"; then $1="yes" elif test "x$everything_enabled" == "xno"; then $1="no" else $1="$2" fi ]) ### ### ENABLE GENERIC ### # # Defines a variable based on if --enable/--disable-everything was specified, # and if not, the default value provided. # # ENABLE GENERIC: Set values if SPECIFIED (as ./configure argument) # # Args: # 1: configure flag, without --enable/--disable prefix # 2: variable name, including "_enabled" suffix # 3: enableval value # 4: additional help content, if invalid value is provided # AU_DEFUN([SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED], [ if test "x$3" == "xyes"; then $2="yes" elif test "x$3" == "xno"; then $2="no" else AC_MSG_ERROR([--enable/--disable-$1 does not take an argument. $4 Got: $enableval]) fi ]) # ENABLE GENERIC: Set values if *UN*SPECIFIED (as ./configure argument) # # Args: # 1: configure flag, without --enable/--disable prefix # 2: variable name, including "_enabled" suffix # 3: parent default value, used if specified # 3: default value, used if parent default value is unspecified # # AU_DEFUN([SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED], [ if test "x$3" == "xyes"; then $2="yes" elif test "x$3" == "xno"; then $2="no" else $2="$4" fi ]) # ENABLE GENERIC: Final macro # # Args: # 1: configure flag, without --enable/--disable prefix # 2: variable name, including "_enabled" suffix # 3: default value # # AU_DEFUN([SNOOPY_CONFIGURE_ENABLE_GENERIC_EVALUATE], [ AS_IF([test "x$1" = "xyes"], [ AC_DEFINE(SNOOPY_CONF_$2, 1, [$3]) ]) AM_CONDITIONAL([$2], [test "x$1" == "xyes"]) AC_MSG_NOTICE([Snoopy $3 enabled: $1]) ]) ### ### GENERAL ENTITY macros ### # # GENERAL ENTITY: ./configure output # # Args: # 1: entity type (lower case) # 2: entity type (upper case) # 3: entity id # 4: "yes" if enabled, "no" if disabled, anything else is displayed literally # AU_DEFUN([SNOOPY_CONFIGURE_ENTITY_MSG], [ AS_IF( [test "x" == "x"], [ dotLine=".................................................."; whatString="Snoopy $1 enabled: $3 "; whatStringPadded="$whatString${dotLine:${#whatString}}"; if test "x$4" == "xyes"; then AC_MSG_NOTICE([$whatStringPadded YES]) elif test "x$4" == "xno"; then AC_MSG_NOTICE([$whatStringPadded no]) else AC_MSG_NOTICE([$whatStringPadded $4]) fi ] ) ]) ### ### DATASOURCE Macros ### # # DATASOURCE: ./configure output AU_DEFUN([SNOOPY_CONFIGURE_DATASOURCE_MSG], [ # Do not put newline between last angled and regular closing brace, # it gets picked up as part of argument. SNOOPY_CONFIGURE_ENTITY_MSG([datasource], [DATASOURCE], [$1], [$2]) ]) # DATASOURCE: actual macro # # Args: # 1: datasource name # 2: datasource info # 3: enable/disable by default # 4: oposite of arg #3 # AU_DEFUN([SNOOPY_CONFIGURE_DATASOURCE_ENABLEDISABLE], [ AC_ARG_ENABLE(datasource-$1, [AC_HELP_STRING( [--$4-datasource-$1], [$4 datasource "$1". This datasource provides $2. [default=$3]] )], [ if test "x$enableval" == "xyes"; then enable_datasource_explicit_$1="yes" enable_datasource_$1="yes" elif test "x$enableval" == "xno" ; then enable_datasource_explicit_$1="no" enable_datasource_$1="no" else AC_MSG_ERROR([--$4-datasource-$1 does not take any arguments, got: $enableval]) fi ], [ enable_datasource_explicit_$1="undef" if test "x$enable_all_datasources" == "xyes"; then enable_datasource_$1="yes" elif test "x$enable_all_datasources" == "xno" ; then enable_datasource_$1="no" else if test "x$enable_everything" == "xyes"; then enable_datasource_$1="yes" elif test "x$enable_everything" == "xno" ; then enable_datasource_$1="no" else if test "x$3" == "xenable"; then enable_datasource_$1="yes" else enable_datasource_$1="no" fi fi fi ] ) AS_IF([test "x$enable_datasource_$1" = "xyes"], [ AC_DEFINE(SNOOPY_CONF_DATASOURCE_ENABLED_$1, 1, [Is datasource "$1" available?]) ]) AM_CONDITIONAL([DATASOURCE_ENABLED_$1], [test "x$enable_datasource_$1" == "xyes"]) AC_SUBST([enable_datasource_$1]) SNOOPY_CONFIGURE_DATASOURCE_MSG([$1], [$enable_datasource_$1]) ]) # DATASOURCE: alias macros AU_DEFUN([SNOOPY_CONFIGURE_DATASOURCE_ENABLE], [SNOOPY_CONFIGURE_DATASOURCE_ENABLEDISABLE([$1], [$2], [enable], [disable])]) AU_DEFUN([SNOOPY_CONFIGURE_DATASOURCE_DISABLE], [SNOOPY_CONFIGURE_DATASOURCE_ENABLEDISABLE([$1], [$2], [disable], [enable] )]) # DATASOURCE: force certain datasource to be enabled AU_DEFUN([SNOOPY_CONFIGURE_DATASOURCE_FORCE], [ AC_DEFINE(SNOOPY_CONF_DATASOURCE_ENABLED_$1, 1, [Is datasource "$1" available? Forced "Yes".]) AM_CONDITIONAL([DATASOURCE_ENABLED_$1], [test "x" == "x"]) AC_SUBST([enable_datasource_$1], [yes]) SNOOPY_CONFIGURE_DATASOURCE_MSG([$1], [YES (forced)]) ]) ### ### FILTER Macros ### # # FILTER: ./configure output AU_DEFUN([SNOOPY_CONFIGURE_FILTER_MSG], [ # Do not put newline between last angled and regular closing brace, # it gets picked up as part of argument. SNOOPY_CONFIGURE_ENTITY_MSG([filter], [FILTER], [$1], [$2]) ]) # FILTER: actual macro # # Args: # 1: filter name # 2: filter info # 3: enable/disable by default # 4: oposite of arg #3 # AU_DEFUN([SNOOPY_CONFIGURE_FILTER_ENABLEDISABLE], [ AC_ARG_ENABLE(filter-$1, [AC_HELP_STRING( [--$4-filter-$1], [$4 filter "$1". This filter provides $2. [default=$3]] )], [ if test "x$enableval" == "xyes"; then enable_filter_$1=yes elif test "x$enableval" == "xno" ; then enable_filter_$1=no else AC_MSG_ERROR([--$4-filter-$1 does not take any arguments, got: $enableval]) fi ], [ if test "x$enable_all_filters" == "xyes"; then enable_filter_$1="yes" elif test "x$enable_all_filters" == "xno" ; then enable_filter_$1="no" else if test "x$enable_filtering" == "xyes"; then enable_filter_$1="yes" elif test "x$enable_filtering" == "xno" ; then enable_filter_$1="no" else if test "x$everything_enabled" == "xyes"; then enable_filter_$1="yes" elif test "x$everything_enabled" == "xno" ; then enable_filter_$1="no" else if test "x$3" == "xenable"; then enable_filter_$1="yes" else enable_filter_$1="no" fi fi fi fi ] ) AS_IF([test "x$enable_filter_$1" = "xyes"], [ AC_DEFINE(SNOOPY_CONF_FILTER_ENABLED_$1, 1, [Is filter "$1" available?]) ]) AM_CONDITIONAL([FILTER_ENABLED_$1], [test "x$enable_filter_$1" == "xyes"]) AC_SUBST([enable_filter_$1]) SNOOPY_CONFIGURE_FILTER_MSG([$1], [$enable_filter_$1]) ]) # FILTER: alias macros AU_DEFUN([SNOOPY_CONFIGURE_FILTER_ENABLE], [SNOOPY_CONFIGURE_FILTER_ENABLEDISABLE([$1], [$2], [enable], [disable])]) AU_DEFUN([SNOOPY_CONFIGURE_FILTER_DISABLE], [SNOOPY_CONFIGURE_FILTER_ENABLEDISABLE([$1], [$2], [disable], [enable] )]) # FILTER: force certain filter to be enabled AU_DEFUN([SNOOPY_CONFIGURE_FILTER_FORCE], [ AC_DEFINE(SNOOPY_CONF_FILTER_ENABLED_$1, 1, [Is filter "$1" available? Forced "Yes".]) AM_CONDITIONAL([FILTER_ENABLED_$1], [test "x" == "x"]) AC_SUBST([enable_filter_$1], [yes]) SNOOPY_CONFIGURE_FILTER_MSG([$1], [YES (forced)]) ]) ### ### OUTPUT Macros ### # # OUTPUT: ./configure output AU_DEFUN([SNOOPY_CONFIGURE_OUTPUT_MSG], [ # Do not put newline between last angled and regular closing brace, # it gets picked up as part of argument. SNOOPY_CONFIGURE_ENTITY_MSG([output], [OUTPUT], [$1], [$2]) ]) # OUTPUT: actual macro # # Args: # 1: output name # 2: output info # 3: enable/disable by default # 4: oposite of arg #3 # AU_DEFUN([SNOOPY_CONFIGURE_OUTPUT_ENABLEDISABLE], [ AC_ARG_ENABLE(output-$1, [AC_HELP_STRING( [--$4-output-$1], [$4 output "$1". This output provides $2. [default=$3]] )], [ if test "x$enableval" == "xyes"; then enable_output_$1=yes elif test "x$enableval" == "xno" ; then enable_output_$1=no else AC_MSG_ERROR([--$4-output-$1 does not take any arguments, got: $enableval]) fi ], [ if test "x$enable_all_outputs" == "xyes"; then enable_output_$1="yes" elif test "x$enable_all_outputs" == "xno" ; then enable_output_$1="no" else if test "x$enable_everything" == "xyes"; then enable_output_$1="yes" elif test "x$enable_everything" == "xno" ; then enable_output_$1="no" else if test "x$3" == "xenable"; then enable_output_$1="yes" else enable_output_$1="no" fi fi fi ] ) AS_IF([test "x$enable_output_$1" = "xyes"], [ AC_DEFINE(SNOOPY_CONF_OUTPUT_ENABLED_$1, 1, [Is output "$1" available?]) ]) AM_CONDITIONAL([OUTPUT_ENABLED_$1], [test "x$enable_output_$1" == "xyes"]) AC_SUBST([enable_output_$1]) SNOOPY_CONFIGURE_OUTPUT_MSG([$1], [$enable_output_$1]) ]) # OUTPUT: alias macros AU_DEFUN([SNOOPY_CONFIGURE_OUTPUT_ENABLE], [SNOOPY_CONFIGURE_OUTPUT_ENABLEDISABLE([$1], [$2], [enable], [disable])]) AU_DEFUN([SNOOPY_CONFIGURE_OUTPUT_DISABLE], [SNOOPY_CONFIGURE_OUTPUT_ENABLEDISABLE([$1], [$2], [disable], [enable])]) # OUTPUT: force certain output to be enabled AU_DEFUN([SNOOPY_CONFIGURE_OUTPUT_FORCE], [ AC_DEFINE(SNOOPY_CONF_OUTPUT_ENABLED_$1, 1, [Is output "$1" available? Forced "Yes".]) AM_CONDITIONAL([OUTPUT_ENABLED_$1], [test "x" == "x"]) AC_SUBST([enable_output_$1], [yes]) SNOOPY_CONFIGURE_OUTPUT_MSG([$1], [YES (forced)]) ]) snoopy-snoopy-2.4.6/build/travis.sh000077500000000000000000000060461276626320200173610ustar00rootroot00000000000000#!/bin/bash ### Description # # Run build for travis. # # Three modes of operation, separated by first argument: # - 'build': build and run test suite # - 'build-random': build with random ./configure arguments # - 'install-script-local': test local install script # - 'install-script-remote': test public install script, used in public production # ### Configure shell first # set -e set -u ### Check arguments, determine operation mode # ALL_ARGS="$@" MODE=${1:-unknown} case $MODE in 'build') CONFIGURE_FLAGS=`echo "$ALL_ARGS" | sed -e 's/^build//'` ;; 'build-random') MODE="build" # Switch mode to normal build MYDIR=`dirname $0` CONFIGURE_FLAGS=`$MYDIR/get-random-configure-flags.sh` echo "Build will use the following random configure flags:" echo "./configure \\" echo $CONFIGURE_FLAGS | sed -e 's/ / \\\n/g'| sed -e 's/^/ /' ;; 'install-script-local') INSTALL_WHAT="$2" ;; 'install-script-remote') INSTALL_WHAT="$2" ;; *) echo "ERROR: Invalid run mode: $MODE" exit 1 ;; esac ### Run in 'build' mode # if [ "$MODE" == "build" ]; then ./configure $CONFIGURE_FLAGS make -j16 make -j16 check exit 0 fi ### Run in 'install-script-local' mode # if [ "$MODE" == "install-script-local" ]; then if [ "$INSTALL_WHAT" == "release-latest-stable" ]; then ./doc/install/bin/snoopy-install.sh stable exit 0 fi if [ "$INSTALL_WHAT" == "local" ]; then ./configure --enable-everything make -j16 make -j16 check make dist ./doc/install/bin/snoopy-install.sh snoopy-*.tar.gz exit 0 fi if [ "$INSTALL_WHAT" == "download-only" ]; then ./doc/install/bin/snoopy-install.sh download exit 0 fi echo "ERROR: Invalid run submode: $INSTALL_WHAT" exit 1 fi ### Run in 'install-script-remote' mode # if [ "$MODE" == "install-script-remote" ]; then if [ "$INSTALL_WHAT" == "release-latest-stable" ]; then rm -f snoopy-install.sh && wget -q -O snoopy-install.sh https://github.com/a2o/snoopy/raw/install/doc/install/bin/snoopy-install.sh && chmod 755 snoopy-install.sh && ./snoopy-install.sh stable exit 0 fi if [ "$INSTALL_WHAT" == "git-master" ]; then rm -f snoopy-install.sh && wget -q -O snoopy-install.sh https://github.com/a2o/snoopy/raw/install/doc/install/bin/snoopy-install.sh && chmod 755 snoopy-install.sh && ./snoopy-install.sh git-master exit 0 fi if [ "$INSTALL_WHAT" == "download-only" ]; then rm -f snoopy-install.sh && wget -q -O snoopy-install.sh https://github.com/a2o/snoopy/raw/install/doc/install/bin/snoopy-install.sh && chmod 755 snoopy-install.sh && ./snoopy-install.sh download exit 0 fi echo "ERROR: Invalid run submode: $INSTALL_WHAT" exit 1 fi ### Too far, error:) # echo "ERROR: Reached unreachable code point, mode: $MODE" exit 1 snoopy-snoopy-2.4.6/config.h.in000066400000000000000000000222001276626320200164240ustar00rootroot00000000000000/* config.h.in. Generated from configure.ac by autoheader. */ /* Define to 1 if you have the header file. */ #undef HAVE_CTYPE_H /* Define to 1 if you have the header file. */ #undef HAVE_DLFCN_H /* Define to 1 if you have the header file. */ #undef HAVE_ERRNO_H /* Define to 1 if you have the header file. */ #undef HAVE_FEATURES_H /* Define to 1 if you have the `fork' function. */ #undef HAVE_FORK /* Define to 1 if you have the `getcwd' function. */ #undef HAVE_GETCWD /* Define to 1 if you have the `gethostname' function. */ #undef HAVE_GETHOSTNAME /* Define to 1 if you have the `getsid' function. */ #undef HAVE_GETSID /* Define to 1 if you have the `gettimeofday' function. */ #undef HAVE_GETTIMEOFDAY /* Define to 1 if you have the header file. */ #undef HAVE_GRP_H /* Define to 1 if you have the header file. */ #undef HAVE_INTTYPES_H /* Define to 1 if you have the `dl' library (-ldl). */ #undef HAVE_LIBDL /* Define to 1 if you have the `pthread' library (-lpthread). */ #undef HAVE_LIBPTHREAD /* Define to 1 if you have the header file. */ #undef HAVE_LIMITS_H /* Define to 1 if you have the `localtime_r' function. */ #undef HAVE_LOCALTIME_R /* Define to 1 if your system has a GNU libc compatible `malloc' function, and to 0 otherwise. */ #undef HAVE_MALLOC /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H /* Define to 1 if you have the header file. */ #undef HAVE_PWD_H /* Define to 1 if you have the `socket' function. */ #undef HAVE_SOCKET /* Define to 1 if you have the header file. */ #undef HAVE_STDINT_H /* Define to 1 if you have the header file. */ #undef HAVE_STDIO_H /* Define to 1 if you have the header file. */ #undef HAVE_STDLIB_H /* Define to 1 if you have the `strchr' function. */ #undef HAVE_STRCHR /* Define to 1 if you have the `strdup' function. */ #undef HAVE_STRDUP /* Define to 1 if you have the header file. */ #undef HAVE_STRINGS_H /* Define to 1 if you have the header file. */ #undef HAVE_STRING_H /* Define to 1 if you have the `strstr' function. */ #undef HAVE_STRSTR /* Define to 1 if you have the header file. */ #undef HAVE_SYSLOG_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SOCKET_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_STAT_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_SYSCALL_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TIME_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_TYPES_H /* Define to 1 if you have the header file. */ #undef HAVE_SYS_UN_H /* Define to 1 if you have the header file. */ #undef HAVE_TIME_H /* Define to 1 if you have the header file. */ #undef HAVE_UNISTD_H /* Define to 1 if you have the `vfork' function. */ #undef HAVE_VFORK /* Define to 1 if you have the header file. */ #undef HAVE_VFORK_H /* Define to 1 if `fork' works. */ #undef HAVE_WORKING_FORK /* Define to 1 if `vfork' works. */ #undef HAVE_WORKING_VFORK /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #undef LT_OBJDIR /* Name of package */ #undef PACKAGE /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT /* Define to the full name of this package. */ #undef PACKAGE_NAME /* Define to the full name and version of this package. */ #undef PACKAGE_STRING /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME /* Define to the home page for this package. */ #undef PACKAGE_URL /* Define to the version of this package. */ #undef PACKAGE_VERSION /* Is config file parsing enabled? */ #undef SNOOPY_CONF_CONFIGFILE_ENABLED /* INI configuration file path to use */ #undef SNOOPY_CONF_CONFIGFILE_PATH /* Is datasource "cmdline" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_cmdline /* Is datasource "cwd" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_cwd /* Is datasource "datetime" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_datetime /* Is datasource "domain" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_domain /* Is datasource "egid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_egid /* Is datasource "egroup" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_egroup /* Is datasource "env" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_env /* Is datasource "env_all" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_env_all /* Is datasource "euid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_euid /* Is datasource "eusername" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_eusername /* Is datasource "filename" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_filename /* Is datasource "gid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_gid /* Is datasource "group" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_group /* Is datasource "hostname" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_hostname /* Is datasource "login" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_login /* Is datasource "pid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_pid /* Is datasource "ppid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_ppid /* Is datasource "rpname" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_rpname /* Is datasource "sid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_sid /* Is datasource "snoopy_literal" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_literal /* Is datasource "snoopy_threads" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_threads /* Is datasource "snoopy_version" available? Forced "Yes". */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_version /* Is datasource "tid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_tid /* Is datasource "tid_kernel" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_tid_kernel /* Is datasource "timestamp" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp /* Is datasource "timestamp_ms" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_ms /* Is datasource "timestamp_us" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_us /* Is datasource "tty" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_tty /* Is datasource "tty_uid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_tty_uid /* Is datasource "tty_username" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_tty_username /* Is datasource "uid" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_uid /* Is datasource "username" available? */ #undef SNOOPY_CONF_DATASOURCE_ENABLED_username /* Enable error logging */ #undef SNOOPY_CONF_ERROR_LOGGING_ENABLED /* filtering subsystem */ #undef SNOOPY_CONF_FILTERING_ENABLED /* Filter chain to use */ #undef SNOOPY_CONF_FILTER_CHAIN /* Is filter "exclude_spawns_of" available? */ #undef SNOOPY_CONF_FILTER_ENABLED_exclude_spawns_of /* Is filter "exclude_uid" available? */ #undef SNOOPY_CONF_FILTER_ENABLED_exclude_uid /* Is filter "only_root" available? */ #undef SNOOPY_CONF_FILTER_ENABLED_only_root /* Is filter "only_tty" available? */ #undef SNOOPY_CONF_FILTER_ENABLED_only_tty /* Is filter "only_uid" available? */ #undef SNOOPY_CONF_FILTER_ENABLED_only_uid /* Custom message format to use */ #undef SNOOPY_CONF_MESSAGE_FORMAT /* Default output provider */ #undef SNOOPY_CONF_OUTPUT_DEFAULT /* Default output arguments */ #undef SNOOPY_CONF_OUTPUT_DEFAULT_ARG /* Is output "devlog" available? */ #undef SNOOPY_CONF_OUTPUT_ENABLED_devlog /* Is output "devnull" available? */ #undef SNOOPY_CONF_OUTPUT_ENABLED_devnull /* Is output "devtty" available? */ #undef SNOOPY_CONF_OUTPUT_ENABLED_devtty /* Is output "file" available? Forced "Yes". */ #undef SNOOPY_CONF_OUTPUT_ENABLED_file /* Is output "socket" available? Forced "Yes". */ #undef SNOOPY_CONF_OUTPUT_ENABLED_socket /* Is output "stderr" available? */ #undef SNOOPY_CONF_OUTPUT_ENABLED_stderr /* Is output "stdout" available? */ #undef SNOOPY_CONF_OUTPUT_ENABLED_stdout /* Is output "syslog" available? */ #undef SNOOPY_CONF_OUTPUT_ENABLED_syslog /* Syslog facility to use by default */ #undef SNOOPY_CONF_SYSLOG_FACILITY /* Syslog ident to use by default */ #undef SNOOPY_CONF_SYSLOG_IDENT /* Syslog level to use by default */ #undef SNOOPY_CONF_SYSLOG_LEVEL /* thread safety */ #undef SNOOPY_CONF_THREAD_SAFETY_ENABLED /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS /* Version number of package */ #undef VERSION /* Define to `int' if doesn't define. */ #undef gid_t /* Define to `__inline__' or `__inline' if that's what the C compiler calls it, or to nothing if 'inline' is not supported under any name. */ #ifndef __cplusplus #undef inline #endif /* Define to rpl_malloc if the replacement function should be used. */ #undef malloc /* Define to `int' if does not define. */ #undef pid_t /* Define to `unsigned int' if does not define. */ #undef size_t /* Define to `int' if doesn't define. */ #undef uid_t /* Define as `fork' if `vfork' does not work. */ #undef vfork snoopy-snoopy-2.4.6/configure.ac000066400000000000000000001117341276626320200167020ustar00rootroot00000000000000### ### Snoopy configure.ac ### ### Initialize autotools # AC_PREREQ([2.63]) # If you are running older OS and trying to build Snoopy from git, # ./bootstrap.sh will change the line below from script-based version # determination of Snoopy version to fixed string. DO NOT COMMIT THIS CHANGE! # Pull requests with this change will be rejected. # Correct line content that follows is: # # m4_esyscmd_s(echo $(./build/get-version.sh)), # AC_INIT( [Snoopy Logger], m4_esyscmd_s(echo $(./build/get-version.sh)), [https://github.com/a2o/snoopy/issues/], [snoopy], [https://github.com/a2o/snoopy/]) ### Configure autotools # AC_CONFIG_SRCDIR([src/eventsource/execve_wrapper.c]) # Check if we are in correct directory tree AC_CONFIG_AUX_DIR([build/aux]) AC_CONFIG_MACRO_DIR([build/m4]) m4_include([build/snoopy.m4]) AM_INIT_AUTOMAKE([1.11 gnu silent-rules subdir-objects -Wall -Werror]) ### Silent make output # # Use it by default, but use version here that is backwards-compatible. # Must be used after AM_INIT_AUTOMAKE #AM_SILENT_RULES([yes]) m4_ifdef([AM_SILENT_RULES], [AM_SILENT_RULES([yes])]) dnl Option AM_PROG_AR dnl dnl Required for building Snoopy from git on Ubuntu 14.04 (for development, and dnl by package build receipe. It must appear before LT_INIT. dnl dnl Snoopy development priorities: dnl - git/master version is targeted at modern Linux distributions - this dnl means we mostly care if git/master is buildable on fresh/latest-version dnl distros (ignore building on legacy systems here); dnl - source distribution packages are built on modern Linux distributions, thus dnl what git/master contains follows this assumption; dnl - building Snoopy from source packages should be possible on as dnl many Linux distros as feasible; dnl - compatibility for building distro-specific packages comes in only here and dnl burden of bending the Snoopy source to distro-packaging-specific needs dnl is placed on distro-specific package maintainer. dnl dnl Given the priorities above, we include AM_PROG_AR as dependency, as it: dnl - is needed to build Snoopy from source on Ubuntu, which is somewhat used for dnl Snoopy development; dnl - it does not interfere when building Snoopy from source packages; dnl - it only interferes when building Snoopy from git, and only on older dnl platforms (RH/CentOS 6, see GitHub issue #38). dnl dnl Should someone have problems with AM_PROG_AR, they should either: dnl - figure a way to conditionally remove it from configure.ac on certain distros, or dnl - comment it out manually. dnl dnl The removal was considered for Snoopy 2.3.0, but was ultimately rejected because dnl of arguments specified above. dnl dnl Update: dnl A better solution was stumbled upon later on, which is now presented below: dnl - if macro is defined, use it, otherwise do not. dnl m4_ifdef([AM_PROG_AR], [AM_PROG_AR]) dnl Enable libtool LT_INIT([disable-static]) dnl Checks for programs. dnl dnl DO NOT REMOVE: CXX, AWK, CPP, RANLIB dnl Sometimes autoscan will suggest removing them, next time it will change dnl its mind and suggest putting them back in. Let's just keep them and be dnl done with it already. dnl AC_PROG_AWK AC_PROG_CC AC_PROG_CPP AC_PROG_CXX AC_PROG_GREP AC_PROG_INSTALL AC_PROG_LIBTOOL AC_PROG_LN_S AC_PROG_MAKE_SET AC_PROG_MKDIR_P dnl dnl AC_PROG_RANLIB dnl dnl bootstrap.sh output: dnl libtoolize: `AC_PROG_RANLIB' is rendered obsolete by `LT_INIT' dnl autoscan output: dnl configure.ac: warning: missing AC_PROG_RANLIB wanted by: ltmain.sh:2455 dnl dnl Libtoolize warning seems less harmful, therefore we leave this option in, for now. dnl AC_PROG_RANLIB AC_PROG_SED ### Check for programs required for TEST suite # SNOOPY_PROG_CHECK([dirname], [DIRNAME], [Needed for "make check" test suite.]) SNOOPY_PROG_CHECK([readlink], [READLINK], [Needed for "make check" test suite.]) SNOOPY_PROG_CHECK([socat], [SOCAT], [Needed for "make check" test suite.]) SNOOPY_PROG_CHECK([wc], [WC], [Needed for "make check" test suite.]) dnl Checks for libraries. dnl FIXME: Replace `main' with a function in `-ldl': AC_CHECK_LIB([dl], [dlsym], [], [ AC_MSG_ERROR([A library is missing. Unable to continue.]) ]) dnl Checks for header files. AC_CHECK_HEADERS([ \ ctype.h \ dlfcn.h \ errno.h \ features.h \ grp.h \ limits.h \ pwd.h \ stdio.h \ stdlib.h \ string.h \ syslog.h \ sys/socket.h \ sys/stat.h \ sys/syscall.h \ sys/time.h \ sys/types.h \ sys/un.h \ time.h \ unistd.h \ ], [], [ AC_MSG_ERROR([A header file is missing. Unable to continue.]) ]) dnl Checks for typedefs, structures, and compiler characteristics. AC_C_INLINE AC_TYPE_PID_T AC_TYPE_SIZE_T AC_TYPE_UID_T dnl Checks for library functions. AC_FUNC_FORK AC_FUNC_MALLOC AC_CHECK_FUNCS([ \ getcwd \ gethostname \ getsid \ gettimeofday \ localtime_r \ socket \ strchr \ strdup \ strstr \ ], [], [ AC_MSG_ERROR([A function is missing. Unable to continue.]) ]) dnl Substitute these variables when creating (Make)files below - GENERIC AC_SUBST([PREFIX]) AC_SUBST([SYSCONFDIR]) dnl Substitute these variables when creating (Make)files below - CUSTOM dnl $libdir contains '${exec_prefix}' if not specified as ./configure --libdir=... dnl ${exec_prefix} contains 'NONE' if not specified as ./configure --exec-prefix=... SNOOPY_LIBDIR="`eval echo ${libdir} | sed -e s@^NONE@$prefix@ | sed -e s@^NONE@/usr/local@`" AC_SUBST([SNOOPY_LIBDIR]) ### Generate these header files # AC_CONFIG_HEADERS([config.h]) ### Generate these (Make)files # AC_CONFIG_FILES([Makefile contrib/rhel/snoopy.spec contrib/sles/snoopy.spec doc/Makefile doc/internals/Makefile etc/Makefile etc/snoopy.ini lib/Makefile lib/inih/Makefile lib/inih/src/Makefile src/Makefile src/datasource/Makefile src/eventsource/Makefile src/filter/Makefile src/output/Makefile util/Makefile tests/Makefile tests/bin/Makefile tests/combined/Makefile tests/configfile/Makefile tests/datasource/Makefile tests/filter/Makefile tests/message/Makefile tests/output/Makefile tests/threads/Makefile ]) AC_CONFIG_FILES([util/snoopy-disable], [chmod +x util/snoopy-disable]) AC_CONFIG_FILES([util/snoopy-enable], [chmod +x util/snoopy-enable]) dnl ============================================================================ dnl Decide where things are installed if test "x$prefix" = "xNONE" ; then PREFIX="/usr/local" else PREFIX="$prefix" fi if test "x$sysconfdir" = "x\${prefix}/etc" ; then SYSCONFDIR="$PREFIX/etc" else SYSCONFDIR="$sysconfdir" fi dnl ============================================================================ dnl ======= START CONFIGURATION SUMMARY OUTPUT ================================= dnl ============================================================================ AC_MSG_NOTICE([======================================================================]) # ============================================================================ # ======= ENABLE EVERYTHING ================================================== # ============================================================================ AC_ARG_ENABLE(everything, [AC_HELP_STRING( [--enable-everything], [enable/disable all Snoopy features with one argument. Mainly useful for testing Snoopy builds. Individual features can still be enabled/disabled. [default=depends]] )], [ SNOOPY_CONFIGURE_ENABLE_EVERYTHING_SET([$enableval])], # Specified on command line SNOOPY_CONFIGURE_ENABLE_EVERYTHING_SET([unspecified]) # Not specified on command line ) AS_IF([test "x$enable_everything" = "xyes"], [AC_MSG_NOTICE([Snoopy all features enabled/disabled: yes - enabled])], [ AS_IF([test "x$enable_everything" = "xno"], [AC_MSG_NOTICE([Snoopy all features enabled/disabled: yes - disabled])], [AC_MSG_NOTICE([Snoopy all features enabled/disabled: no - using defaults])] ) ] ) AC_MSG_NOTICE([-]) dnl ============================================================================ dnl ======= ENABLE CONFIG FILE ================================================= dnl ============================================================================ AC_ARG_ENABLE(config-file, [AC_HELP_STRING( [--disable-config-file], [disable INI configuration file parsing. If enabled, then path is SYSCONFDIR/snoopy.ini [default=enabled] [default location=SYSCONFDIR/snoopy.ini]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [config-file], [configfile_enabled], [$enableval], [Use --sysconfdir to set config file path.]), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([config-file], [configfile_enabled], [$enable_everything], [yes]) ) AC_MSG_NOTICE([Snoopy config file enabled: $configfile_enabled]) AS_IF([test "x$configfile_enabled" == "xyes"], [ configfile_path="$SYSCONFDIR/snoopy.ini" AC_DEFINE_UNQUOTED(SNOOPY_CONF_CONFIGFILE_ENABLED, 1, [Is config file parsing enabled?]) AC_DEFINE_UNQUOTED(SNOOPY_CONF_CONFIGFILE_PATH, "$configfile_path", [INI configuration file path to use]) AC_MSG_NOTICE([Snoopy config file path: $configfile_path]) ]) AM_CONDITIONAL([CONFIGFILE_ENABLED], [test "x$configfile_enabled" == "xyes"]) dnl ============================================================================ dnl ======= ENABLE ERROR LOGGING =============================================== dnl ============================================================================ AC_ARG_ENABLE(error-logging, [AC_HELP_STRING( [--enable-error-logging], [enable error logging through configured output - use only if you are developing Snoopy or having problems configuring it [default=disabled]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [error-logging], [enable_error_logging], [$enableval], []), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([error-logging], [enable_error_logging], [$enable_everything], [no]) ) AS_IF([test "x$enable_error_logging" = "xyes"], [ AC_DEFINE_UNQUOTED(SNOOPY_CONF_ERROR_LOGGING_ENABLED, 1, [Enable error logging]) ]) AC_MSG_NOTICE([Snoopy error logging enabled: $enable_error_logging]) dnl ============================================================================ dnl ======= ENABLE THREAD SAFETY =============================================== dnl ============================================================================ AC_ARG_ENABLE(thread-safety, [AC_HELP_STRING( [--enable-thread-safety], [EXPERIMENTAL: enable parts of code that ensure safe multi-threaded operation [default=disabled]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [thread_safety], [thread_safety_enabled], [$enableval], []), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([thread_safety], [thread_safety_enabled], [$enable_everything], [no]) ) SNOOPY_CONFIGURE_ENABLE_GENERIC_EVALUATE([$thread_safety_enabled], [THREAD_SAFETY_ENABLED], [thread safety]) dnl ============================================================================ dnl ============================================================================ dnl ======= START section: DATASOURCES & MESSAGE FORMAT ======================== dnl ============================================================================ dnl ============================================================================ AC_MSG_NOTICE([-]) # ============================================================================== # ======= Enable/disable all data sources at once ============================== # ============================================================================== AC_ARG_ENABLE(all-datasources, [AC_HELP_STRING( [--disable-all-datasources], [disables all data sources at once. Use --enable-datasource-NAME to reenable individual data sources. [default=enabled]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [all-datasources], [enable_all_datasources], [$enableval], [Use --enable/--disable-datasource-NAME to reenable/disable individual data sources.]), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([all-datasources], [enable_all_datasources], [$enable_everything], [unspecified]) ) # ============================================================================== # ======= START section: ENABLE INDIVIDUAL DATA SOURCES ======================== # ============================================================================== SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [cmdline], [full command line including arguments]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [cwd], [current working directory]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [datetime], [current date and time in ISO 8601 format]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [domain], [domain of this system]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [egid], [effective GID]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [egroup], [effective literal group name]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [env], [particular environment variable]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [env_all], [all environment variables]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [euid], [effective UID]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [eusername], [effective literal username]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [filename], [full filename of process being executed]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [gid], [GID of process performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [group], [literal group name of process performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [hostname], [hostname of this system]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [login], [login username of user doing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [pid], [PID of process performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [ppid], [parent PID of process performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [rpname], [real parent name found up the process tree]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [sid], [session leader PID]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [snoopy_literal], [dummy data source - only returns what it receives as argument]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [snoopy_threads], [number of threads that Snoopy currently is initialized for]) SNOOPY_CONFIGURE_DATASOURCE_FORCE( [snoopy_version], [installed Snoopy version]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [tid], [Thread ID of process performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [tid_kernel], [Thread ID of process performing the execution, as retured by kernel via syscall]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [timestamp], [current Unix timestamp]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [timestamp_ms], [millisecond part of current Unix timestamp]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [timestamp_us], [microsecond part of current Unix timestamp]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [tty], [path to TTY performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [tty_uid], [UID of TTY performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [tty_username], [literal username of TTY performing the execution]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [uid], [numeric UID that executed the process]) SNOOPY_CONFIGURE_DATASOURCE_ENABLE( [username], [literal username of UID that executed the process]) # ============================================================================== # ======= END section: ENABLE INDIVIDUAL DATA SOURCES ========================== # ============================================================================== dnl ============================================================================ dnl ======= DEFAULT MESSAGE FORMAT ============================================= dnl ============================================================================ AC_ARG_WITH(message-format, [AC_HELP_STRING( [--with-message-format=FORMAT], [format to use to log messages with. For default value and available options, see comments in etc/snoopy.ini for format specification.] )], [ if test "x$withval" = "x" -o "x$withval" = "xyes"; then AC_MSG_ERROR([--with-message-format requires an appropriate value (message format specification). See etc/snoopy.ini for syntax. To use default log message format, remove this argument from ./configure line.]) elif test "x$withval" = "xno"; then AC_MSG_ERROR([using --without-message-format is not supported, log message format is required, or omit this argument altogether to enable default log message format.]) else with_message_format="$withval" fi ], [with_message_format="@<:@uid:%{uid} sid:%{sid} tty:%{tty} cwd:%{cwd} filename:%{filename}@:>@: %{cmdline}"] ) AC_DEFINE_UNQUOTED(SNOOPY_CONF_MESSAGE_FORMAT, "$with_message_format", [Custom message format to use]) AC_SUBST([SNOOPY_CONF_MESSAGE_FORMAT], [$with_message_format]) AC_MSG_NOTICE([Snoopy default message format: "$with_message_format"]) dnl ============================================================================ dnl ============================================================================ dnl ======= END section: DATASOURCES & MESSAGE FORMAT ========================== dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ======= START section: FILTERING =========================================== dnl ============================================================================ dnl ============================================================================ AC_MSG_NOTICE([-]) dnl ============================================================================ dnl ======= DEPRECATED FILTER: root-only ======================================= dnl ============================================================================ AC_ARG_ENABLE(root-only, [AC_HELP_STRING( [--enable-root-only], [DEPRECATED. Use --enable-filtering --with-filter-chain="only_uid:0" instead.] )], [ AC_MSG_ERROR([Use of --enable-root-only is DEPRECATED. Use --enable-filtering --with-filter-chain="only_uid:0" instead.]) ] ) dnl ============================================================================ dnl ======= ENABLE FILTERING =================================================== dnl ============================================================================ AC_ARG_ENABLE(filtering, [AC_HELP_STRING( [--disable-filtering], [disable general message filtering [default=enabled]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [filtering], [enable_filtering], [$enableval], []), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([filtering], [enable_filtering], [$enable_everything], [yes]) ) SNOOPY_CONFIGURE_ENABLE_GENERIC_EVALUATE([$enable_filtering], [FILTERING_ENABLED], [filtering subsystem]) # ============================================================================== # ======= Enable/disable all filters at once =================================== # ============================================================================== AC_ARG_ENABLE(all-filters, [AC_HELP_STRING( [--disable-all-filters], [disables all filters at once. This does not disable filtering in general. It only causes that none of filters is going to be built unless explicitly enabling it by specifying --enable-filter-NAME at ./confgure time. [default=enabled]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [all-filters], [enable_all_filters], [$enableval], []), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([all-filters], [enable_all_filters], [$enable_filtering], [yes]) ) # ============================================================================== # ======= START section: ENABLE INDIVIDUAL FILTERS ============================= # ============================================================================== SNOOPY_CONFIGURE_FILTER_ENABLE( [exclude_spawns_of], [This filter drops messages that originate for specified process trees.]) SNOOPY_CONFIGURE_FILTER_ENABLE( [exclude_uid], [This filter drops messages that match given UIDs.]) SNOOPY_CONFIGURE_FILTER_ENABLE( [only_root], [This filter passes only messages generated by root.]) SNOOPY_CONFIGURE_FILTER_ENABLE( [only_tty], [This filter passes only messages that have a TTY != none.]) SNOOPY_CONFIGURE_FILTER_ENABLE( [only_uid], [This filter passes only messages that match given UIDs.]) # ============================================================================== # ======= END section: ENABLE INDIVIDUAL FILTERS =============================== # ============================================================================== dnl ============================================================================ dnl ======= WITH FILTER CHAIN ================================================== dnl ============================================================================ AC_ARG_WITH(filter-chain, [AC_HELP_STRING( [--with-filter-chain=CHAINSPEC], [default filter chain to use. See src/snoopy.h and src/filter/ for available filters [default=empty]] )], [ if test "x$withval" = "x" -o "x$withval" = "xno"; then # We allow it here, as it might be desired to not have any # filter chain configured by default, but will be configured # later, using configuration file. # Allowed: empty, no with_filter_chain="" elif test "x$withval" = "xyes"; then # This must be an error. AC_MSG_ERROR([--with-filter-chain requires an appropriate value (filter chain specification), even empty string will do (--with-filter-chain=""). To disable filtering by default, use --without-filter-chain. Filter chain can later be specified and consequentially enabled by using configuration file. For this to work, configuration file (--with-config-file) and general filtering (--enable-filter) must be enabled.]) else with_filter_chain="$withval" fi ], [with_filter_chain=""] ) AC_DEFINE_UNQUOTED(SNOOPY_CONF_FILTER_CHAIN, "$with_filter_chain", [Filter chain to use]) AC_MSG_NOTICE([Snoopy default filter chain: ${with_filter_chain:-(none)}]) dnl ============================================================================ dnl ============================================================================ dnl ======= END section: FILTERING ============================================= dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ======= START section: OUTPUTS ============================================= dnl ============================================================================ dnl ============================================================================ AC_MSG_NOTICE([-]) # ============================================================================== # ======= Enable/disable all outputs at once =================================== # ============================================================================== AC_ARG_ENABLE(all-outputs, [AC_HELP_STRING( [--disable-all-outputs], [disables all outputs at once. Use --enable-output-NAME to reenable individual output. [default=enabled]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [all-outputs], [enable_all_outputs], [$enableval], [Use --enable/--disable-output-NAME to reenable/disable individual data sources.]), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([all-outputs], [enable_all_outputs], [$enable_everything], [unspecified]) ) # ============================================================================== # ======= START section: ENABLE INDIVIDUAL OUTPUTS ============================= # ============================================================================== SNOOPY_CONFIGURE_OUTPUT_ENABLE( [devlog], [This is the default output of Snoopy.]) SNOOPY_CONFIGURE_OUTPUT_ENABLE( [devnull], [Black hole]) SNOOPY_CONFIGURE_OUTPUT_ENABLE( [devtty], [Write to current console via /dev/tty.]) SNOOPY_CONFIGURE_OUTPUT_FORCE( [file], [Write directly to file. NOTICE: Make sure file has proper permissions set for non-root users.]) SNOOPY_CONFIGURE_OUTPUT_FORCE( [socket], [Output "socket" is mandatory!]) SNOOPY_CONFIGURE_OUTPUT_ENABLE( [stderr], [Write to stderr]) SNOOPY_CONFIGURE_OUTPUT_ENABLE( [stdout], [Write to stdout]) SNOOPY_CONFIGURE_OUTPUT_DISABLE( [syslog], [WARNING: This output is causing system hangs with SystemD. Do not use it unless you are absolutely certain you know better!]) # ============================================================================== # ======= END section: ENABLE INDIVIDUAL OUTPUTS =============================== # ============================================================================== dnl ============================================================================ AC_ARG_WITH(default-output, [AC_HELP_STRING( [--with-default-output=OUTPUT_SPEC], [default output to use. See snoopy.ini or src/output/* for available values. [default=devlog]] )], [ if test "x$withval" = "x" -o "x$withval" = "xyes"; then # Enabled, but without explicit value AC_MSG_ERROR([--with-default-output requires an appropriate value]) elif test "x$withval" = "xno"; then # Explicitly disabled: --without-... AC_MSG_ERROR([using --without-default-output is not supported, as it makes no sense. Either define it explicitly, or, to use the default value, remove this argument from ./configure line.]) else # Enabled with explicit value definition default_output_val="$withval" # Separate output from argument if echo "$default_output_val" | grep ':' > /dev/null ; then default_output=`echo "$default_output_val" | cut -d: -f1` default_output_arg=`echo "$default_output_val" | cut -d: -f2-` else default_output="$default_output_val" default_output_arg="" fi # Strip "output" suffix if exists if ! echo "$default_output" | grep 'output$' > /dev/null ; then default_output=`echo "$default_output" | sed -e 's/output$//'` fi # Check if given output exist if test ! -f src/output/${default_output}output.c ; then AC_MSG_ERROR([--with-default-output value provided is invalid, output does not exist: $default_output]) fi fi ], # Not specified on ./configure line, decided in snoopy.h [ default_output="" default_output_arg="" ] ) AS_IF([test "x$default_output" != "x"], [ AC_DEFINE_UNQUOTED(SNOOPY_CONF_OUTPUT_DEFAULT, ["$default_output"], [Default output provider]) AC_DEFINE_UNQUOTED(SNOOPY_CONF_OUTPUT_DEFAULT_ARG, ["$default_output_arg"], [Default output arguments]) ]) AC_MSG_NOTICE([Snoopy default output: ${default_output:-default (system dependent)}]) AC_MSG_NOTICE([Snoopy default output argument: ${default_output_arg:-(none)}]) dnl ============================================================================ dnl ============================================================================ dnl ======= END section: OUTPUTS =============================================== dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ======= START section: SYSLOG ============================================== dnl ============================================================================ dnl ============================================================================ AC_MSG_NOTICE([-]) dnl ============================================================================ AC_ARG_WITH(syslog-facility, [AC_HELP_STRING( [--with-syslog-facility=FACILITY], [syslog facility to use when logging. Check 'man 3 syslog' or 'man openlog' for supported values [default=LOG_AUTHPRIV]] )], [ if test "x$withval" = "x" -o "x$withval" = "xyes"; then # Enabled, but without explicit value AC_MSG_ERROR([--with-syslog-facility requires an appropriate LOG_* value]) elif test "x$withval" = "xno"; then # Explicitly disabled: --without-... AC_MSG_ERROR([using --without-syslog-facility is not supported, syslog log facility is required. Either define it explicitly, or, to use the default value, remove this argument from ./configure line.]) else # Enabled with explicit value definition with_syslog_facility_val="$withval" # Check for value correctness syslog_facility_short=`echo "$with_syslog_facility_val" | awk '{print toupper($0)}' | sed -e 's/^LOG_//' | grep -E '^(AUTH|AUTHPRIV|CRON|DAEMON|FTP|KERN|LOCAL(0|1|2|3|4|5|6|7)|LPR|MAIL|NEWS|SYSLOG|USER|UUCP)$'` if test "x$syslog_facility_short" = "x"; then AC_MSG_ERROR([--with-syslog-facility value provided is invalid: $with_syslog_facility_val]) fi # Prefix value with LOG_ syslog_facility="LOG_$syslog_facility_short" fi ], # Not specified on ./configure line [syslog_facility="LOG_AUTHPRIV"] ) AC_DEFINE_UNQUOTED(SNOOPY_CONF_SYSLOG_FACILITY, [$syslog_facility], [Syslog facility to use by default]) AC_MSG_NOTICE([Snoopy default syslog facility: $syslog_facility]) dnl ============================================================================ AC_ARG_WITH(syslog-level, [AC_HELP_STRING( [--with-syslog-level=LEVEL], [syslog level to use when logging. Check 'man 3 syslog' or 'man openlog' for supported values [default=LOG_INFO]] )], [ if test "x$withval" = "x" -o "x$withval" = "xyes"; then # Enabled, but without explicit value AC_MSG_ERROR([--with-syslog-level requires an appropriate LOG_* value]) elif test "x$withval" = "xno"; then # Explicitly disabled: --without-... AC_MSG_ERROR([using --without-syslog-level is not supported, syslog log level is required. Either define it explicitly, or, to use the default value, remove this argument from ./configure line.]) else # Enabled with explicit value definition with_syslog_level_val="$withval" # Check for value correctness syslog_level_short=`echo "$with_syslog_level_val" | awk '{print toupper($0)}' | sed -e 's/^LOG_//' | grep -E '^(EMERG|ALERT|CRIT|ERR|WARNING|NOTICE|INFO|DEBUG)$'` if test "x$syslog_level_short" = "x"; then AC_MSG_ERROR([--with-syslog-level value provided is invalid: $with_syslog_level_val]) fi # Prefix value with LOG_ syslog_level="LOG_$syslog_level_short" fi ], # Not specified on command line [syslog_level="LOG_INFO"] ) AC_DEFINE_UNQUOTED(SNOOPY_CONF_SYSLOG_LEVEL, [$syslog_level], [Syslog level to use by default]) AC_MSG_NOTICE([Snoopy default syslog level: $syslog_level]) dnl ============================================================================ AC_ARG_WITH(syslog-ident, [AC_HELP_STRING( [--with-syslog-ident=STRING], [syslog identity to use when logging. [default=snoopy]] )], [ if test "x$withval" = "x" -o "x$withval" = "xyes"; then # Enabled, but without explicit value AC_MSG_ERROR([--with-syslog-ident requires a value]) elif test "x$withval" = "xno"; then # Explicitly disabled: --without-... AC_MSG_ERROR([using --without-syslog-ident is not supported, syslog ident is required. Either define it explicitly, or, to use the default value, remove this argument from ./configure line.]) else # Enabled with explicit value definition syslog_ident="$withval" fi ], # Not specified on command line [syslog_ident="snoopy"] ) AC_DEFINE_UNQUOTED(SNOOPY_CONF_SYSLOG_IDENT, ["$syslog_ident"], [Syslog ident to use by default]) AC_MSG_NOTICE([Snoopy default syslog ident: "$syslog_ident"]) dnl ============================================================================ dnl ============================================================================ dnl ======= END section: SYSLOG ================================================ dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ======= START section: DEVELOPMENT ========================================= dnl ============================================================================ dnl ============================================================================ AC_MSG_NOTICE([-]) # ============================================================================== # ======= snoopy-dev-helper ==================================================== # ============================================================================== AC_ARG_ENABLE(dev-tools, [AC_HELP_STRING( [--enable-dev-tools], [enable util/snoopy-dev-* and util/snoopy-test-* programs. [default=disabled]] )], SNOOPY_CONFIGURE_ENABLE_GENERIC_SPECIFIED( [dev-helper], [enable_dev_tools], [$enableval], []), SNOOPY_CONFIGURE_ENABLE_GENERIC_UNSPECIFIED([dev-helper], [enable_dev_tools], [$enable_everything], [no]) ) AM_CONDITIONAL([DEV_TOOLS_ENABLED], [test "x$enable_dev_tools" == "xyes"]) AC_MSG_NOTICE([Snoopy development tools: $enable_dev_tools]) dnl ============================================================================ dnl ============================================================================ dnl ======= END section: DEVELOPMENT =========================================== dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ======= END CONFIGURATION SUMMARY OUTPUT =================================== dnl ============================================================================ AC_MSG_NOTICE([======================================================================]) dnl ============================================================================ dnl ============================================================================ dnl ======= START: Check for config-dependent things =========================== dnl ============================================================================ dnl ============================================================================ ### Datasource snoopy_threads # # Bail out if this datasource is explicitly enabled, but thread_safety is not # AS_IF([test "x$enable_datasource_explicit_snoopy_threads" = "xyes" -a "x$thread_safety_enabled" = "xno"], [ AC_MSG_ERROR([For datasource snoopy_threads to be enabled, thread safety must be enabled too. Unable to continue.]) ]) ### Datasource tid - check for pthread library # AS_IF([test "x$enable_datasource_tid" = "xyes"], [ AC_CHECK_HEADER([pthread.h], [], [ AC_MSG_ERROR([A header file is missing. Unable to continue.]) ]) AC_CHECK_LIB([pthread], [pthread_self], [], [ AC_MSG_ERROR([A library is missing. Unable to continue. (Needed by "tid" datasource.)]) ]) ]) dnl ============================================================================ dnl ============================================================================ dnl ======= END: Check for config-dependent things ============================= dnl ============================================================================ dnl ============================================================================ dnl ============================================================================ dnl ======= Final output ======================================================= dnl ============================================================================ AC_OUTPUT snoopy-snoopy-2.4.6/configure.scan000066400000000000000000000032551276626320200172410ustar00rootroot00000000000000# -*- Autoconf -*- # Process this file with autoconf to produce a configure script. AC_PREREQ([2.69]) AC_INIT([FULL-PACKAGE-NAME], [VERSION], [BUG-REPORT-ADDRESS]) AC_CONFIG_SRCDIR([config.h.in]) AC_CONFIG_HEADERS([config.h]) # Checks for programs. AC_PROG_CXX AC_PROG_AWK AC_PROG_CC AC_PROG_CPP AC_PROG_INSTALL AC_PROG_LN_S AC_PROG_MAKE_SET AC_PROG_RANLIB # Checks for libraries. # FIXME: Replace `main' with a function in `-lpthread': AC_CHECK_LIB([pthread], [main]) # Checks for header files. AC_CHECK_HEADERS([limits.h stdlib.h string.h sys/socket.h sys/time.h syslog.h unistd.h]) # Checks for typedefs, structures, and compiler characteristics. AC_TYPE_PID_T AC_TYPE_SIZE_T AC_TYPE_UID_T # Checks for library functions. AC_FUNC_FORK AC_FUNC_MALLOC AC_CHECK_FUNCS([getcwd gethostname gettimeofday localtime_r socket strchr strdup strstr]) AC_CONFIG_FILES([Makefile doc/Makefile doc/internals/Makefile etc/Makefile lib/Makefile lib/inih/Makefile lib/inih/src/Makefile src/Makefile src/datasource/Makefile src/eventsource/Makefile src/filter/Makefile src/output/Makefile tests/Makefile tests/bin/Makefile tests/combined/Makefile tests/configfile/Makefile tests/datasource/Makefile tests/filter/Makefile tests/message/Makefile tests/output/Makefile tests/threads/Makefile util/Makefile]) AC_OUTPUT snoopy-snoopy-2.4.6/contrib/000077500000000000000000000000001276626320200160455ustar00rootroot00000000000000snoopy-snoopy-2.4.6/contrib/debian/000077500000000000000000000000001276626320200172675ustar00rootroot00000000000000snoopy-snoopy-2.4.6/contrib/debian/README.Build.md000066400000000000000000000026751276626320200216160ustar00rootroot00000000000000# Snoopy Logger Debian / Ubuntu packages generation # You can find recipe to build a Debian/Ubuntu package in `contrib/debian`. You first need to symlink the `contrib/debian` to the project root directory. You also need to install all build dependencies: - debuild - debhelper - autoconf - dh-autoreconf The package is built into parent directory. You can install it using `dpkg`. Tests fail when not run as root, and when building as root will fail on signing. To sign, copy your keyring to root sudo cp -r /home/username/.gnupg /root/ Create a /root/.devscripts file to specify the correct key with the contents DEBUILD_DPKG_BUILDPACKAGE_OPTS="-k'Your Name' -sa" DEBSIGN_KEYID=YOUR_KEY_ID Basically you need to run following commands: git submodule init && git submodule update ln -nfs contrib/debian . apt-get install devscripts debhelper autoconf dh-autoreconf ./bootstrap.sh sudo debuild --no-tgz-check -I.git -i'\.git/' dpkg -i ../libsnoopy_2.0.0rc5-1_amd64.deb NOTES: Debian package versionning is tricky when working on git repositories. You can keep track on per-commit version number using `git describe --tags`. For example the git version `snoopy-2.0.0rc5-3-g7845db6` should be read as: - `snoopy-2.0.0rc5`: Version as given by `git tag` - `3`: Number of commits ahead of current tag - `g7845db6`: the git commit SHA1 id. The Debian package version should be then `2:2.0.0rc5+git.3-1`. snoopy-snoopy-2.4.6/contrib/debian/README.Debian000066400000000000000000000027771276626320200213450ustar00rootroot00000000000000libsnoopy ========= Log format is: [login:%{login} ssh:(%{env:SSH_CONNECTION}) sid:%{sid} tty:%{tty} (%{tty_uid}/%{tty_username}) uid:%{username}(%{uid})/%{eusername}(%{euid}) gid:%{group}(%{gid})/%{egroup}(%{egid}) cwd:%{cwd}]: %{cmdline} With: - login: literal login name of logged-in user executing this process. Retrive the user login trying in order: - The login information from the processus. - the LOGNAME environment variable. - the SUDO_USER environment variable. return "unknown" otherwise. TIP to use with sudo and keep LOGNAME, add this in /etc/sudoers: Defaults env_reset Defaults env_keep="LOGNAME" - ssh: value of SSH_CONNECTION. - sid: Session leader process ID of current process. - tty: TTY of current process. - tty_uid: UID (User ID) of current controlling terminal, or -1 if not found. - tty_username: litaral username of current controlling terminal. - username: literal username of current process/ - uid: UID (User ID) of current process. - eusername: literal effective user name (User ID) of current process/ - euid: effective UID of current process. - group: literal group name (Group ID) of current process. - gid: GID (Group ID) number of currently running process. - egroup: literal effective group name (Group ID) of current process. - egid: effective UID of current process. - cwd: current working directory of current process. - cmdline: command line of current process. -- Sébastien Gross , Mon, 20 Oct 2014 01:56:35 +0200 snoopy-snoopy-2.4.6/contrib/debian/changelog000066400000000000000000000032451276626320200211450ustar00rootroot00000000000000snoopy (2:2.4.4-debian) UNRELEASED; urgency=medium * Fix rules for deleting no existant dir * Fix ms rounding * Add missing info to debian build README * Update to allow -debian tags * Update version to allow backported versions -- Alasdair Campbell Mon, 02 Nov 2015 16:04:35 +0000 snoopy (2:2.3.1rc1) unstable; urgency=medium * Bump version. * Change build options to enable filtering and config file. * Add conflict rules to avoid installing both the snoopy and libsnoopy pkgs -- Fred Mora Tue, 28 Apr 2015 22:01:18 -0400 snoopy (2:2.0.0rc5-1) unstable; urgency=low * Bump to version 2.0.0rc5. -- Sébastien Gross Sun, 19 Oct 2014 23:06:56 +0000 snoopylogger (1:1.8.0+git.6-1) unstable; urgency=low * New automated build from: 1.8.0 - 71ea9e7 -- Sébastien Gross Mon, 19 Sep 2011 09:20:41 +0000 snoopylogger (1:1.8.0+git.6-1) unstable; urgency=low * New automated build from: 1.8.0 - 71ea9e7 -- Sébastien Gross Mon, 19 Sep 2011 09:19:51 +0000 snoopylogger (1:1.8.0+git.6-1) unstable; urgency=low * New automated build from: 1.8.0 - 71ea9e7 -- Sébastien Gross Mon, 19 Sep 2011 09:19:15 +0000 snoopylogger (1:1.8.0+git.6-1) unstable; urgency=low * New automated build from: 1.8.0 - 71ea9e7 -- Sébastien Gross Mon, 19 Sep 2011 09:15:26 +0000 snoopylogger (1:1.8.0+git.6-1) unstable; urgency=low * Initial version -- Sébastien Gross Mon, 21 Mar 2011 14:38:12 +0000 snoopy-snoopy-2.4.6/contrib/debian/compat000066400000000000000000000000021276626320200204650ustar00rootroot000000000000007 snoopy-snoopy-2.4.6/contrib/debian/control000066400000000000000000000014551276626320200206770ustar00rootroot00000000000000Source: snoopy Section: admin Priority: extra Maintainer: Sébastien Gross Build-Depends: debhelper (>= 7.0.50), autoconf (>=2.63), dh-autoreconf Standards-Version: 3.9.3 Homepage: https://github.com/a2o/snoopy Package: libsnoopy Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Conflicts: snoopy Replaces: snoopy Description: execve() wrapper and logger snoopylogger is merely a shared library that is used as a wrapper to the execve() function provided by libc as to log every call to syslog (authpriv). system administrators may find snoopylogger useful in tasks such as light/heavy system monitoring, tracking other administrator's actions as well as getting a good 'feel' of what's going on in the system (for example apache running cgi scripts). snoopy-snoopy-2.4.6/contrib/debian/copyright000066400000000000000000000025231276626320200212240ustar00rootroot00000000000000This package was debianized by Sébastien Gross on Sun, 20 Mar 2011 18:18:31 +0000. It was downloaded from https://github.com/a2o/snoopy Upstream Author: Marius Bostjan Skufca Copyright: Copyright (C) 2000 Marius Copyright (c) 2015 Bostjan Skufca License: This package is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version. This package is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this package; if not, write to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA On Debian systems, the complete text of the GNU General Public License can be found in `/usr/share/common-licenses/GPL'. The Debian packaging is (C) 2011, Sébastien Gross and is licensed under the GPL, see above. snoopy-snoopy-2.4.6/contrib/debian/libsnoopy.postinst000077500000000000000000000022761276626320200231240ustar00rootroot00000000000000#!/bin/sh # postinst script for snoopylogger # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `configure' # * `abort-upgrade' # * `abort-remove' `in-favour' # # * `abort-remove' # * `abort-deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package LIB_SNOOPY='/lib/libsnoopy.so' case "$1" in configure) if ! test -e /etc/ld.so.preload; then echo "$LIB_SNOOPY" >> /etc/ld.so.preload fi if ! grep $LIB_SNOOPY /etc/ld.so.preload; then echo "$LIB_SNOOPY" >> /etc/ld.so.preload fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 snoopy-snoopy-2.4.6/contrib/debian/libsnoopy.prerm000077500000000000000000000016471276626320200223670ustar00rootroot00000000000000#!/bin/sh # prerm script for snoopylogger # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * `remove' # * `upgrade' # * `failed-upgrade' # * `remove' `in-favour' # * `deconfigure' `in-favour' # `removing' # # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in remove|upgrade|deconfigure) sed -i 's,/lib/libsnoopy.so,,' /etc/ld.so.preload ;; failed-upgrade) ;; *) echo "prerm called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0 snoopy-snoopy-2.4.6/contrib/debian/rules000077500000000000000000000015731276626320200203550ustar00rootroot00000000000000#!/usr/bin/make -f # -*- makefile -*- # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 # to run with quilt use this instead: # dh --with quilt $@ %: dh $* $@ --with autoreconf override_dh_auto_configure: ./configure \ --build=x86_64-linux-gnu \ --prefix=/ \ --includedir=\${prefix}/include \ --mandir=\${prefix}/share/man \ --infodir=\${prefix}/share/info \ --sysconfdir=/etc --localstatedir=/var \ --libexecdir=\${prefix}/lib/snoopy \ --disable-maintainer-mode \ --disable-dependency-tracking \ --enable-filtering \ --enable-config-file \ --with-message-format='[login:%{login} ssh:(%{env:SSH_CONNECTION}) sid:%{sid} tty:%{tty} (%{tty_uid}/%{tty_username}) uid:%{username}(%{uid})/%{eusername}(%{euid}) gid:%{group}(%{gid})/%{egroup}(%{egid}) cwd:%{cwd}]: %{cmdline}' override_dh_install: dh_install rm \ debian/libsnoopy/lib/libsnoopy.la snoopy-snoopy-2.4.6/contrib/debian/snoopy.dirs000066400000000000000000000000211276626320200214720ustar00rootroot00000000000000usr/bin usr/sbin snoopy-snoopy-2.4.6/contrib/debian/snoopy.lintian-overrides000066400000000000000000000003571276626320200242030ustar00rootroot00000000000000snoopy changes: changed-by-address-malformed Sébastien Gross libsnoopy: new-package-should-close-itp-bug libsnoopy: maintainer-address-malformed Sébastien Gross snoopy-snoopy-2.4.6/contrib/debian/source.lintian-overrides000066400000000000000000000002231276626320200241440ustar00rootroot00000000000000snoopy source: native-package-with-dash-version snoopy source: maintainer-address-malformed Sébastien Gross snoopy-snoopy-2.4.6/contrib/rhel/000077500000000000000000000000001276626320200167775ustar00rootroot00000000000000snoopy-snoopy-2.4.6/contrib/rhel/snoopy.spec.in000066400000000000000000000017661276626320200216210ustar00rootroot00000000000000Name: snoopy Version: @PACKAGE_VERSION@ Release: 1%{?dist} Summary: Snoopy is a wrapper around execve() that logs all executed commands by all users and processes to syslog. License: GPLv2 URL: https://github.com/a2o/snoopy Source0: snoopy-%{version}.tar.gz %description Snoopy is designed to aid a sysadmin by providing a log of commands executed. Snoopy is completely transparent to the user and applications. It is linked into programs to provide a wrapper around calls to execve(). Logging is done via syslog. %prep %autosetup %build %configure make %{?_smp_mflags} %install %make_install mkdir -p %{buildroot}/etc install -m 0644 etc/snoopy.ini %{buildroot}/%{_sysconfdir}/snoopy.ini %files %doc ChangeLog COPYING %{_bindir}/* %{_libdir}/* %{_sbindir}/* %{_sysconfdir}/* %post -p /usr/sbin/snoopy-enable %preun -p /usr/sbin/snoopy-disable %changelog * Tue Nov 4 2014 Jeremy Brown 2.0.0rc12-1 - Initial RPM spec for snoopy. snoopy-snoopy-2.4.6/contrib/sles/000077500000000000000000000000001276626320200170135ustar00rootroot00000000000000snoopy-snoopy-2.4.6/contrib/sles/snoopy.spec.in000066400000000000000000000024721276626320200216300ustar00rootroot00000000000000Summary: User monitoring and command logging Name: snoopy Version: @PACKAGE_VERSION@ Release: 1%{dist} URL: https://github.com/a2o/snoopy Group: Applications/Monitoring BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: git, gcc, make License: GPL Packager: Taylor Kimball %description Snoopy Logger, logs all the commands issued by local users on the system. It is very useful to track and monitor the users. %prep %setup -T -c %build git clone https://github.com/a2o/%{name}.git pushd %{name} %configure %{__make} %install pushd %{name} %{__install} -d -m 755 %{buildroot}%{_bindir} %{__install} -d -m 755 %{buildroot}%{_libdir} %{__install} -d -m 755 %{buildroot}%{_sysconfdir} %{__install} -m 755 detect %{buildroot}%{_bindir} %{__install} -m 755 %{name}.so %{buildroot}%{_libdir} echo "%{_libdir}/%{name}.so" >> %{buildroot}%{_sysconfdir}/ld.so.preload %clean rm -rf %{buildroot} %files %defattr(-,root,root,-) %doc %{name}/ChangeLog %{name}/COPYING %{name}/README.filtering %{name}/README.md %{name}/TODO %config(noreplace) %{_sysconfdir}/ld.so.preload %{_bindir}/detect %{_libdir}/%{name}.so %changelog * Fri Sep 12 2014 Taylor Kimball - @PACKAGE_VERSION@-1 - Initial spec. snoopy-snoopy-2.4.6/doc/000077500000000000000000000000001276626320200151525ustar00rootroot00000000000000snoopy-snoopy-2.4.6/doc/CONTRIBUTING.md000066400000000000000000000007641276626320200174120ustar00rootroot00000000000000# Contributing to Snoopy development Contents of this file have been moved to ROOT/.github/ folder, reason being that when done so, GitHub displays link to contributing guidelines when creating a new issue or submitting a pull request. Direct links to relevant documents: * [../.github/CONTRIBUTING.md](../.github/CONTRIBUTING.md) * [../.github/PULL_REQUEST_TEMPLATE.md](../.github/PULL_REQUEST_TEMPLATE.md) * [../.github/ISSUE_TEMPLATE.md](../.github/ISSUE_TEMPLATE.md) * [HACKING.md](HACKING.md) snoopy-snoopy-2.4.6/doc/FAQ.md000066400000000000000000000100031276626320200160750ustar00rootroot00000000000000# Snoopy Logger FAQ ### 1. Snoopy hangs my RedHat/Fedora/CentOS/other system **OBSOLETE, FIXED IN SNOOPY 1.9.0** Due to bug described at the URIs below, **please make sure you test your Snoopy installation before you deploy it to production**. The bug manifests itself at shutdown, when system hangs instead of finishing the whole shutdown procedure. So far this has only been reproduced on Fedora, and there is a reference to Hyper-Threading, but no one has come up with a valid solution, only workarounds. Bug descriptions: * https://bugzilla.redhat.com/show_bug.cgi?id=745603 * https://github.com/a2o/snoopy/issues/1 How to test: * Configure, build, install, enable * Make sure it is working by tailing log files * Reboot #1 * Reboot #2. If second reboot is successful, you are on the safe side Distributions known to work OK (all 64-bit, all tested with 2.0.0+ versions): * CentOS 6.5 * Debian 7 * Ubuntu Server 12.04.01, 14.04 * Slackware 12.2+ ### 2. Snoopy hangs my RH/CentOS/(other-systemd-based) system **HAPPY ANNOUNCEMENT: Snoopy version 2.2.0 resolved boot problems on RHEL/CentOS 7.** More info: https://github.com/a2o/snoopy/issues/28 ~DO NOT INSTALL Snoopy on CentOS 7 just yet!~~ ~For currently unknown reason, when Snoopy is installed, CentOS 7 does not boot.~~ ~Here is the issue tracker entry:~~ ~https://github.com/a2o/snoopy/issues/28~~ ### 3. PulseAudio fills logs when Snoopy is installed Issue was originally reported here: https://github.com/a2o/snoopy/issues/29 Transcript of original content (a bit condensed): If, like us, you have users running desktop environments, you'll find pulseaudio filling your logs because of Snoopy. Workaround: * edit /etc/pulse/client.conf * if exists, uncomment line that starts with "autospawn" and change value to "no" * if not, add a line "autospawn = no" That should fix your issue. (Thanks to https://github.com/sykosoft for reporting this and providing a solution.) ### 4. Was legacy Snoopy faster than current implementation? This was tested with Snoopy 2.3.0. We compared the following three implementations: - current implementation, version 2.3.0, with enabled config file (missing), filtering, and with dynamic log message generation - legacy Snoopy, version 1.9.0, where message is generated in single pass (no function calling) - legacy Snoopy with output directly to console (to avoid syslog()) Results (loop with 2000 iterations, on Macbook Air 6.2 with i5-4250U): - 2.3.0: 3.6s (with config file and filtering enabled) - 2.3.0: 3.5s - 1.9.0: 3.2s - 1.9.0: 3.0s (output to console) This 10% difference is insignificant. It seems forking is the most expensive operation, which is not unexpected. This is the reason why we removed implementation of data source called 'legacy' from Snoopy, as maintaining redundant code seems pointless for 10% performance gain. ### 5. I see no Snoopy output after initial user login Your user probably has LD_PRELOAD environmental variable set to something non- empty in their profile script. Remove it, or set libsnoopy.so as part of that preload environment variable, like this (UNTESTED): LD_PRELOAD="/path/to/libsnoopy.so /path/to/otherlib.so" ### 6. How do I go about developing new data source/filter/output? Please see [HACKING.md](HACKING.md) for more information. ### 7. I want to contribute - how should I do it? Contributions are welcome. Please see [../CONTRIBUGING.md](CONTRIBUTING.md) for additional details about how to properly submit patches so they are merged as fast as possible. If your contribution is refactoring Snoopy's internal structure, it might take a while to review it. Adding new data source, filter or output does not count as refactoring. ### 8. I do not see any non-root Snoopy entries in my logs If you have configured `file` output provider, make sure it has proper permissions set for writing into it. This usually means chmodding it to 0666 which is quite insecure setting. You may want to reconfigure Snoopy to use `devlog` output. snoopy-snoopy-2.4.6/doc/FILTER_exclude_spawns_of.md000066400000000000000000000124031276626320200222510ustar00rootroot00000000000000# The exclude_spawns_of filter ## Purpose of the filter When Snoopy is installed, it will generate a log message for every executable that runs. This includes the programs invoked by cron and other system daemons. All these messages create noise in the logs and tends to drown useful information. So filtering out messages created by cron jobs is therefore a useful feature. That's what the exclude_spawns_of filter does. ## Terms used In this page, we use the following terms: - Process tree: this is the graph of processes running on your system, starting at init (process 1) at the top, and going down from parent to child processes. - Ancestor: A process _A_ is the ancestor of process _P_ if you can start from _P_ in the process tree and go up one or more levels until you find _A_. - Descendant: A process _D_ is a descendant of process _P_ if _P_ is the ancestor of _D_. A synonym for _spawn_. ## Setting up the filter The filter takes a comma-separated list of program names as a parameter. If the current process is a descendant of one of the named programs, the filter will drop the message. So if you want to avoid logging programs executed by cron jobs or their descendants, just put filter_chain = "exclude_spawns_of:cron" in the `snoopy.ini` file. The list of program names after the `exclude_spawns_of:` is called the _black list_. It is a list of ancestors for which the log message should be dropped. Of course, your filter chain can include other filters. See snoopy.ini for examples. If you also want to avoid logging the executables launched by `mydaemon`, you can add it to the black list: filter_chain = "exclude_spawns_of:cron,mydaemon" Do not put spaces around the colon or the commas! ## The gory details The filter walks up the process tree and examines the ancestors of the current process, starting from the parent of the current process. For each ancestor, the filter compares the name of the executable with the black list. If there is a match, the filter drops the message. A name listed in the black list can be a binary name or a script name. If you have a doubt, find the program that you want to add in the list and run the command cat /proc/nnnn/stat where _nnnn_ is the PID of the program. The output of the command will list a name between parentheses in the second word. That name (without the parentheses!) is what you need to add in the black list. If the filter encounters an error, it will pass the message. ## Installing and testing the filter ### Compiling If you install from source, make sure that the following options are passed to `./configure`: --enable-filtering --enable-config-file For debian, these options are in `debian/rules`. ### Installing The filter is installed along with the rest of Snoopy, there is no separate package. ### Setting up We assume you are running as root or sudoing as needed. If you installed from a package that was correctly configured, you should see the file `/etc/snoopy.ini` in your system. If this file is missing, it means that the version of Snoopy you installed was compiled without the `--enable-config-file` option. It cannot be used here. Please install a different version. We are going to modify the ini file to make sure the filter works. Change the default message format in `/etc/snoopy.ini`. For example, we add the PID of the process: message_format = "[pid:%{pid} uid:%{uid} sid:%{sid} tty:%{tty} cwd:%{cwd} filename:%{filename}]: %{cmdline}" Next, we will create an easy-to-test black list. Add the following line in `/etc/snoopy.ini`: filter_chain = "exclude_spawns_of:cron,sh" We specified that Snoopy should not log programs spawned by cron and sh. We assume here that you run bash as the standard shell. You can verify that this is the case with the command: getent passwd $USER The last string in the command output is your login shell, `bash` by default. ### Verifying that Snoopy reads the ini file Let's enable Snoopy with the command: snoopy-enable You can check that the `/etc/ld.so.preload` file now contains something like `/lib/libsnoopy.so`. Open another window and run `tail -f /var/log/auth.log` to check that Snoopy works. Snoopy works only for processes started after it's enabled, so let's invoke a new shell with the command bash Within that new shell, run ls. You will see a message in `auth.log` that looks like this: ``` Apr 24 21:41:57 fred-vm-ub1 snoopy[2320]: [pid:2320 uid:1000 sid:1872 tty:/dev/pts/0 cwd:/home/fmora filename:/bin/ls]: ls ``` This shows that Snoopy read the ini file and parsed the `message_format` parameter. ### Testing the filter Remember that your default shell is bash, and that you added the `sh` shell to the black list. So let's run the command `sh` to start an instance of this shell. You should see that Snoopy records it in the log (since its ancestors are not blacklisted). However, type `ls` or other commands within the new `sh` shell. You should see that Snoopy does not log these commands, since they are a descendant of the blacklisted `sh`. Start a bash shell within sh by typing `bash`. Within bash, type `ls` or other commands. Snoopy does not log them. This is because these commands are still descendants from the blacklisted `sh`. This shows that the filter works. You can now set the black list as you need. snoopy-snoopy-2.4.6/doc/HACKING.md000066400000000000000000000210551276626320200165430ustar00rootroot00000000000000# Hacking Snoopy New ideas are welcome. Most of change requests so far were about additional log data or filtering capabilities, therefore most of development/changes is expected in that area, and the workflow is optimised for it too. More advanced changes or change proposals are also welcome. You are advised to read this document first, and then if you still have questions, proceed to [internals/README.md](internals/README.md) and then to Snoopy source code itself. Table of Contents ================= * [Hacking Snoopy](#hacking-snoopy) * [OS for development](#os-for-development) * [Older OSes](#older-oses) * [Clone git repository and initialize git submodules](#clone-git-repository-and-initialize-git-submodules) * [Data source development](#data-source-development) * [Filter development](#filter-development) * [Output development](#output-development) * [Useful helpers](#useful-helpers) ## OS for development Development of Snoopy is (and should) be done on fairly recent OS releases. Ubuntu 14.04 would be a good choice ATM, or RedHat/CentOS 7. Required versions of software: - automake 1.11 - autoconf 2.69 ### Older OSes With a few tweaks Snoopy can be built from git repository on older systems too. The main incompatibility is that older autotools can not use external command to determine version of current Snoopy code your are building. Here is the diff of required change to make it work: ```diff diff --git a/configure.ac b/configure.ac index b71aa32..07edd5a 100644 --- a/configure.ac +++ b/configure.ac @@ -9,7 +9,7 @@ AC_PREREQ([2.63]) AC_INIT( [Snoopy Logger], - m4_esyscmd_s(echo $(./build/get-version.sh)), + [2.4.4-my-dev-version], [https://github.com/a2o/snoopy/issues/], [snoopy], [https://github.com/a2o/snoopy/]) ``` ~~After you have performed this change, you may re-run ./bootstrap.sh with an argument to ignore too-old version of autotools:~~ **This change is now performed automatically by bootstrap.sh,** and a warning is emitted. If you would like to get rid of the warning too, use this: ```shell ./bootstrap.sh geezer-os ``` **IMPORTANT NOTICE:** Pull requests that "fix" this build process "bug" on these obsolete OSes (by removing usage of external command and replacing it with static string) will be rejected. ## Clone git repository and initialize git submodules File [INSTALL.md](INSTALL.md) contains detailed instructions about git repository cloning and git submodule initialization. Also, do not forget to run ./bootstrap.sh after submodules have been updated. Recap of the steps: ```shell git clone https://github.com/a2o/snoopy.git cd snoopy git submodule init git submodule update ./bootstrap.sh ``` ## Data source development - data sources are located in src/datasource/; - data source names should be lower case, with underscores for word separation; - data about currently executing process is available in src/inputdatastorage.* files. Consult existing data sources on how to use it (filename for example); - each data source must be self-sufficient. Do not rely on other parts of Snoopy; - each data source must be tidy (free all mallocs, close all file descriptors); - the first argument passed to each provider is a char array to return message into; - data source message must not be longer than SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE; - each data source must have a corresponding header file; - all data sources must build with -Wall -Werror -strict -std=c99 flags (enabled by default); - code indentation: 4 spaces, no tabs; - reserverd data source names: - snoopy* - IMPORTANT: Every data source must have corresponding test(s) in tests/datasource/ directory, which enables automated testing for all upcoming changes. This enabled future developers. - IMPORTANT: All tests must pass! If your new implementation broke something, fit it. If you have developed a shiny new data source and you would like to start using it with Snoopy, you have to add it to the following files to make Snoopy fully aware of it: - src/datasource/NAME.h (your data source's main header file) - src/datasource/NAME.c (your data source's main source code goes here) - src/datasource/Makefile.am (one reference) - src/datasourceregistry.c (three references - header, name and function name) - tests/datasource/Makefile.am (one reference, may contain multiple tests) - tests/datasource/datasource_NAME.sh (single test or) - tests/datasource/datasource_NAME-test1.sh (multiple tests) - tests/datasource/datasource_NAME-test2.sh - configure.ac (one reference) - config.h.in (one reference, autogenerated by ./bootstrap.sh) - etc/snoopy.ini.in (one reference in comments, for documentation purposes) - ChangeLog (short description of new feature) ## Filter development Rules for filter development are the same as for new data source development, with the following additional specifics: - filters are located in src/filter/; - each filter is passed two arguments: - logMessage and - filter argument (if any, otherwise an empty string is passed); - filter argument is literal. If it contains multiple arguments (separated by comma, for example), the filter itself must do the parsing/tokenization. - filter MAY modify logMessage. If it does so, the new log message MUST NOT EXCEED the maximum log message size, defined in snoopy.h. - filter MUST return SNOOPY_FILTER_PASS or SNOOPY_FILTER_DROP constant; - if SNOOPY_FILTER_DROP is returned by filter, it causes immediate termination of filter chain processing and message is not logged to syslog; - reserved filter names: - snoopy* - filter tests are located in tests/filter/ If you have developed a shiny new filter and you would like to start using it with Snoopy, you have to add it to the following files to make Snoopy fully aware of it: - src/filter/NAME.h (your filter's main header file) - src/filter/NAME.c (your filter's main source code goes here) - src/filter/Makefile.am (one reference) - src/filterregistry.c (three references - header, name and function name) - tests/filter/Makefile.am (one reference, may contain multiple tests) - tests/filter/filter_NAME.sh (single test or) - tests/filter/filter_NAME-test1.sh (multiple tests) - tests/filter/filter_NAME-test2.sh - configure.ac (one reference) - config.h.in (one reference, autogenerated by ./bootstrap.sh) - etc/snoopy.ini.in (one reference in comments, for documentation purposes) - ChangeLog (short description of new feature) ## Output development Rules for new output development are the same as for new filter development, with the following additional specifics: - outputs are located in src/output/; - as output names are generally very generic, files and functions are suffixed with "...output"; - each output is passed three arguments: - logMessage - flag whether logMessage is a regular Snoopy log message or an error message - output argument string (might not be used by output) - output argument is literal. If it contains multiple arguments (separated by comma, for example), the output itself must do the parsing/tokenization. - reserved output names: - snoopy* - output tests are located in tests/output/ If you have developed a shiny new output and you would like to start using it with Snoopy, you have to add it to the following files to make Snoopy fully aware of it: - src/output/NAME.h (your output's main header file) - src/output/NAME.c (your output's main source code goes here) - src/output/Makefile.am (one reference) - src/outputregistry.c (three references - header, name and function name) - tests/output/Makefile.am (one reference, may contain multiple tests) - tests/output/output_NAME.sh (single test or) - tests/output/output_NAME-test1.sh (multiple tests) - tests/output/output_NAME-test2.sh - configure.ac (one reference) - config.h.in (one reference, autogenerated by ./bootstrap.sh) - etc/snoopy.ini.in (one reference in comments, for documentation purposes) - ChangeLog (short description of new feature) ## Useful helpers The most obvious thing that data sources, filters and outputs might have in common is argument parsing. If your new feature accepts a comma-separated argument list, then you are encouraged to use provided implementation. Consult file src/filter/only_uid.c to see an actual usage of said implementation. That is it. Happy hacking! :) snoopy-snoopy-2.4.6/doc/INSTALL.md000066400000000000000000000215601276626320200166060ustar00rootroot00000000000000# Snoopy Logger Installation Instructions * [Snoopy Logger Installation Instructions](#snoopy-logger-installation-instructions) * [Available installation methods:](#available-installation-methods) * [1. Automated installation procedure](#1-automated-installation-procedure) * [2. Installing Snoopy from distribution package repositories](#2-installing-snoopy-from-distribution-package-repositories) * [2.1 Building distribution-specific packages yourself](#21-building-distribution-specific-packages-yourself) * [3. Building Snoopy from sources](#3-building-snoopy-from-sources) * [3.1 Downloading source](#31-downloading-source) * [3.2 Installation procedure](#32-installation-procedure) * [3.3 Build configuration](#33-build-configuration) * [3.3.1 Configuring log output](#331-configuring-log-output) * [3.3.2 Configuring filtering](#332-configuring-filtering) * [3.3.3 Optional configuration file support](#333-optional-configuration-file-support) * [4 How to enable/activate Snoopy](#4-how-to-enableactivate-snoopy) * [4.1 Enable for specific program](#41-enable-for-specific-program) * [4.2 Enable system-wide Snoopy on 32-bit-only or 64-bit-only systems](#42-enable-system-wide-snoopy-on-32-bit-only-or-64-bit-only-systems) * [4.3 For multilib systems](#43-for-multilib-systems) * [4.4 For multilib systems with LD_PRELOAD_* environmental variables](#44-for-multilib-systems-with-ld_preload_-environmental-variables) * [5 Snoopy output](#5-snoopy-output) * [6 How to disable Snoopy](#6-how-to-disable-snoopy) ## Available installation methods: * automated installation procedure (preferred, installs latest version), or * using packages provided by your Linux distribution, or * building it manually. ### 1. Automated installation procedure To start automated installation procedure for **STABLE** version of Snoopy, run this command: rm -f snoopy-install.sh && wget -q -O snoopy-install.sh https://github.com/a2o/snoopy/raw/install/doc/install/bin/snoopy-install.sh && chmod 755 snoopy-install.sh && ./snoopy-install.sh stable To start automated installation procedure for **DEVELOPMENT** version of Snoopy, run this command: rm -f snoopy-install.sh && wget -q -O snoopy-install.sh https://github.com/a2o/snoopy/raw/install/doc/install/bin/snoopy-install.sh && chmod 755 snoopy-install.sh && ./snoopy-install.sh git-master **WARNING: This manual is for latest Snoopy version only. Any version that is not the latest is not supported. Please do not submit any bug/feature/change requests related to unsupported versions.** ### 2. Installing Snoopy from distribution package repositories This is generally simple, if some maintainer already packaged Snoopy for you. How to install distribution-provided packages is out of scope of this manual. Generally you would do something like this: apt-get install snoopy yum install snoopy zypper install snoopy #### 2.1 Building distribution-specific packages yourself The following Linux distributions have their corresponding package definition files available in the contrib/ directory: * Debian/Ubuntu, in contrib/debian/ * RHEL/CentOS/Fedora, in contrib/rhel/ * SLES/OpenSUSE, in contrib/sles/ The contents of contrib/ directory is user-supplied and therefore not supported. Patches however are gladly accepted. ### 3. Building Snoopy from sources #### 3.1 Downloading source You can download Snoopy release tarballs from this location: http://source.a2o.si/download/snoopy/ Alternatively, you can clone the latest Snoopy sources from GitHub. **DO NOT FORGET TO INITIALIZE GIT SUBMODULES**: ``` git clone https://github.com/a2o/snoopy.git cd snoopy git submodule init git submodule update # This generates ./configure script ./bootstrap.sh ``` #### 3.2 Installation procedure Snoopy supports various features that can be enabled by supplying arguments to configure command. Consult `./configure --help' for more information. # Only if you are building directly from git repository: ./bootstrap.sh # Check configuration options, see section 3.3 for details: ./configure --help # Then continue with normal build procedure: ./configure [OPTIONS] make make install # At this point, Snoopy is **installed but not yet enabled**. # Enable it make enable # Reboot your system for Snoopy to be picked by all programs. reboot #### 3.3 Build configuration ##### 3.3.1 Configuring log output Snoopy already has default log message format configured, but by using "./configure --with-message-format=FORMAT" you can adjust it to your needs. Log message format specification example: --with-message-format="text1:%{datasource1} text2:%{datasource2} text3:%{datasource3:arg}" Text outside %{...} is considered literal and is copied as-is to final log message. On the other hand, text found within %{...} has special meaning: it retrieves data from specified data source. If data source specification contains a colon, then text before colon is considered data source name, and text following the colon is passed as an argument to the data source provider in question. ##### 3.3.2 Configuring filtering Snoopy supports message filtering. Filtering support must be enabled at build time, here is an example: # REQUIRED TO ENABLE FILTERING FEATURE --enable-filtering # HOW TO DEFINE FILTER CHAINS --with-filter-chain="FILTER_CHAIN_SPEC" By default, if FILTER_CHAIN_SPEC is not configured. An empty string is used instead, which effectively disables filtering and all Snoopy messages are passed to the configured output. See sample configuration file etc/snoopy.ini for list and description of supported filter configurations. ##### 3.3.3 Optional configuration file support Snoopy supports optional configuration file, which may help with development and/or configuration endeavours. Configuration file must be enabled at build time: --enable-config-file Configuration file is installed as SYSCONFDIR/snoopy.ini. SYSCONFDIR can be changed with --sysconfdir=PATH configuration directive. See sample configuration file etc/snoopy.ini for list and description of supported configuration directives. ### 4 How to enable/activate Snoopy #### 4.1 Enable for specific program If you wish to monitor only certain applications you can do so through the LD_PRELOAD environmental variable - simply set it to the full path to libsnoopy.so shared library before starting the application. Example: export LD_PRELOAD=/usr/local/lib/libsnoopy.so # default path lynx http://linux.com/ unset LD_PRELOAD #### 4.2 Enable system-wide Snoopy on 32-bit-only or 64-bit-only systems WARNING: Using this method on multilib systems (64-bit systems capable WARNING: of running 32-bit applications) can cause malfunction because WARNING: preload config file /etc/ld.so.preload makes no distinction WARNING: between 32- and 64-bit programs and shared libraries. # Use special Snoopy-enabling script snoopy-enable # Or enable it using build tools make enable Explanation: An entry is created in /etc/ld.so.preload file which causes execv() and execve() system calls to be intercepted by Snoopy and logged via syslog. #### 4.3 For multilib systems Content of /etc/ld.so.preload should include the following line: /usr/local/$LIB/libsnoopy.so This applies only when you have installed both 32bit and 64bit version of the library in the appropriate paths. #### 4.4 For multilib systems with LD_PRELOAD_* environmental variables On systems that support LD_PRELOAD_32 and LD_PRELOAD_64 you can use those variables to force loading of Snoopy. If you wish to enable it system-wide, ensure that correct values are held by those variables at boot time. Consult section 4.a of this README on how to set environmental variables. Setting them at boot time is usually distro- dependent. Users are also required to compile 32-bit version of library. To do so on 64-bit systems it is usually enough to set appropriate CFLAGS: CFLAGS=-m32 ./configure [OPTIONS] Of course your system must be cross-compilation capable. Consult your OS documentation for details on this subject. ### 5 Snoopy output The exact location of your Snoopy output depends on your syslog configuration. Usually it gets stored in one of the following files: /var/log/auth* /var/log/messages /var/log/secure ### 6 How to disable Snoopy The simplest way is by using special script: snoopy-disable To manually disable Snoopy, simply edit /etc/ld.so.preload and remove reference to libsnoopy.so. Also unset any environmental variable that references Snoopy (LD_PRELOAD, LD_PRELOAD_32 and LD_PRELOAD_64). Then you may also delete Snoopy shared library from your system. Default installation path of Snoopy shared library is: /usr/local/lib/libsnoopy.so snoopy-snoopy-2.4.6/doc/Makefile.am000066400000000000000000000004541276626320200172110ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### First process all required subdirs # SUBDIRS = internals ### Include documentation in final release package # EXTRA_DIST = \ CONTRIBUTING.md \ FAQ.md \ FILTER_exclude_spawns_of.md \ INSTALL.md snoopy-snoopy-2.4.6/doc/install/000077500000000000000000000000001276626320200166205ustar00rootroot00000000000000snoopy-snoopy-2.4.6/doc/install/bin/000077500000000000000000000000001276626320200173705ustar00rootroot00000000000000snoopy-snoopy-2.4.6/doc/install/bin/snoopy-install.sh000077500000000000000000000316241276626320200227300ustar00rootroot00000000000000#!/bin/bash ### Shell configuration # set -e set -u set -o pipefail ### Configuration # SNOOPY_GIT_ORIGIN_URI="https://github.com/a2o/snoopy.git" SNOOPY_PACKAGE_DOWNLOAD_URI_PREFIX="http://source.a2o.si/download/snoopy" SNOOPY_INSTALL_LOGFILE="`pwd`/snoopy-install.log" SNOOPY_TRAVIS_BUILD=${SNOOPY_TRAVIS_BUILD:-false} ### Help method function _snoopy_install_showHelp() { echo "Possible installation arguments/modes:" echo "- 'stable' ; installs latest stable version" echo "- 'preview' ; installs latest preview version (defaults to git-master most of the time)" echo "- 'X.Y.Z' ; installs specific version from release package" echo "- 'git-REF' ; install directly from git, where REF is either:" echo " - branch name," echo " - tag," echo " - commit SHA hash." echo "- 'path/to/snoopy-X.Y.Z.tar.gz' ; installs specific pre-downloaded Snoopy release package" echo "- 'download' ; only downloads latest Snoopy release package" } ### What to install? # ARG_INSTALL_MODE="${1:-unspecified}" case $ARG_INSTALL_MODE in git-*) SNOOPY_INSTALL_MODE="git-REFERENCE" SNOOPY_SOURCE_TYPE="git" SNOOPY_DOWNLOAD_MODE="git-clone" SNOOPY_GIT_REF_TO_INSTALL=`echo "$ARG_INSTALL_MODE" | sed -e 's/^git-//'` ;; latest-preview|preview|preview-latest) SNOOPY_INSTALL_MODE="git-latest-preview" SNOOPY_SOURCE_TYPE="git" SNOOPY_DOWNLOAD_MODE="git-clone" SNOOPY_GIT_REF_TO_INSTALL="master" ;; latest-stable|stable|stable-latest|latest) SNOOPY_INSTALL_MODE="package-latest-stable" SNOOPY_SOURCE_TYPE="package" SNOOPY_DOWNLOAD_MODE="package-download" SNOOPY_PACKAGE_DOWNLOAD="true" SNOOPY_VERSION_TO_INSTALL="latest" ;; download|download-only) SNOOPY_INSTALL_MODE="download-only" SNOOPY_SOURCE_TYPE="package" SNOOPY_DOWNLOAD_MODE="package-download" SNOOPY_PACKAGE_DOWNLOAD="true" SNOOPY_VERSION_TO_INSTALL="latest" ;; [1-9].[0-9]*.[0-9]*) SNOOPY_INSTALL_MODE="package-specific-version" SNOOPY_SOURCE_TYPE="package" SNOOPY_DOWNLOAD_MODE="package-download" SNOOPY_PACKAGE_DOWNLOAD="true" SNOOPY_VERSION_TO_INSTALL="$ARG_INSTALL_MODE" ;; *) # Check if file name/path has been passed - perform a local install if [[ $ARG_INSTALL_MODE =~ snoopy-[-_.0-9a-zA-Z]+\.tar\.gz$ ]] && [[ -f $ARG_INSTALL_MODE ]]; then SNOOPY_INSTALL_MODE="local-package-file" SNOOPY_SOURCE_TYPE="package" SNOOPY_DOWNLOAD_MODE="package-download" SNOOPY_PACKAGE_DOWNLOAD="false" SNOOPY_PACKAGE_PATH="$ARG_INSTALL_MODE" SNOOPY_VERSION_TO_INSTALL=`basename $SNOOPY_PACKAGE_PATH | sed -e 's/^snoopy-//' | sed -e 's/.tar.gz$//'` else echo echo "SNOOPY INSTALL ERROR: Unknown installation mode." echo _snoopy_install_showHelp echo exit 1 fi ;; esac ### Check if running as root # SNOOPY_INSTALL_RUNNING_AS_ROOT="true" if [ "`id -u`" != "0" ]; then SNOOPY_INSTALL_RUNNING_AS_ROOT="false" echo "SNOOPY INSTALL ERROR: This installation must be run as root." echo "Hint: 'sudo COMMAND' perhaps?" if [ "$SNOOPY_TRAVIS_BUILD" == "true" ]; then echo "SNOOPY INSTALL: Ignoring error above, we are running inside Travis CI." else exit 1 fi fi ### Install distro-dependent build prerequisites, if missing # # 'socat' is not strictly needed. It is used by test suite, and is thus required # by autotools too. # If you remove it from this list, remove it from configure.ac too, or installations # performed by this script will fail. # REQUIRED_PROGRAMS="gcc gzip make socat tar wget" if [ "$SNOOPY_SOURCE_TYPE" == "git" ]; then REQUIRED_PROGRAMS_GITINSTALL="autoconf git libtool m4" REQUIRED_PROGRAMS="$REQUIRED_PROGRAMS $REQUIRED_PROGRAMS_GITINSTALL" fi if which $REQUIRED_PROGRAMS &> /dev/null; then echo "SNOOPY INSTALL: Required programs already present: $REQUIRED_PROGRAMS" else if [ "$SNOOPY_INSTALL_RUNNING_AS_ROOT" != "true" ]; then echo "SNOOPY INSTALL: Unable to run package installation, not root" else echo "SNOOPY INSTALL: Installing distro-specific packages for programs: $REQUIRED_PROGRAMS" if [ -f /etc/debian_version ]; then # Debian, Ubuntu # About /dev/null: http://askubuntu.com/questions/372810/how-to-prevent-script-not-to-stop-after-apt-get apt-get -y install $REQUIRED_PROGRAMS < "/dev/null" elif [ -f /etc/redhat-release ]; then # RHEL, Fedora, CentOS yum install -y $REQUIRED_PROGRAMS fi fi # Check again for PROGRAM in `echo "which $REQUIRED_PROGRAMS"`; do if ! which $PROGRAM &> /dev/null; then echo "SNOOPY INSTALL ERROR: '$PROGRAM' program not found!" echo "SNOOPY INSTALL ERROR: Install it and rerun this installer." exit 1 fi done fi ### Start bash subshell, to evaluate potential errors # ( set -e set -u ### Starting installation # rm -f $SNOOPY_INSTALL_LOGFILE touch $SNOOPY_INSTALL_LOGFILE echo "SNOOPY INSTALL: Starting installation, log file: $SNOOPY_INSTALL_LOGFILE" | tee -a $SNOOPY_INSTALL_LOGFILE echo "SNOOPY INSTALL: Installation mode: $SNOOPY_INSTALL_MODE" | tee -a $SNOOPY_INSTALL_LOGFILE ### Obtain source code # if [[ "$SNOOPY_SOURCE_TYPE" == "git" ]] && [[ "$SNOOPY_DOWNLOAD_MODE" == "git-clone" ]]; then echo "SNOOPY INSTALL: Cloning git repository: $SNOOPY_GIT_ORIGIN_URI" | tee -a $SNOOPY_INSTALL_LOGFILE SNOOPY_LOCAL_GIT_DIR="snoopy-install-from.git" rm -rf ./$SNOOPY_LOCAL_GIT_DIR git clone $SNOOPY_GIT_ORIGIN_URI $SNOOPY_LOCAL_GIT_DIR >> $SNOOPY_INSTALL_LOGFILE 2>&1 cd $SNOOPY_LOCAL_GIT_DIR echo "SNOOPY INSTALL: Checking out git ref: $SNOOPY_GIT_REF_TO_INSTALL" | tee -a $SNOOPY_INSTALL_LOGFILE git checkout $SNOOPY_GIT_REF_TO_INSTALL >> $SNOOPY_INSTALL_LOGFILE 2>&1 # Submodules are in use since iniparser was moved to own git repo if [ -f .gitmodules ]; then echo "SNOOPY INSTALL: Git submodules: initilizing... " | tee -a $SNOOPY_INSTALL_LOGFILE git submodule init >> $SNOOPY_INSTALL_LOGFILE 2>&1 echo "SNOOPY INSTALL: Git submodules: updating... " | tee -a $SNOOPY_INSTALL_LOGFILE git submodule update >> $SNOOPY_INSTALL_LOGFILE 2>&1 fi echo -n "SNOOPY INSTALL: Bootstraping build environment... " | tee -a $SNOOPY_INSTALL_LOGFILE if [ -x bootstrap.sh ]; then ./bootstrap.sh >> $SNOOPY_INSTALL_LOGFILE 2>&1 elif [ -x autogen.sh ]; then # Run these two first, to avoid errors (git-snoopy-2.2.6 for example) aclocal >> $SNOOPY_INSTALL_LOGFILE 2>&1 automake --add-missing >> $SNOOPY_INSTALL_LOGFILE 2>&1 ./autogen.sh >> $SNOOPY_INSTALL_LOGFILE 2>&1 elif [ -x configure ]; then # Do nothing, ./configure is commited true else echo "SNOOPY INSTALL ERROR: This git ref is too old to be supported by this installation procedure." | tee -a $SNOOPY_INSTALL_LOGFILE echo "SNOOPY INSTALL ERROR: You will have to install it manually." | tee -a $SNOOPY_INSTALL_LOGFILE exit 1 fi echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE elif [[ "$SNOOPY_SOURCE_TYPE" == "package" ]] && [[ "$SNOOPY_DOWNLOAD_MODE" == "package-download" ]]; then ### If 'latest', determine version to install # if [ "$SNOOPY_VERSION_TO_INSTALL" == "latest" ]; then echo -n "SNOOPY INSTALL: Getting latest Snoopy version... " | tee -a $SNOOPY_INSTALL_LOGFILE SNOOPY_VERSION_TO_INSTALL=`wget -q -O - $SNOOPY_PACKAGE_DOWNLOAD_URI_PREFIX/snoopy-latest-version.txt` echo "got it, $SNOOPY_VERSION_TO_INSTALL" | tee -a $SNOOPY_INSTALL_LOGFILE else echo -n "SNOOPY INSTALL: Snoopy version to be installed... " | tee -a $SNOOPY_INSTALL_LOGFILE echo "$SNOOPY_VERSION_TO_INSTALL" | tee -a $SNOOPY_INSTALL_LOGFILE fi ### Determine version from local package # if [ "$SNOOPY_PACKAGE_DOWNLOAD" == "false" ]; then SNOOPY_PACKAGE_FILENAME=`basename $SNOOPY_PACKAGE_PATH` else SNOOPY_PACKAGE_FILENAME="snoopy-$SNOOPY_VERSION_TO_INSTALL.tar.gz" fi SNOOPY_PACKAGE_DIRNAME=`echo "$SNOOPY_PACKAGE_FILENAME" | sed -e 's/\.tar.gz$//'` SNOOPY_PACKAGE_VERSION=`echo $SNOOPY_PACKAGE_FILENAME | sed -e 's/^snoopy-//' | sed -e 's/.tar.gz$//'` ### Download Snoopy package # if [ "$SNOOPY_PACKAGE_DOWNLOAD" == "true" ]; then SNOOPY_PACKAGE_URI="$SNOOPY_PACKAGE_DOWNLOAD_URI_PREFIX/$SNOOPY_PACKAGE_FILENAME" echo -n "SNOOPY INSTALL: Downloading from $SNOOPY_PACKAGE_URI... " | tee -a $SNOOPY_INSTALL_LOGFILE rm -f $SNOOPY_PACKAGE_FILENAME wget $SNOOPY_PACKAGE_URI >> $SNOOPY_INSTALL_LOGFILE 2>&1 echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE SNOOPY_PACKAGE_PATH="./$SNOOPY_PACKAGE_FILENAME" else echo -n "SNOOPY INSTALL: Will install the following local package: " | tee -a $SNOOPY_INSTALL_LOGFILE echo "$SNOOPY_PACKAGE_PATH" | tee -a $SNOOPY_INSTALL_LOGFILE fi ### Exit if in download-only mode # if [ "$SNOOPY_INSTALL_MODE" == "download-only" ]; then echo "SNOOPY INSTALL: Download-only mode detected, exiting." | tee -a $SNOOPY_INSTALL_LOGFILE exit 0 fi ### Untar, build and configure # echo -n "SNOOPY INSTALL: Unpacking $SNOOPY_PACKAGE_PATH... " | tee -a $SNOOPY_INSTALL_LOGFILE rm -rf $SNOOPY_PACKAGE_DIRNAME tar -xzf $SNOOPY_PACKAGE_PATH cd $SNOOPY_PACKAGE_DIRNAME echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE else echo -n "SNOOPY INSTALL ERROR: Internal error - undetermined download method" | tee -a $SNOOPY_INSTALL_LOGFILE exit 1 fi ### ### Configure, build, install, enable ### # Detect travis # if [ "$SNOOPY_TRAVIS_BUILD" == "true" ]; then SNOOPY_INSTALL_CONFIGURE_PREFIX="--prefix=$HOME/usr/local" SNOOPY_INSTALL_CONFIGURE_SYSCONFDIR="--sysconfdir=$HOME/etc" else SNOOPY_INSTALL_CONFIGURE_PREFIX="" SNOOPY_INSTALL_CONFIGURE_SYSCONFDIR="--sysconfdir=/etc" fi # Which configure flag is the right one # if ./configure --help | grep enable-filtering > /dev/null; then SNOOPY_INSTALL_CONFIGURE_FLAG_FILTERING="--enable-filtering" else SNOOPY_INSTALL_CONFIGURE_FLAG_FILTERING="--enable-filter" # Older variation fi echo -n "SNOOPY INSTALL: Configuring... " | tee -a $SNOOPY_INSTALL_LOGFILE ./configure \ --enable-config-file \ $SNOOPY_INSTALL_CONFIGURE_PREFIX \ $SNOOPY_INSTALL_CONFIGURE_SYSCONFDIR \ $SNOOPY_INSTALL_CONFIGURE_FLAG_FILTERING \ >> $SNOOPY_INSTALL_LOGFILE 2>&1 echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE echo -n "SNOOPY INSTALL: Building... " | tee -a $SNOOPY_INSTALL_LOGFILE make >> $SNOOPY_INSTALL_LOGFILE 2>&1 echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE # Disabled for two reasons: # - domain datasource was causing problems on misconfigured systems # - combined tests are failing if snoopy is already enabled via /etc/ld.so.preload #echo -n "SNOOPY INSTALL: Testing build... " | tee -a $SNOOPY_INSTALL_LOGFILE #make check >> $SNOOPY_INSTALL_LOGFILE 2>&1 #echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE echo -n "SNOOPY INSTALL: Installing... " | tee -a $SNOOPY_INSTALL_LOGFILE make install >> $SNOOPY_INSTALL_LOGFILE 2>&1 echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE if [ "$SNOOPY_TRAVIS_BUILD" == "true" ]; then echo "SNOOPY INSTALL: NOT enabling, as we are not running as root (Travis-CI build)." | tee -a $SNOOPY_INSTALL_LOGFILE else echo -n "SNOOPY INSTALL: Enabling... " | tee -a $SNOOPY_INSTALL_LOGFILE make enable >> $SNOOPY_INSTALL_LOGFILE 2>&1 echo "done." | tee -a $SNOOPY_INSTALL_LOGFILE ### Tell the user what to do next # echo echo "SNOOPY LOGGER is now installed and enabled." echo echo "TIP #1: If Snoopy is to be enabled for all processes, you need" echo " to restart your system, or at least all services on it." echo echo "TIP #2: If you ever need to disable Snoopy, you should use provided" echo " 'snoopy-disable' script. Use 'snoopy-enable' to reenable it." echo echo "TIP #3: Snoopy output can usually be found somewhere in /var/log/*" echo " Check your syslog configuration for details." echo echo "TIP #4: Configuration file location: /etc/snoopy.ini" echo " See included comments for additional configuration options." echo echo "Snoopy wishes you a happy logging experience:)" echo fi ### End bash subshell # ) if [ "$?" != "0" ]; then echo echo echo "Last 10 lines of Snoopy installation log file:" tail -n10 $SNOOPY_INSTALL_LOGFILE echo echo "SNOOPY INSTALL ERROR: Something weird happened!" echo "SNOOPY INSTALL ERROR: Please inspect log file for details ($SNOOPY_INSTALL_LOGFILE)" exit 1 fi ### All done # true snoopy-snoopy-2.4.6/doc/internals/000077500000000000000000000000001276626320200171515ustar00rootroot00000000000000snoopy-snoopy-2.4.6/doc/internals/Makefile.am000066400000000000000000000002571276626320200212110ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Include documentation in final release package # EXTRA_DIST = \ README.md snoopy-snoopy-2.4.6/doc/internals/README.md000066400000000000000000000060201276626320200204260ustar00rootroot00000000000000# Snoopy Logger Internals ## How does Snoopy actually work? Snoopy installs itself as a preloaded library that provides a wrapper around execv() and execve() syscall. Logging is done via syslog. Snoopy should be completely transparent to users and to applications. ## Architectural note execv() calls are now explicitly logged. Although, according to the man page for execv(), it is supposed to call execve(). To this date the reason why execv() calls weren't being logged is unknown, but we are working to find out why. ## Further information * Read the code. * Start at [../../src/eventsource/execve_wrapper.c](../../src/eventsource/execve_wrapper.c). This is essential. Here the execv()/execve() syscalls are intercepted and forwarded to internal Snoopy functions. Once Snoopy is done, execution is forwarded back to real execv()/execve() syscall. * Continue with [../../src/log.c](../../src/log.c). Here you can learn how Snoopy log message is generated (using data sources) and dispatched to configured output. * Configuration file parsing code is here: [../../src/configfile.c](../../src/configfile.c). * Data sources are located here: [../../src/datasource/](../../src/datasource/). * Filters are located here: [../../src/filter/](../../src/filter/). * Outputs are located here: [../../src/output/](../../src/output/). ## Data storage list When thread safety is DISABLED (default), data is stored in the following global variables: - snoopy_configuration_data - snoopy_inputdatastorage_data These variables must not be accessed directly, but rather by their corresponding snoopy_*_get() functions. These functions, when thread safety is enabled, return pointers to thread-specific instances of these variables. When thread-safety is enabled, all configuration data is stored in single global registry, and its structure looks something like this: - *tsrm_threadRepo (of type List ptr): - main threadRepo/list data structure - the only production global variable (there is another for testing purposes - altConfigFilePath) - malloced in tsrm_ctor(), if necessary, with mutex - freed in tsrm_dtor(), if necessary, with mutex - *firstNode (null or ListNode ptr) - *lastNode (null or ListNode ptr): pointer to tsrm_threadRepo's last node - ListNode structure: - *prevNode - *nextNode - *value: pointer to malloced tsrm_threadData_t - (*value structure): - (malloced in tsrm_createNewThreadData()) - tid (id of thread for this threadData - *configuration : malloced in tsrm_createNewThreadData() - *inputdatastorage: malloced in tsrm_createNewThreadData() - (*configuration structure): - defaults in configuration_setDefaults() - see structure in configuration.h - (*inputdatastorage structure): - defaults in inputdatastorage_setDefaults() - see structure in inputdatastorage.h - *argv - *envp snoopy-snoopy-2.4.6/doc/releasing/000077500000000000000000000000001276626320200171235ustar00rootroot00000000000000snoopy-snoopy-2.4.6/doc/releasing/RELEASE-HOWTO.txt000066400000000000000000000046431276626320200216510ustar00rootroot00000000000000################################################################################ ### ### How to release a new version of Snoopy Logger ### ################################################################################ Steps: 1. Run these tools to ensure code quality and consistency: 1a. Run autoscan and compare results: - before runnint autoscan, do this: -> ./bootstrap -> ./configure --enable-everything -> (reason: sometimes more things are detected as needed this way) - 'autoscan' - use 'git diff' to see if anything changed from previous run - add suggestions to configure.ac - compare configure.scan to configure.ac - update config.h.in - commit - cleanup: -> make maintainer-clean 1b. Push latest changes to GitHub, wait for Travis to confirm that builds are passing successfully. 1c. Check build with valgrind: - ./configure --enable-everything - make valgrind - fix anny errors that valgrind reports - commit 1d. Create build and upload it to Coverity: (- ./configure --enable-everything) - two ways, either -> merge to-be-released branch to coverity_scan branch, or -> ./doc/releasing/bin/submit-to-coverity.sh - wait for coverity scan to complete - check for errors, fix them, rinse and repeat until no more errors are found 2. Update documentation TOCs - use this tool: https://github.com/ekalinin/github-markdown-toc - commit 3. Update version info and release: a) Edit files: 1. ChangeLog 2. README.md (a: update latest version(s), b: add to NEWS section) b) Commit with sign-off, with exact message "Release X.Y.Z" on the first line, create git tag "snoopy-X.Y.Z" Actual commands to run: c) Run release script: (see below) d) Merge to stable branch and push: (see below) Command to run that does steps b) to d) automatically: export REL_VERSION=`./build/get-version.sh changelog` && git add ChangeLog README.md && git commit -s -m "Release $REL_VERSION" && git tag "snoopy-$REL_VERSION" && ./doc/releasing/bin/create-release.sh "snoopy-$REL_VERSION" && git checkout stable && git pull && git merge --ff master && git push && git checkout master && #(or git merge snoopy-$REL_VERSION <--- UNTESTED) unset REL_VERSION 4. All done. snoopy-snoopy-2.4.6/doc/releasing/bin/000077500000000000000000000000001276626320200176735ustar00rootroot00000000000000snoopy-snoopy-2.4.6/doc/releasing/bin/create-release.sh000077500000000000000000000150321276626320200231140ustar00rootroot00000000000000#!/bin/bash ### Settings # PUBLIC_GIT_REMOTE_NAME="github-a2o" ### Check working directory if [ ! -d "doc/releasing" ]; then echo "ERROR: You have to run this script in the root of the git repository" exit 1 fi ### Check release tag RELEASE_TAG="$1" if [ "x$RELEASE_TAG" == "x" ]; then echo "ERROR: No release tag specified. Please use: $0 snoopy-X.Y.Z" exit 1 fi ### Check if release tag is properly formatted if [[ ! "$RELEASE_TAG" =~ ^snoopy- ]]; then echo "ERROR: Release tag is not properly formatted - snoopy-x.y.z format is required" exit 1 fi RELEASE_VERSION=`echo "$RELEASE_TAG" | sed -e 's/snoopy-//'` ### Check if release tag exists RES=`git tag | grep "^$RELEASE_TAG\$"` if [ "$RES" != "$RELEASE_TAG" ]; then echo "ERROR: Release tag does not exist, please create it with: git tag snoopy-X.Y.Z" exit 2 fi ### Check if first line of tagged commit contains "Release X.Y.Z" RES=`git log -1 --pretty="%B" $RELEASE_TAG | head -n1 | grep "^Release $RELEASE_VERSION\$" -c` if [ "$RES" -ne "1" ]; then echo "ERROR: Release commit does not contain this message as first line: 'Release $RELEASE_VERSION'" exit 2 fi ### Check if git remote with required name exists RES=`git remote | grep "^$PUBLIC_GIT_REMOTE_NAME\$" -c` if [ "$RES" -ne "1" ]; then echo "ERROR: Required git remote not found: '$PUBLIC_GIT_REMOTE_NAME'" exit 2 fi ### Check for uncommited changes in the current repo # # Uncommited changes are NOT allowed # RES=`git describe --always --dirty | grep -- '-dirty$' | grep -c .` if [ "$RES" -ne "0" ]; then echo "ERROR: There are uncommited changes in the repository. Commit/stash them and try again." echo git status -s echo exit 2 fi ### Paths and filenames DIR_REPO=`pwd` FILENAME_RELEASE="snoopy-$RELEASE_VERSION.tar.gz" FILENAME_RELEASE_MD5="snoopy-$RELEASE_VERSION.tar.gz.md5" FILENAME_RELEASE_SHA1="snoopy-$RELEASE_VERSION.tar.gz.sha1" FILENAME_RELEASE_SIZE="snoopy-$RELEASE_VERSION.tar.gz.size" FILENAME_LATEST_VERSION="snoopy-latest-version.txt" FILENAME_LATEST_PACKAGE_FILENAME="snoopy-latest-package-filename.txt" FILE_RELEASE="$DIR_REPO/$FILENAME_RELEASE" FILE_RELEASE_MD5="$DIR_REPO/$FILENAME_RELEASE_MD5" FILE_RELEASE_SHA1="$DIR_REPO/$FILENAME_RELEASE_SHA1" FILE_RELEASE_SIZE="$DIR_REPO/$FILENAME_RELEASE_SIZE" FILE_LATEST_VERSION="$DIR_REPO/$FILENAME_LATEST_VERSION" FILE_LATEST_PACKAGE_FILENAME="$DIR_REPO/$FILENAME_LATEST_PACKAGE_FILENAME" PUBLIC_DL_SSH_HOST="source.a2o.si" PUBLIC_DL_SSH_PATH="/var/www/source.a2o.si/public/download/snoopy" PUBLIC_DL_URI_PREFIX="http://source.a2o.si/download/snoopy" ### Determine if this version is stable or development release if [[ $RELEASE_VERSION =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]]; then RELEASE_IS_STABLE="1" else RELEASE_IS_STABLE="0" fi ### Check that release dirs and files do not exists if [ -e $FILE_RELEASE ]; then echo "ERROR: Release file already exists: $FILE_RELEASE" exit 10 fi if [ -e $FILE_RELEASE_MD5 ]; then echo "ERROR: Release MD5 file already exists: $FILE_RELEASE_MD5" exit 10 fi if [ -e $FILE_RELEASE_SHA1 ]; then echo "ERROR: Release SHA1 file already exists: $FILE_RELEASE_SHA1" exit 10 fi if [ -e $FILE_RELEASE_SIZE ]; then echo "ERROR: Release SIZE file already exists: $FILE_RELEASE_SIZE" exit 10 fi ### Check if we can connect to SSH host echo "SSH TEST: Checking SSH connectivity for final release tarball upload." echo "SSH TEST: If you are promted for account password (not private key password), it does not work." echo "SSH TEST: If that happens, just hit CTRL+C and fix the problem before trying publish a release." ssh $PUBLIC_DL_SSH_HOST true if [ "$?" != "0" ]; then echo "ERROR: Failed to test-connect to the $PUBLIC_DL_SSH_HOST via SSH. Aborting." fi ### Remember current git branch GIT_BRANCH_CUR=`git rev-parse --abbrev-ref HEAD` echo "RELEASING: Currently on git branch '$GIT_BRANCH_CUR', will return to it at the end..." ### Checkout echo "RELEASING: Checking out git tag '$RELEASE_TAG'..." git checkout $RELEASE_TAG ### Check for release in ChangeLog RES=`cat ChangeLog | grep "$RELEASE_VERSION\$" | cat` if [ "x$RES" == "x" ]; then echo "ERROR: Release version $RELEASE_VERSION not found in ChangeLog file." exit 20 fi ### Check for release in README.md RES=`cat README.md | grep snoopy-$RELEASE_VERSION\.t | cat` if [ "x$RES" == "x" ]; then echo "ERROR: Release version $RELEASE_VERSION not found in README.md file." exit 20 fi ### Create release package ./bootstrap.sh && ./configure --enable-everything && make clean && make distcheck && ### Checkout back master branch echo "RELEASING: Restoring original git branch '$GIT_BRANCH_CUR'..." git checkout $GIT_BRANCH_CUR && ### Create package echo "RELEASING: Creating release tarball hashes..." md5sum $FILENAME_RELEASE > $FILE_RELEASE_MD5 && sha1sum $FILENAME_RELEASE > $FILE_RELEASE_SHA1 && wc -c $FILENAME_RELEASE > $FILE_RELEASE_SIZE && # These two are used by snoopy-install.sh script echo "$RELEASE_VERSION" > $FILE_LATEST_VERSION && echo "$FILENAME_RELEASE" > $FILE_LATEST_PACKAGE_FILENAME && ### Upload release files echo && echo "RELEASING: Uploading release package files to http://source.a2o.si/download/snoopy/..." && echo && scp \ $FILE_RELEASE \ $FILE_RELEASE_MD5 \ $FILE_RELEASE_SHA1 \ $FILE_RELEASE_SIZE \ $PUBLIC_DL_SSH_HOST:$PUBLIC_DL_SSH_PATH \ && echo && ### If stable release, update latest stable package version metadata if [ "$RELEASE_IS_STABLE" == "1" ]; then echo "RELEASING: This is a stable release." && echo "RELEASING: Updating files that indicate latest package version..." && echo && scp \ $FILE_LATEST_VERSION \ $FILE_LATEST_PACKAGE_FILENAME \ $PUBLIC_DL_SSH_HOST:$PUBLIC_DL_SSH_PATH \ && ssh $PUBLIC_DL_SSH_HOST \ ln -sf $FILENAME_RELEASE $PUBLIC_DL_SSH_PATH/snoopy-latest.tar.gz else echo "RELEASING: This is NOT a stable release." && echo "RELEASING: Skipped updating files that indicate latest package version." echo fi && echo && echo "COMPLETE: $RELEASE_TAG has been released." && echo "DL URI: $PUBLIC_DL_URI_PREFIX/$FILENAME_RELEASE" && echo ### Push code and tags to GitHub # # Doing this once with --tags argument only does not push actual code, only tags # echo && echo "RELEASING: Pushing code and tags to GitHub..." && echo && git push $PUBLIC_GIT_REMOTE_NAME && git push $PUBLIC_GIT_REMOTE_NAME --tags && ### Remove created package files echo && echo "CLEANUP: Running 'make clean'... (output suppressed)" && echo && make clean > /dev/null && ### All done. true snoopy-snoopy-2.4.6/doc/releasing/bin/submit-to-coverity.sh000077500000000000000000000053511276626320200240230ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u set -o pipefail ### Settings # COVERITY_SETTINGS_FILE="./build/coverity-settings.conf" BUILD_DIR="cov-int" BUILD_FILE_PREFIX="cov-int-snoopy" ### Help function # displayHelp() { cat < $DESTDIR/SOURCE.txt git-origin-url = '$GITORIGINURL' git-origin-ref = '$INIH_VERSION' patches-dir = 'patches/' EOF ### Remove the tmp git dir # rm -rf $TMPGITDIR ### All good. # echo "Any changes?" git status $DESTDIR echo echo "Update succeeded." snoopy-snoopy-2.4.6/lib/inih/patches/000077500000000000000000000000001276626320200175315ustar00rootroot00000000000000snoopy-snoopy-2.4.6/lib/inih/patches/0001-strip-value-quotes.diff000066400000000000000000000016631276626320200245400ustar00rootroot00000000000000diff --git a/lib/inih/src/ini.c b/lib/inih/src/ini.c index 27ca85b..2c015c8 100644 --- a/lib/inih/src/ini.c +++ b/lib/inih/src/ini.c @@ -149,6 +149,17 @@ int ini_parse_stream(ini_reader reader, void* stream, ini_handler handler, #endif rstrip(value); + /* Strip surrounding double and single quotes */ + if ((*value == '"') && (value[strlen(value) - 1] == '"')) { + value[strlen(value) - 1] = '\0'; + value += 1; + } else { + if ((*value == '"') && (value[strlen(value) - 1] == '"')) { + value[strlen(value) - 1] = '\0'; + value += 1; + } + } + /* Valid name[=:]value pair found, call handler */ strncpy0(prev_name, name, sizeof(prev_name)); if (!handler(user, section, name, value) && !error) snoopy-snoopy-2.4.6/lib/inih/src/000077500000000000000000000000001276626320200166715ustar00rootroot00000000000000snoopy-snoopy-2.4.6/lib/inih/src/Makefile.am000066400000000000000000000003231276626320200207230ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Create library "libinih" # noinst_LTLIBRARIES = \ libinih.la libinih_la_SOURCES = \ ini.c \ ini.h snoopy-snoopy-2.4.6/lib/inih/src/ini.c000066400000000000000000000130151276626320200176140ustar00rootroot00000000000000/* inih -- simple .INI file parser inih is released under the New BSD license (see LICENSE.txt). Go to the project home page for more info: https://github.com/benhoyt/inih */ #if defined(_MSC_VER) && !defined(_CRT_SECURE_NO_WARNINGS) #define _CRT_SECURE_NO_WARNINGS #endif #include #include #include #include "ini.h" #if !INI_USE_STACK #include #endif #define MAX_SECTION 50 #define MAX_NAME 50 /* Strip whitespace chars off end of given string, in place. Return s. */ static char* rstrip(char* s) { char* p = s + strlen(s); while (p > s && isspace((unsigned char)(*--p))) *p = '\0'; return s; } /* Return pointer to first non-whitespace char in given string. */ static char* lskip(const char* s) { while (*s && isspace((unsigned char)(*s))) s++; return (char*)s; } /* Return pointer to first char (of chars) or inline comment in given string, or pointer to null at end of string if neither found. Inline comment must be prefixed by a whitespace character to register as a comment. */ static char* find_chars_or_comment(const char* s, const char* chars) { #if INI_ALLOW_INLINE_COMMENTS int was_space = 0; while (*s && (!chars || !strchr(chars, *s)) && !(was_space && strchr(INI_INLINE_COMMENT_PREFIXES, *s))) { was_space = isspace((unsigned char)(*s)); s++; } #else while (*s && (!chars || !strchr(chars, *s))) { s++; } #endif return (char*)s; } /* Version of strncpy that ensures dest (size bytes) is null-terminated. */ static char* strncpy0(char* dest, const char* src, size_t size) { strncpy(dest, src, size); dest[size - 1] = '\0'; return dest; } /* See documentation in header file. */ int ini_parse_stream(ini_reader reader, void* stream, ini_handler handler, void* user) { /* Uses a fair bit of stack (use heap instead if you need to) */ #if INI_USE_STACK char line[INI_MAX_LINE]; #else char* line; #endif char section[MAX_SECTION] = ""; char prev_name[MAX_NAME] = ""; char* start; char* end; char* name; char* value; int lineno = 0; int error = 0; #if !INI_USE_STACK line = (char*)malloc(INI_MAX_LINE); if (!line) { return -2; } #endif /* Scan through stream line by line */ while (reader(line, INI_MAX_LINE, stream) != NULL) { lineno++; start = line; #if INI_ALLOW_BOM if (lineno == 1 && (unsigned char)start[0] == 0xEF && (unsigned char)start[1] == 0xBB && (unsigned char)start[2] == 0xBF) { start += 3; } #endif start = lskip(rstrip(start)); if (*start == ';' || *start == '#') { /* Per Python configparser, allow both ; and # comments at the start of a line */ } #if INI_ALLOW_MULTILINE else if (*prev_name && *start && start > line) { /* Non-blank line with leading whitespace, treat as continuation of previous name's value (as per Python configparser). */ if (!handler(user, section, prev_name, start) && !error) error = lineno; } #endif else if (*start == '[') { /* A "[section]" line */ end = find_chars_or_comment(start + 1, "]"); if (*end == ']') { *end = '\0'; strncpy0(section, start + 1, sizeof(section)); *prev_name = '\0'; } else if (!error) { /* No ']' found on section line */ error = lineno; } } else if (*start) { /* Not a comment, must be a name[=:]value pair */ end = find_chars_or_comment(start, "=:"); if (*end == '=' || *end == ':') { *end = '\0'; name = rstrip(start); value = lskip(end + 1); #if INI_ALLOW_INLINE_COMMENTS end = find_chars_or_comment(value, NULL); if (*end) *end = '\0'; #endif rstrip(value); /* Strip surrounding double and single quotes */ if ((*value == '"') && (value[strlen(value) - 1] == '"')) { value[strlen(value) - 1] = '\0'; value += 1; } else { if ((*value == '\'') && (value[strlen(value) - 1] == '\'')) { value[strlen(value) - 1] = '\0'; value += 1; } } /* Valid name[=:]value pair found, call handler */ strncpy0(prev_name, name, sizeof(prev_name)); if (!handler(user, section, name, value) && !error) error = lineno; } else if (!error) { /* No '=' or ':' found on name[=:]value line */ error = lineno; } } #if INI_STOP_ON_FIRST_ERROR if (error) break; #endif } #if !INI_USE_STACK free(line); #endif return error; } /* See documentation in header file. */ int ini_parse_file(FILE* file, ini_handler handler, void* user) { return ini_parse_stream((ini_reader)fgets, file, handler, user); } /* See documentation in header file. */ int ini_parse(const char* filename, ini_handler handler, void* user) { FILE* file; int error; file = fopen(filename, "r"); if (!file) return -1; error = ini_parse_file(file, handler, user); fclose(file); return error; } snoopy-snoopy-2.4.6/lib/inih/src/ini.h000066400000000000000000000060421276626320200176230ustar00rootroot00000000000000/* inih -- simple .INI file parser inih is released under the New BSD license (see LICENSE.txt). Go to the project home page for more info: https://github.com/benhoyt/inih */ #ifndef __INI_H__ #define __INI_H__ /* Make this header file easier to include in C++ code */ #ifdef __cplusplus extern "C" { #endif #include /* Typedef for prototype of handler function. */ typedef int (*ini_handler)(void* user, const char* section, const char* name, const char* value); /* Typedef for prototype of fgets-style reader function. */ typedef char* (*ini_reader)(char* str, int num, void* stream); /* Parse given INI-style file. May have [section]s, name=value pairs (whitespace stripped), and comments starting with ';' (semicolon). Section is "" if name=value pair parsed before any section heading. name:value pairs are also supported as a concession to Python's configparser. For each name=value pair parsed, call handler function with given user pointer as well as section, name, and value (data only valid for duration of handler call). Handler should return nonzero on success, zero on error. Returns 0 on success, line number of first error on parse error (doesn't stop on first error), -1 on file open error, or -2 on memory allocation error (only when INI_USE_STACK is zero). */ int ini_parse(const char* filename, ini_handler handler, void* user); /* Same as ini_parse(), but takes a FILE* instead of filename. This doesn't close the file when it's finished -- the caller must do that. */ int ini_parse_file(FILE* file, ini_handler handler, void* user); /* Same as ini_parse(), but takes an ini_reader function pointer instead of filename. Used for implementing custom or string-based I/O. */ int ini_parse_stream(ini_reader reader, void* stream, ini_handler handler, void* user); /* Nonzero to allow multi-line value parsing, in the style of Python's configparser. If allowed, ini_parse() will call the handler with the same name for each subsequent line parsed. */ #ifndef INI_ALLOW_MULTILINE #define INI_ALLOW_MULTILINE 1 #endif /* Nonzero to allow a UTF-8 BOM sequence (0xEF 0xBB 0xBF) at the start of the file. See http://code.google.com/p/inih/issues/detail?id=21 */ #ifndef INI_ALLOW_BOM #define INI_ALLOW_BOM 1 #endif /* Nonzero to allow inline comments (with valid inline comment characters specified by INI_INLINE_COMMENT_PREFIXES). Set to 0 to turn off and match Python 3.2+ configparser behaviour. */ #ifndef INI_ALLOW_INLINE_COMMENTS #define INI_ALLOW_INLINE_COMMENTS 1 #endif #ifndef INI_INLINE_COMMENT_PREFIXES #define INI_INLINE_COMMENT_PREFIXES ";" #endif /* Nonzero to use stack, zero to use heap (malloc/free). */ #ifndef INI_USE_STACK #define INI_USE_STACK 1 #endif /* Stop parsing on first error (default is to keep parsing). */ #ifndef INI_STOP_ON_FIRST_ERROR #define INI_STOP_ON_FIRST_ERROR 0 #endif /* Maximum line length for any line in INI file. */ #ifndef INI_MAX_LINE #define INI_MAX_LINE 200 #endif #ifdef __cplusplus } #endif #endif /* __INI_H__ */ snoopy-snoopy-2.4.6/lib/liblcthw/000077500000000000000000000000001276626320200167635ustar00rootroot00000000000000snoopy-snoopy-2.4.6/lib/liblcthw/LICENSE000066400000000000000000000030141276626320200177660ustar00rootroot00000000000000Copyright (c) 2010, Zed A. Shaw. All rights reserved. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met: * Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer. * Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. * Neither the name of the Learn C The Hard Way, Zed A. Shaw, nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. snoopy-snoopy-2.4.6/lib/liblcthw/SOURCE000066400000000000000000000000441276626320200177040ustar00rootroot00000000000000https://github.com/zedshaw/liblcthw snoopy-snoopy-2.4.6/lib/liblcthw/VERSION000066400000000000000000000000511276626320200200270ustar00rootroot00000000000000b0abccd396f30ea7e7e0a53087fdee7bedfcf2d8 snoopy-snoopy-2.4.6/lib/liblcthw/src/000077500000000000000000000000001276626320200175525ustar00rootroot00000000000000snoopy-snoopy-2.4.6/lib/liblcthw/src/dbg.h000066400000000000000000000034011276626320200204550ustar00rootroot00000000000000#ifndef __dbg_h__ #define __dbg_h__ #include #include #include #ifdef NDEBUG #define debug(M, ...) #else #define debug(M, ...) fprintf(stderr, "DEBUG %s:%d: " M "\n", __FILE__, __LINE__, ##__VA_ARGS__) #endif // do not try to be smart and make this go away on NDEBUG, the _debug // here means that it just doesn't print a message, it still does the // check. MKAY? #define check_debug(A, M, ...) if(!(A)) { debug(M, ##__VA_ARGS__); errno=0; goto error; } #define clean_errno() (errno == 0 ? "None" : strerror(errno)) #ifdef NO_LINENOS // versions that don't feature line numbers #define log_err(M, ...) fprintf(stderr, "[ERROR] (errno: %s) " M "\n", clean_errno(), ##__VA_ARGS__) #define log_warn(M, ...) fprintf(stderr, "[WARN] (errno: %s) " M "\n", clean_errno(), ##__VA_ARGS__) #define log_info(M, ...) fprintf(stderr, "[INFO] " M "\n", ##__VA_ARGS__) #else #define log_err(M, ...) fprintf(stderr, "[ERROR] (%s:%d: errno: %s) " M "\n", __FILE__, __LINE__, clean_errno(), ##__VA_ARGS__) #define log_warn(M, ...) fprintf(stderr, "[WARN] (%s:%d: errno: %s) " M "\n", __FILE__, __LINE__, clean_errno(), ##__VA_ARGS__) #define log_info(M, ...) fprintf(stderr, "[INFO] (%s:%d) " M "\n", __FILE__, __LINE__, ##__VA_ARGS__) #endif #define check(A, M, ...) if(!(A)) { log_err(M, ##__VA_ARGS__); errno=0; goto error; } #define sentinel(M, ...) { log_err(M, ##__VA_ARGS__); errno=0; goto error; } #define check_mem(A) check((A), "Out of memory.%s", "") #define TRACE(C,E) debug("--> %s(%s:%d) %s:%d ", "" #C, State_event_name(E), E, __FUNCTION__, __LINE__) #define error_response(F, C, M, ...) {Response_send_status(F, &HTTP_##C); sentinel(M, ##__VA_ARGS__);} #define error_unless(T, F, C, M, ...) if(!(T)) error_response(F, C, M, ##__VA_ARGS__) #endif snoopy-snoopy-2.4.6/lib/liblcthw/src/list.c000066400000000000000000000043271276626320200206770ustar00rootroot00000000000000#include #include List *List_create() { return calloc(1, sizeof(List)); } void List_destroy(List *list) { LIST_FOREACH(list, first, next, cur) { if(cur->prev) { free(cur->prev); } } free(list->last); free(list); } void List_clear(List *list) { LIST_FOREACH(list, first, next, cur) { free(cur->value); } } void List_clear_destroy(List *list) { List_clear(list); List_destroy(list); } void List_push(List *list, void *value) { ListNode *node = calloc(1, sizeof(ListNode)); check_mem(node); node->value = value; if(list->last == NULL) { list->first = node; list->last = node; node->prev = NULL; } else { list->last->next = node; node->prev = list->last; node->next = NULL; list->last = node; } list->count++; error: return; } void *List_pop(List *list) { ListNode *node = list->last; return node != NULL ? List_remove(list, node) : NULL; } void List_shift(List *list, void *value) { ListNode *node = calloc(1, sizeof(ListNode)); check_mem(node); node->value = value; if(list->first == NULL) { list->first = node; list->last = node; } else { node->next = list->first; list->first->prev = node; list->first = node; } list->count++; error: return; } void *List_unshift(List *list) { ListNode *node = list->first; return node != NULL ? List_remove(list, node) : NULL; } void *List_remove(List *list, ListNode *node) { void *result = NULL; check(list->first && list->last, "List is empty.%s", ""); check(node, "Node can't be NULL.%s", ""); if(node == list->first && node == list->last) { list->first = NULL; list->last = NULL; } else if(node == list->first) { list->first = node->next; list->first->prev = NULL; } else if (node == list->last) { list->last = node->prev; list->last->next = NULL; } else { ListNode *after = node->next; ListNode *before = node->prev; after->prev = before; before->next = after; } list->count--; result = node->value; free(node); error: return result; } snoopy-snoopy-2.4.6/lib/liblcthw/src/list.h000066400000000000000000000016261276626320200207030ustar00rootroot00000000000000#ifndef lcthw_List_h #define lcthw_List_h #include struct ListNode; typedef struct ListNode { struct ListNode *next; struct ListNode *prev; void *value; } ListNode; typedef struct List { int count; ListNode *first; ListNode *last; } List; List *List_create(); void List_destroy(List *list); void List_clear(List *list); void List_clear_destroy(List *list); #define List_count(A) ((A)->count) #define List_first(A) ((A)->first != NULL ? (A)->first->value : NULL) #define List_last(A) ((A)->last != NULL ? (A)->last->value : NULL) void List_push(List *list, void *value); void *List_pop(List *list); void List_shift(List *list, void *value); void *List_unshift(List *list); void *List_remove(List *list, ListNode *node); #define LIST_FOREACH(L, S, M, V) ListNode *_node = NULL;\ ListNode *V = NULL;\ for(V = _node = L->S; _node != NULL; V = _node = _node->M) #endif snoopy-snoopy-2.4.6/src/000077500000000000000000000000001276626320200151745ustar00rootroot00000000000000snoopy-snoopy-2.4.6/src/Makefile.am000066400000000000000000000042531276626320200172340ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Subdir processing order # SUBDIRS = SUBDIRS += eventsource SUBDIRS += datasource if FILTERING_ENABLED SUBDIRS += filter endif SUBDIRS += output SUBDIRS += . ### Create main library, but without execve() wrappers # noinst_LTLIBRARIES = \ libsnoopy_no_execve.la libsnoopy_no_execve_la_SOURCES = \ configuration.c \ configuration.h \ error.c \ error.h \ genericregistry.c \ genericregistry.h \ inputdatastorage.c \ inputdatastorage.h \ datasourceregistry.c \ datasourceregistry.h \ log.c \ log.h \ message.c \ message.h \ misc.c \ misc.h \ outputregistry.c \ outputregistry.h \ parser.c \ parser.h \ snoopy.h libsnoopy_no_execve_la_CFLAGS = $(AM_CFLAGS) libsnoopy_no_execve_la_LDFLAGS = $(AM_LDFLAGS) libsnoopy_no_execve_la_LIBADD = \ datasource/libsnoopy_datasources_all.la \ output/libsnoopy_outputs_all.la # If config file is enabled, build and link these too if CONFIGFILE_ENABLED libsnoopy_no_execve_la_SOURCES += \ configfile.c \ configfile.h libsnoopy_no_execve_la_LIBADD += \ ../lib/inih/src/libinih.la endif # If config file is enabled, build and link these too if THREAD_SAFETY_ENABLED libsnoopy_no_execve_la_CFLAGS += -I$(top_srcdir)/lib/liblcthw/src libsnoopy_no_execve_la_LDFLAGS += -lpthread libsnoopy_no_execve_la_SOURCES += \ ../lib/liblcthw/src/dbg.h \ ../lib/liblcthw/src/list.c \ ../lib/liblcthw/src/list.h \ tsrm.c \ tsrm.h endif # If filtering is enabled, add these too if FILTERING_ENABLED libsnoopy_no_execve_la_SOURCES += \ filtering.c \ filtering.h \ filterregistry.c \ filterregistry.h libsnoopy_no_execve_la_LIBADD += \ filter/libsnoopy_filters_all.la endif ### Create main library, whole # lib_LTLIBRARIES = libsnoopy.la libsnoopy_la_SOURCES = libsnoopy_la_LIBADD = \ libsnoopy_no_execve.la \ eventsource/libsnoopy_eventsource_execve_wrapper.la ### Create debugging helper library # noinst_LTLIBRARIES += libsnoopy-debug-addons.la libsnoopy_debug_addons_la_SOURCES = libsnoopy-debug-addons.c \ libsnoopy-debug-addons.h libsnoopy_debug_addons_la_LIBADD = libsnoopy_no_execve.la snoopy-snoopy-2.4.6/src/configfile.c000066400000000000000000000264321276626320200174540ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: configfile.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "configfile.h" #include "snoopy.h" #include "configfile.h" #include "configuration.h" #include "misc.h" #include "outputregistry.h" #include "lib/inih/src/ini.h" #ifndef _XOPEN_SOURCE // For strdup #define _XOPEN_SOURCE 500 #endif #include #include #include #include #include /* * snoopy_configfile_load_file * * Description: * Parses INI configuration file and overrides Snoopy * configuration with changed values. * * Params: * file Path log INI configuration file * * Return: * int 0 on success, -1 on error openinf file, other int for other errors */ int snoopy_configfile_load ( char *iniFilePath ) { int iniParseStatus; snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); /* Tell Snoopy we are using configuration file */ CFG->configfile_path = iniFilePath; /* Parse the INI configuration file first */ iniParseStatus = ini_parse(iniFilePath, snoopy_configfile_parser_callback, CFG); if (0 != iniParseStatus) { // TODO Snoopy error handling return -1; } CFG->configfile_found = SNOOPY_TRUE; /* Housekeeping */ CFG->configfile_parsed = SNOOPY_TRUE; // We have sucessfully parsed configuration file return 0; } /* * snoopy_configfile_parser_callback * * Description: * Callback function for each found ini value in parsed config file. * * Params: * // file Path log INI configuration file * * Return: * // int 0 on success, -1 on error openinf file, other int for other errors */ int snoopy_configfile_parser_callback ( void* sth, const char* section, const char* name, const char* confValString ) { int confValInt; /* Qualify pointer? */ snoopy_configuration_t* CFG = (snoopy_configuration_t*)sth; /* Skip unknown sections */ if (0 != strcmp(section, "snoopy")) { return 1; } /* Do the name matching */ #define MATCHNAME(n) strcmp(name, n) == 0 if (MATCHNAME("error_logging")) { confValInt = snoopy_configfile_getboolean(confValString, -1); if (-1 != confValInt) { CFG->error_logging_enabled = confValInt; } return 1; } if (MATCHNAME("message_format")) { CFG->message_format = strdup(confValString); CFG->message_format_malloced = SNOOPY_TRUE; return 1; } if (MATCHNAME("filter_chain")) { CFG->filter_chain = strdup(confValString); CFG->filter_chain_malloced = SNOOPY_TRUE; return 1; } if (MATCHNAME("output")) { snoopy_configfile_parse_output(confValString); return 1; } if (MATCHNAME("syslog_facility")) { snoopy_configfile_parse_syslog_facility(confValString); return 1; } if (MATCHNAME("syslog_ident")) { CFG->syslog_ident = strdup(confValString); CFG->syslog_ident_malloced = SNOOPY_TRUE; return 1; } if (MATCHNAME("syslog_level")) { snoopy_configfile_parse_syslog_level(confValString); return 1; } /* Why are we returning 1 instead of zero everywhere? */ return 1; } /* * snoopy_configfile_parse_output * * Description: * Parses configuration setting syslog_output and * sets appropriate internal configuration variable(s). * Uses default setting if unknown value. * * Params: * confVal Value from configuration file * * Return: * void */ void snoopy_configfile_parse_output ( const char *confValOrig ) { char *confVal; char *outputName; char *outputArg; int outputArgFound = SNOOPY_FALSE; snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); // Do not assign null to it explicitly, as you get "Explicit null dereference" Coverity error. // If you do not assign it, Coverity complains with "Uninitialized pointer read". char *saveptr1 = ""; // First clone the config value, as it gets freed by iniparser confVal = strdup(confValOrig); // Check if configured value contains argument(s) if (NULL == strchr(confVal, ':')) { outputName = confVal; CFG->output_arg = ""; CFG->output_arg_malloced = SNOOPY_FALSE; outputArg = ""; } else { // Separate output name from its arguments outputName = strtok_r(confVal, ":", &saveptr1); outputArg = strtok_r(NULL , ":", &saveptr1); outputArgFound = SNOOPY_TRUE; } // Determine output name if (SNOOPY_TRUE == snoopy_outputregistry_doesNameExist(outputName)) { CFG->output = strdup(outputName); CFG->output_malloced = SNOOPY_TRUE; if (SNOOPY_TRUE == outputArgFound) { // THINK What if conf.output_arg was set in previous call to this function, // and is already malloced? We need to detect that and free previous // allocation. CFG->output_arg = strdup(outputArg); CFG->output_arg_malloced = SNOOPY_TRUE; } } else { CFG->output = SNOOPY_OUTPUT_DEFAULT; CFG->output_malloced = SNOOPY_FALSE; CFG->output_arg = SNOOPY_OUTPUT_DEFAULT_ARG; CFG->output_arg_malloced = SNOOPY_FALSE; } // Housekeeping free(confVal); } /* * snoopy_configfile_parse_syslog_facility * * Description: * Parses configuration setting syslog_facility and * sets appropriate config variable. * Uses default setting if unknown value. * * Params: * confVal Value from configuration file * * Return: * void */ void snoopy_configfile_parse_syslog_facility ( const char *confValOrig ) { char *confVal; char *confValCleaned; int facilityInt; snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); // Duplicate the iniparser value, as we need to modify it confVal = strdup(confValOrig); // First cleanup the value confValCleaned = snoopy_configfile_syslog_value_cleanup(confVal); // Evaluate and set configuration flag facilityInt = snoopy_syslog_convert_facilityToInt(confValCleaned); if (-1 == facilityInt) { CFG->syslog_facility = SNOOPY_SYSLOG_FACILITY; } else { CFG->syslog_facility = facilityInt; } /* Housekeeping */ free(confVal); } /* * snoopy_configfile_parse_syslog_level * * Description: * Parses configuration setting syslog_level and * sets appropriate config variable. * Uses default setting if unknown value. * * Params: * confVal Value from configuration file * * Return: * void */ void snoopy_configfile_parse_syslog_level ( const char *confValOrig ) { char *confVal; char *confValCleaned; int levelInt; snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); // Duplicate the iniparser value, as we need to modify it confVal = strdup(confValOrig); // First cleanup the value confValCleaned = snoopy_configfile_syslog_value_cleanup(confVal); // Evaluate and set configuration flag levelInt = snoopy_syslog_convert_levelToInt(confValCleaned); if (-1 == levelInt) { CFG->syslog_level = SNOOPY_SYSLOG_LEVEL; } else { CFG->syslog_level = levelInt; } /* Housekeeping */ free(confVal); } /* * snoopy_configfile_syslog_value_cleanup * * Description: * Convert existing string to upper case, and remove LOG_ prefix * * Params: * confVal Pointer to string to change and to be operated on * * Return: * char * Pointer to cleaned string (either the same as initial argument, * or 4 characters advanced, to remove LOG_ prefix */ char *snoopy_configfile_syslog_value_cleanup (char *confVal) { char *confValCleaned; // Initialize - just in case confValCleaned = confVal; // Convert to upper case snoopy_configfile_strtoupper(confVal); // Remove LOG_ prefix confValCleaned = snoopy_configfile_syslog_value_remove_prefix(confVal); return confValCleaned; } /* * snoopy_configfile_syslog_value_remove_prefix * * Description: * Remove the LOG_ prefix, return pointer to new string (either equal * or +4 chars advanced) * * Params: * string Pointer to string to remove LOG_ prefix * * Return: * char * Pointer to non LOG_ part of the string */ char *snoopy_configfile_syslog_value_remove_prefix (char *confVal) { if (0 == strncmp(confVal, "LOG_", 4)) { return confVal+4; } else { return confVal; } } /* * snoopy_configfile_strtoupper * * Description: * Convert existing string to upper case * * Params: * string Pointer to string to change and to be operated on * * Return: * void */ void snoopy_configfile_strtoupper (char *s) { while (*s) { if ((*s >= 'a' ) && (*s <= 'z')) { *s -= ('a'-'A'); } s++; } } /*-------------------------------------------------------------------------*/ /** @origin Literally copy-pasted from ndevilla's iniparser @brief Get the string associated to a key, convert to a boolean @param d Dictionary to search @param key Key string to look for @param notfound Value to return in case of error @return integer This function queries a dictionary for a key. A key as read from an ini file is given as "section:key". If the key cannot be found, the notfound value is returned. A true boolean is found if one of the following is matched: - A string starting with 'y' - A string starting with 'Y' - A string starting with 't' - A string starting with 'T' - A string starting with '1' A false boolean is found if one of the following is matched: - A string starting with 'n' - A string starting with 'N' - A string starting with 'f' - A string starting with 'F' - A string starting with '0' The notfound value returned if no boolean is identified, does not necessarily have to be 0 or 1. */ /*--------------------------------------------------------------------------*/ int snoopy_configfile_getboolean (const char *c, int notfound) { int ret; if (c[0]=='y' || c[0]=='Y' || c[0]=='1' || c[0]=='t' || c[0]=='T') { ret = 1 ; } else if (c[0]=='n' || c[0]=='N' || c[0]=='0' || c[0]=='f' || c[0]=='F') { ret = 0 ; } else { ret = notfound ; } return ret; } snoopy-snoopy-2.4.6/src/configfile.h000066400000000000000000000027571276626320200174650ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: configfile.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Functions to load/parse config file */ int snoopy_configfile_load (char *iniFilePath); int snoopy_configfile_parser_callback ( void* sth, const char* section, const char* name, const char* confValString ); void snoopy_configfile_parse_output (const char *confVal); void snoopy_configfile_parse_syslog_facility (const char *confVal); void snoopy_configfile_parse_syslog_level (const char *confVal); char *snoopy_configfile_syslog_value_cleanup (char *confVal); char *snoopy_configfile_syslog_value_remove_prefix (char *confVal); void snoopy_configfile_strtoupper (char *s); int snoopy_configfile_getboolean (const char *c, int notfound); snoopy-snoopy-2.4.6/src/configuration.c000066400000000000000000000244241276626320200202150ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: configuration.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "configuration.h" #include "snoopy.h" #ifdef SNOOPY_CONFIGFILE_ENABLED #include "configfile.h" #endif #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED #include "tsrm.h" #endif #include #include #include #include #include #include /* * Flag that enables/disables configuration file parsing * * This is a runtime flag, used by binaries in tests/bin/ directory. * ./configure flags are wrapped around this. */ int snoopy_configuration_configFileParsingEnabled = SNOOPY_TRUE; /* * Should alternate configuration file be loaded? */ char * snoopy_configuration_altConfigFilePath = NULL; /* * Storage of Snoopy configuration for non-thread-safe builds */ #ifndef SNOOPY_CONF_THREAD_SAFETY_ENABLED snoopy_configuration_t snoopy_configuration_data = { .initialized = SNOOPY_FALSE, }; #endif /* * snoopy_configuration_preinit_disableConfigFileParsing * * Description: * Disables configuration file parsing at runtime. * * Params: * (none) * * Return: * void */ void snoopy_configuration_preinit_disableConfigFileParsing () { snoopy_configuration_configFileParsingEnabled = SNOOPY_FALSE; } /* * snoopy_configuration_preinit_enableConfigFileParsing * * Description: * Enables configuration file parsing at runtime. Optionally sets * alternative config file path. * * Params: * altConfigFilePath: path to alternate config file * * Return: * void */ void snoopy_configuration_preinit_enableAltConfigFileParsing (char * const altConfigFilePath) { if (NULL != altConfigFilePath) { snoopy_configuration_altConfigFilePath = altConfigFilePath; } snoopy_configuration_configFileParsingEnabled = SNOOPY_TRUE; } /* * snoopy_configuration_preinit_setConfigFilePathFromEnv * * Description: * Parses environment for SNOOPY_INI and if found, checks if * file exists and is readable, and sets path to snoopy.ini * accordingly. Also it enables runtime config file parsing. * * Params: * (none) * * Return: * void */ void snoopy_configuration_preinit_setConfigFilePathFromEnv () { char *valuePtr; /* Does environmental variable exist? */ valuePtr = getenv("SNOOPY_INI"); if (NULL == valuePtr) { /* Nope. */ return; } /* Is file readable? */ if (0 != access(valuePtr, R_OK)) { /* Nope. */ return; } /* Store it */ /* FIXME does this have to be copied to malloced local variable? */ snoopy_configuration_preinit_enableAltConfigFileParsing(valuePtr); } /* * snoopy_configuration_ctor * * Description: * Populates snoopy_configuration config variable storage with * correct values, either from configuration file (if enabled) * or from ./configure arguments, or defaults are used as last * case scenario. * * Params: * (none) * * Return: * void */ void snoopy_configuration_ctor () { #ifdef SNOOPY_CONFIGFILE_ENABLED /* Is config file parsing disabled at runtime? */ if (SNOOPY_FALSE == snoopy_configuration_configFileParsingEnabled) { return; } /* Get config pointer */ snoopy_configuration_t *CFG = snoopy_configuration_get(); /* Parse INI file if enabled */ if (NULL != snoopy_configuration_altConfigFilePath) { // This is used by Snoopy testing suite - combined tests snoopy_configfile_load(snoopy_configuration_altConfigFilePath); } else { snoopy_configfile_load(CFG->configfile_path); } #endif } /* * snoopy_configuration_dtor * * Description: * Frees all configuration-related malloced resources, and sets * corresponding config settings back to their default values. * * Params: * (none) * * Return: * void */ void snoopy_configuration_dtor () { snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); /* * Reset config setting: configfile_path * * This might get changed by libsnoopy-test.so library. */ #ifdef SNOOPY_CONFIGFILE_ENABLED CFG->configfile_path = SNOOPY_CONFIGFILE_PATH; #endif /* * Reset config setting: message_format */ if (SNOOPY_TRUE == CFG->message_format_malloced) { free(CFG->message_format); /* * Set this to false - REQUIRED * * This needs to be done as a special condition can occur at boot/shutdown: * - Snoopy is loaded when snoopy.ini is visible (mounted, present) * - Snoopy parses it, and sets message_format and ..._malloced to TRUE * - on shutdown, snoopy.ini might disappear * - snoopy_configuration_ctor() tries to parse config file, and as it is * not found, it does no alteration of snoopy_configuraton struct * - CFG->message_format_malloced is left set to TRUE * - when snoopy_configuration_dtor() is called, it tries to free the * const char[] that contains the compiled-in message format */ CFG->message_format_malloced = SNOOPY_FALSE; /* * Set this to default value - REQUIRED * * Otherwise on next Snoopy run there will be no message format defined, * which would in best-case scenario cause no Snoopy output, but in * worst-case scenarion there would be a segfault and possible system * crash. */ CFG->message_format = SNOOPY_MESSAGE_FORMAT; } /* * Reset config setting: filter_chain */ if (SNOOPY_TRUE == CFG->filter_chain_malloced) { free(CFG->filter_chain); /* Set this to false - REQUIRED (see above) */ CFG->filter_chain_malloced = SNOOPY_FALSE; /* Set this to default value - REQUIRED (see above) */ #ifdef SNOOPY_FILTERING_ENABLED CFG->filter_chain = SNOOPY_FILTER_CHAIN; #else CFG->filter_chain = ""; #endif } /* * Reset config setting: output */ if (SNOOPY_TRUE == CFG->output_malloced) { free(CFG->output); /* Set this to false - REQUIRED (see above) */ CFG->output_malloced = SNOOPY_FALSE; /* Set this to default value - REQUIRED (see above) */ CFG->output = SNOOPY_OUTPUT_DEFAULT; } /* * Reset config setting: output_arg */ if (SNOOPY_TRUE == CFG->output_arg_malloced) { free(CFG->output_arg); /* Set this to false - REQUIRED (see above) */ CFG->output_arg_malloced = SNOOPY_FALSE; /* Set this to default value - REQUIRED (see above) */ CFG->output_arg = SNOOPY_OUTPUT_DEFAULT_ARG; } /* * Reset config setting: syslog_ident */ if (SNOOPY_TRUE == CFG->syslog_ident_malloced) { free(CFG->syslog_ident); CFG->syslog_ident_malloced = SNOOPY_FALSE; /* Set this to false - REQUIRED (see above) */ CFG->syslog_ident = SNOOPY_SYSLOG_IDENT; /* Set this to default value - REQUIRED (see above) */ } } /* * snoopy_configuration_setUninitialized * * Description: * Sets state of configuration array to uninitialized. * * Params: * (none) * * Return: * void */ void snoopy_configuration_setUninitialized ( snoopy_configuration_t *CFG ) { CFG->initialized = SNOOPY_FALSE; } /* * snoopy_configuration_setDefaults * * Description: * Sets the default values for all configuration variables. * Defaults are primarily defined by Snoopy, and possibly overridden by * ./configure flags. * * Params: * (none) * * Return: * void */ void snoopy_configuration_setDefaults ( snoopy_configuration_t *CFG ) { CFG->initialized = SNOOPY_TRUE; #ifdef SNOOPY_CONFIGFILE_ENABLED CFG->configfile_enabled = SNOOPY_TRUE; CFG->configfile_path = SNOOPY_CONFIGFILE_PATH; #else CFG->configfile_enabled = SNOOPY_FALSE; CFG->configfile_path = ""; #endif CFG->configfile_found = SNOOPY_FALSE; CFG->configfile_parsed = SNOOPY_FALSE; #ifdef SNOOPY_ERROR_LOGGING_ENABLED CFG->error_logging_enabled = SNOOPY_TRUE; #else CFG->error_logging_enabled = SNOOPY_FALSE; #endif CFG->message_format = SNOOPY_MESSAGE_FORMAT; CFG->message_format_malloced = SNOOPY_FALSE; #ifdef SNOOPY_FILTERING_ENABLED CFG->filtering_enabled = SNOOPY_TRUE; CFG->filter_chain = SNOOPY_FILTER_CHAIN; #else CFG->filtering_enabled = SNOOPY_FALSE; CFG->filter_chain = ""; #endif CFG->filter_chain_malloced = SNOOPY_FALSE; CFG->output = SNOOPY_OUTPUT_DEFAULT; CFG->output_malloced = SNOOPY_FALSE; CFG->output_arg = SNOOPY_OUTPUT_DEFAULT_ARG; CFG->output_arg_malloced = SNOOPY_FALSE; CFG->syslog_facility = SNOOPY_SYSLOG_FACILITY; CFG->syslog_ident = SNOOPY_SYSLOG_IDENT; CFG->syslog_ident_malloced = SNOOPY_FALSE; CFG->syslog_level = SNOOPY_SYSLOG_LEVEL; } /* * snoopy_configuration_get() * * Description: * Retrieve pointer configuration struct. * * Params: * envp: environment array pointer to store * * Return: * snoopy_configuration_t* */ snoopy_configuration_t* snoopy_configuration_get () { snoopy_configuration_t *CFG; #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED CFG = snoopy_tsrm_get_configuration(); #else CFG = &snoopy_configuration_data; #endif if (SNOOPY_TRUE != CFG->initialized) { snoopy_configuration_setDefaults(CFG); } return CFG; } snoopy-snoopy-2.4.6/src/configuration.h000066400000000000000000000044561276626320200202250ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: configuration.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * START: Prevent cyclic inclusions */ #ifndef __SNOOPY_CONFIGURATION_H #define __SNOOPY_CONFIGURATION_H /* * Array holding Snoopy configuration data in one place */ typedef struct { int initialized; int configfile_enabled; char *configfile_path; int configfile_found; int configfile_parsed; int error_logging_enabled; char *message_format; int message_format_malloced; int filtering_enabled; char *filter_chain; int filter_chain_malloced; char *output; int output_malloced; char *output_arg; int output_arg_malloced; int syslog_facility; int syslog_level; int syslog_ident_malloced; char *syslog_ident; } snoopy_configuration_t; /* * Pre-initialization functions * * Used by testing binaries, to disable config file parsing, or set alternate * config file path. */ void snoopy_configuration_preinit_disableConfigFileParsing(); void snoopy_configuration_preinit_enableAltConfigFileParsing(char * const altConfigFilePath); void snoopy_configuration_preinit_setConfigFilePathFromEnv(); /* * Management functions */ void snoopy_configuration_ctor (); void snoopy_configuration_dtor (); void snoopy_configuration_setUninitialized (snoopy_configuration_t *CFG); void snoopy_configuration_setDefaults (snoopy_configuration_t *CFG); /* * Retrieval functions */ snoopy_configuration_t* snoopy_configuration_get (); /* * END: Prevent cyclic inclusion */ #endif /* Cyclic inclusion */ snoopy-snoopy-2.4.6/src/datasource/000077500000000000000000000000001276626320200173265ustar00rootroot00000000000000snoopy-snoopy-2.4.6/src/datasource/Makefile.am000066400000000000000000000111651276626320200213660ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Include # AM_CFLAGS += -I$(top_srcdir)/src ### Create one library with all Snoopy data sources collected in it # noinst_LTLIBRARIES = libsnoopy_datasources_all.la ### Data sources collection is made of the following files # # Please maintain alphabetical order, equal to what `ls` would do. # libsnoopy_datasources_all_la_SOURCES = \ noop.c \ noop.h libsnoopy_datasources_all_la_LDFLAGS = # Data source: cmdline # if DATASOURCE_ENABLED_cmdline libsnoopy_datasources_all_la_SOURCES += \ cmdline.c \ cmdline.h endif # Data source: cwd # if DATASOURCE_ENABLED_cwd libsnoopy_datasources_all_la_SOURCES += \ cwd.c \ cwd.h endif # Data source: datetime # if DATASOURCE_ENABLED_datetime libsnoopy_datasources_all_la_SOURCES += \ datetime.c \ datetime.h endif # Data source: domain # if DATASOURCE_ENABLED_domain libsnoopy_datasources_all_la_SOURCES += \ domain.c \ domain.h endif # Data source: egid # if DATASOURCE_ENABLED_egid libsnoopy_datasources_all_la_SOURCES += \ egid.c \ egid.h endif # Data source: egroup # if DATASOURCE_ENABLED_egroup libsnoopy_datasources_all_la_SOURCES += \ egroup.c \ egroup.h endif # Data source: env # if DATASOURCE_ENABLED_env libsnoopy_datasources_all_la_SOURCES += \ env.c \ env.h endif # Data source: env_all # if DATASOURCE_ENABLED_env_all libsnoopy_datasources_all_la_SOURCES += \ env_all.c \ env_all.h endif # Data source: euid # if DATASOURCE_ENABLED_euid libsnoopy_datasources_all_la_SOURCES += \ euid.c \ euid.h endif # Data source: eusername # if DATASOURCE_ENABLED_eusername libsnoopy_datasources_all_la_SOURCES += \ eusername.c \ eusername.h endif # Data source: filename # if DATASOURCE_ENABLED_filename libsnoopy_datasources_all_la_SOURCES += \ filename.c \ filename.h endif # Data source: gid # if DATASOURCE_ENABLED_gid libsnoopy_datasources_all_la_SOURCES += \ gid.c \ gid.h endif # Data source: group # if DATASOURCE_ENABLED_group libsnoopy_datasources_all_la_SOURCES += \ group.c \ group.h endif # Data source: hostname # if DATASOURCE_ENABLED_hostname libsnoopy_datasources_all_la_SOURCES += \ hostname.c \ hostname.h endif # Data source: login # if DATASOURCE_ENABLED_login libsnoopy_datasources_all_la_SOURCES += \ login.c \ login.h endif # Data source: pid # if DATASOURCE_ENABLED_pid libsnoopy_datasources_all_la_SOURCES += \ pid.c \ pid.h endif # Data source: ppid # if DATASOURCE_ENABLED_ppid libsnoopy_datasources_all_la_SOURCES += \ ppid.c \ ppid.h endif # Data source: rpname # if DATASOURCE_ENABLED_rpname libsnoopy_datasources_all_la_SOURCES += \ rpname.c \ rpname.h endif # Data source: sid # if DATASOURCE_ENABLED_sid libsnoopy_datasources_all_la_SOURCES += \ sid.c \ sid.h endif # Data source: snoopy_literal # if DATASOURCE_ENABLED_snoopy_literal libsnoopy_datasources_all_la_SOURCES += \ snoopy_literal.c \ snoopy_literal.h endif # Data source: snoopy_threads # if THREAD_SAFETY_ENABLED if DATASOURCE_ENABLED_snoopy_threads libsnoopy_datasources_all_la_SOURCES += \ snoopy_threads.c \ snoopy_threads.h endif endif # Data source: snoopy_version # if DATASOURCE_ENABLED_snoopy_version libsnoopy_datasources_all_la_SOURCES += \ snoopy_version.c \ snoopy_version.h endif # Data source: tid # if DATASOURCE_ENABLED_tid libsnoopy_datasources_all_la_SOURCES += \ tid.c \ tid.h # This one seems to be added automatically recently. libsnoopy_datasources_all_la_LDFLAGS += -lpthread endif # Data source: tid_kernel # if DATASOURCE_ENABLED_tid_kernel libsnoopy_datasources_all_la_SOURCES += \ tid_kernel.c \ tid_kernel.h endif # Data source: timestamp # if DATASOURCE_ENABLED_timestamp libsnoopy_datasources_all_la_SOURCES += \ timestamp.c \ timestamp.h endif # Data source: timestamp_ms # if DATASOURCE_ENABLED_timestamp_ms libsnoopy_datasources_all_la_SOURCES += \ timestamp_ms.c \ timestamp_ms.h endif # Data source: timestamp_us # if DATASOURCE_ENABLED_timestamp_us libsnoopy_datasources_all_la_SOURCES += \ timestamp_us.c \ timestamp_us.h endif # Data source: tty # if DATASOURCE_ENABLED_tty libsnoopy_datasources_all_la_SOURCES += \ tty.c \ tty.h endif # Data source: tty_uid # if DATASOURCE_ENABLED_tty_uid libsnoopy_datasources_all_la_SOURCES += \ tty_uid.c \ tty_uid.h endif # Data source: tty_username # if DATASOURCE_ENABLED_tty_username libsnoopy_datasources_all_la_SOURCES += \ tty_username.c \ tty_username.h endif # Data source: uid # if DATASOURCE_ENABLED_uid libsnoopy_datasources_all_la_SOURCES += \ uid.c \ uid.h endif # Data source: username # if DATASOURCE_ENABLED_username libsnoopy_datasources_all_la_SOURCES += \ username.c \ username.h endif snoopy-snoopy-2.4.6/src/datasource/cmdline.c000066400000000000000000000061661276626320200211160ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/cmdline.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "cmdline.h" #include "snoopy.h" #include "inputdatastorage.h" #include #include #include /* Helper */ #define min(a,b) aargv+cmdLineArgCount) != '\0' ; cmdLineArgCount++); /* Calculate memory requirement for cmdLine */ cmdLineSizeSum = 0; for (i=0 ; iargv[i]) + 1; } /* Last space will be converted to \0 */ cmdLineSizeRet = min(SNOOPY_SYSCONF_ARG_MAX, cmdLineSizeSum); /* Initialize cmdLine */ cmdLine = malloc(cmdLineSizeRet); cmdLine[0] = '\0'; for (i = n = 0 ; i= cmdLineSizeRet) { break; } n += snprintf(cmdLine+n, cmdLineSizeRet-n, "%s", snoopy_inputdatastorage->argv[i]); if (n >= cmdLineSizeRet) { break; } cmdLine[n] = ' '; n++; } /* * Conclude string - add \0 at the end * - if last character is space * - or if last character is ordinary character from incompletely copied argument */ n--; cmdLine[n] = '\0'; /* Copy the result to the string pointed by return pointer */ snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", cmdLine); free(cmdLine); return cmdLineSizeRet; } snoopy-snoopy-2.4.6/src/datasource/cmdline.h000066400000000000000000000016621276626320200211170ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/cmdline.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: cmdline */ int snoopy_datasource_cmdline (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/cwd.c000066400000000000000000000030151276626320200202460ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/cwd.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "cwd.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: cwd * * Description: * Returns current working directory of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_cwd (char * const result, char const * const arg) { char cwdBuf[PATH_MAX+1]; if (getcwd(cwdBuf, PATH_MAX+1)) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", cwdBuf); } return SNOOPY_DATASOURCE_FAILURE; } snoopy-snoopy-2.4.6/src/datasource/cwd.h000066400000000000000000000016461276626320200202630ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/cwd.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: cwd */ int snoopy_datasource_cwd (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/datetime.c000066400000000000000000000041531276626320200212710ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/datetime.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "datetime.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: datetime * * Description: * Returns current date and time in ISO 8601 forma. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_datetime (char * const result, char const * const arg) { time_t curTime; struct tm curLocalTimeBuf; struct tm *curLocalTime; char timeBuffer[80]; // Get current time if ((time_t) -1 == time(&curTime)) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error @ time(): %d)", errno); } // Convert to local time curLocalTime = localtime_r(&curTime, &curLocalTimeBuf); if (NULL == curLocalTime) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error @ localtime_r())"); } // Format it if (0 == strftime(timeBuffer, 80, "%FT%T%z", curLocalTime)) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error @ strftime())"); } // Copy it return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", timeBuffer); } snoopy-snoopy-2.4.6/src/datasource/datetime.h000066400000000000000000000016601276626320200212760ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/datetime.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: datetime */ int snoopy_datasource_datetime (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/domain.c000066400000000000000000000100631276626320200207410ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/domain.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ // This needs to be defined before including sys/utsname.h, // or struct utsname does not return domainname member. #define _GNU_SOURCE #include "domain.h" #include "snoopy.h" #include #include #include #include /* * Local defines */ #define HOSTS_PATH "/etc/hosts" #define HOSTS_LINE_SIZE_MAX 1024 #define HOSTS_LINE_POS_MAX 1023 /* * SNOOPY DATA SOURCE: domain * * Description: * Returns domain of this system. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_domain (char * const result, char const * const arg) { FILE *fp; char hostname[SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE+1]; // +1 - we add "." to the end of string char line[HOSTS_LINE_SIZE_MAX]; int retVal; int tmpInt; /* * START: COPY FROM datasource/hostname */ /* Get my hostname first */ retVal = gethostname(hostname, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE); if (0 != retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error @ gethostname(): %d)", errno); } // If hostname was something alien (longer than 1024 characters), // set last char to null just in case hostname[SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE-1] = '\0'; /* * END: Copy from datasource/hostname */ /* Check hostname length */ if (0 == strlen(hostname)) { snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "Got empty hostname"); return SNOOPY_DATASOURCE_FAILURE; } /* Add a dot at the end of hostname, that is what we are searching for */ tmpInt = strlen(hostname); hostname[tmpInt] = '.'; hostname[tmpInt+1] = '\0'; /* Try to open file in read mode */ fp = fopen(HOSTS_PATH, "r"); if (NULL == fp) { snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "Unable to open file for reading: %s", HOSTS_PATH); return SNOOPY_OUTPUT_FAILURE; } /* Read line by line */ char *linePtr; char *hashPtr; char *lineEntryPtr; char *savePtr; char *domainPtr = NULL; while (NULL != (linePtr = fgets(line, sizeof(line), fp))) { /* Is line a comment - ignore everything after '#' character */ if (NULL != (hashPtr = strchr(linePtr, '#'))) { hashPtr = '\0'; } /* Try to find "hostname." there */ lineEntryPtr = strcasestr(linePtr, hostname); if (NULL != lineEntryPtr) { strtok_r(lineEntryPtr, " \t\n\r", &savePtr); /* Does not matter whether token has been found or not. */ /* If it was, strtok creates \0 at the end of it and returns pointer to it. */ /* If it was not, we must have met the EOF and just use everything. */ domainPtr = lineEntryPtr + strlen(hostname); break; } } /* Cleanup and return */ fclose(fp); if (NULL != domainPtr) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", domainPtr); } else { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(none)"); } } snoopy-snoopy-2.4.6/src/datasource/domain.h000066400000000000000000000016521276626320200207520ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/domain.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: domain */ int snoopy_datasource_domain (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/egid.c000066400000000000000000000026401276626320200204040ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/egid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "egid.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: egid * * Description: * Returns effective GID of currently running process * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_egid (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%u", getegid()); } snoopy-snoopy-2.4.6/src/datasource/egid.h000066400000000000000000000016511276626320200204120ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/egid.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: egid */ int snoopy_datasource_egid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/egroup.c000066400000000000000000000046571276626320200210070ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/egroup.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "egroup.h" #include "snoopy.h" #include #include #include #include #include /* * SNOOPY DATA SOURCE: egroup * * Description: * Returns literal effective group name (Group ID) of current process * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_egroup (char * const result, char const * const arg) { struct group gr; struct group *gr_gid = NULL; char *buffgr_gid = NULL; long buffgrsize_gid = 0; int messageLength = 0; /* Allocate memory */ buffgrsize_gid = sysconf(_SC_GETGR_R_SIZE_MAX); if (-1 == buffgrsize_gid) { buffgrsize_gid = 16384; } buffgr_gid = malloc(buffgrsize_gid); if (NULL == buffgr_gid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(malloc)"); } /* Try to get data */ if (0 != getgrgid_r(getegid(), &gr, buffgr_gid, buffgrsize_gid, &gr_gid)) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(getgrgid_r)"); } else { if (NULL == gr_gid) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(undefined)"); } else { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", gr_gid->gr_name); } } /* Cleanup and return */ free(buffgr_gid); return messageLength; } snoopy-snoopy-2.4.6/src/datasource/egroup.h000066400000000000000000000016571276626320200210110ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/egroup.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: egroup */ int snoopy_datasource_egroup (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/env.c000066400000000000000000000031521276626320200202630ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/env.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "env.h" #include "snoopy.h" #include #include /* * SNOOPY DATA SOURCE: env * * Description: * Returns environmental variable value, if set * * Params: * result: pointer to string, to write result into * arg: which environmental variable to get * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_env (char * const result, char const * const arg) { char *env = getenv(arg); /* Return empty string if environmental variable does not exist */ if (NULL == env) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(undefined)"); } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", env); } snoopy-snoopy-2.4.6/src/datasource/env.h000066400000000000000000000016461276626320200202760ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/env.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: env */ int snoopy_datasource_env (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/env_all.c000066400000000000000000000064531276626320200211220ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/env_all.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "env_all.h" #include "snoopy.h" #include #include #include /* * Use this extenal variable */ extern char **environ; /* * SNOOPY DATA SOURCE: env_all * * Description: * Returns all environmental variables * * Params: * result: pointer to string, to write result into * arg: which environmental variable(s) to ignore * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_env_all (char * const result, char const * const arg) { int resultSize = 0; // Current size of message to be returned back - does not include trailing null character // Loop through all environmental variables char *envItem = *environ; // Get first environmental variable int i = 1; for ( ; NULL!=envItem ; i++) { int remResultSize = 0; remResultSize = SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE - resultSize; // Add comma if required - must be still 5 characters available for this (,...\0) if ((i > 1) && (remResultSize >= 5)) { result[resultSize] = ','; result[resultSize+1] = '\0'; resultSize++; remResultSize--; } // TODO Add support for excluding certain environmental variables via *arg // Do we append whole environmental variable, or just part of it? // +3 to account for ... and +1 for null character if ((int)(strlen(envItem) + 3 + 1) < remResultSize) { int strSizeCopied = 0; // Append whole ENV variable strSizeCopied = snprintf(&result[resultSize], remResultSize, "%s", envItem); resultSize += strSizeCopied; } else { int strSizeToCopy = 0; // This one includes null char, therefore the actual string length that will be copied is X-1 characters + \0 strSizeToCopy = remResultSize - 3; // -4 to account for "...\0" snprintf(&result[resultSize], strSizeToCopy, "%s", envItem); resultSize += strSizeToCopy - 1; // Account for added \0 at the end - we do not use strSizeCopied here, which already includes it strSizeToCopy = 4; // -4 to account for "...\0" snprintf(&result[resultSize], strSizeToCopy, "..."); resultSize += strSizeToCopy-1; break; } // Get next environmental variable envItem = *(environ+i); } return resultSize; } snoopy-snoopy-2.4.6/src/datasource/env_all.h000066400000000000000000000016551276626320200211260ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/env_all.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: env_all */ int snoopy_datasource_env_all (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/euid.c000066400000000000000000000026271276626320200204270ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/euid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "euid.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: euid * * Description: * Returns effective UID of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_euid (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%u", geteuid()); } snoopy-snoopy-2.4.6/src/datasource/euid.h000066400000000000000000000016511276626320200204300ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/euid.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: euid */ int snoopy_datasource_euid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/eusername.c000066400000000000000000000047121276626320200214620ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/eusername.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "eusername.h" #include "snoopy.h" #include #include #include #include #include /* * SNOOPY DATA SOURCE: eusername * * Description: * Returns literal effective user name (User ID) of current process * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_eusername (char * const result, char const * const arg) { struct passwd pwd; struct passwd *pwd_uid = NULL; char *buffpwd_uid = NULL; long buffpwdsize_uid = 0; int messageLength = 0; /* Allocate memory */ buffpwdsize_uid = sysconf(_SC_GETPW_R_SIZE_MAX); if (-1 == buffpwdsize_uid) { buffpwdsize_uid = 16384; } buffpwd_uid = malloc(buffpwdsize_uid); if (NULL == buffpwd_uid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(malloc)"); } /* Try to get data */ if (0 != getpwuid_r(geteuid(), &pwd, buffpwd_uid, buffpwdsize_uid, &pwd_uid)) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(getpwuid_r)"); } else { if (NULL == pwd_uid) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(undefined)"); } else { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", pwd_uid->pw_name); } } /* Cleanup and return */ free(buffpwd_uid); return messageLength; } snoopy-snoopy-2.4.6/src/datasource/eusername.h000066400000000000000000000016701276626320200214670ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/eusername.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: eusername */ int snoopy_datasource_eusername (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/filename.c000066400000000000000000000031401276626320200212500ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/filename.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "filename.h" #include "snoopy.h" #include "inputdatastorage.h" #include /* * SNOOPY DATA SOURCE: filename * * Description: * Returns filename of program about to be executed * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_filename (char * const result, char const * const arg) { snoopy_inputdatastorage_t *snoopy_inputdatastorage; /* Get argument data of execv/e() call */ snoopy_inputdatastorage = snoopy_inputdatastorage_get(); return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", snoopy_inputdatastorage->filename); } snoopy-snoopy-2.4.6/src/datasource/filename.h000066400000000000000000000016651276626320200212670ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/filename.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: filename */ int snoopy_datasource_filename (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/gid.c000066400000000000000000000026441276626320200202430ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/gid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "gid.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: gid * * Description: * Returns GID (Group ID) number of currently running process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_gid (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%u", getgid()); } snoopy-snoopy-2.4.6/src/datasource/gid.h000066400000000000000000000016461276626320200202510ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/gid.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: gid */ int snoopy_datasource_gid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/group.c000066400000000000000000000046371276626320200206400ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/group.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "group.h" #include "snoopy.h" #include #include #include #include #include /* * SNOOPY DATA SOURCE: group * * Description: * Returns literal group name (Group ID) of current process * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_group (char * const result, char const * const arg) { struct group gr; struct group *gr_gid = NULL; char *buffgr_gid = NULL; long buffgrsize_gid = 0; int messageLength = 0; /* Allocate memory */ buffgrsize_gid = sysconf(_SC_GETGR_R_SIZE_MAX); if (-1 == buffgrsize_gid) { buffgrsize_gid = 16384; } buffgr_gid = malloc(buffgrsize_gid); if(NULL == buffgr_gid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(malloc)"); } /* Try to get data */ if (0 != getgrgid_r(getgid(), &gr, buffgr_gid, buffgrsize_gid, &gr_gid)) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(getgrgid_r)"); } else { if (NULL == gr_gid) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(undefined)"); } else { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", gr_gid->gr_name); } } /* Cleanup and return */ free(buffgr_gid); return messageLength; } snoopy-snoopy-2.4.6/src/datasource/group.h000066400000000000000000000016541276626320200206410ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/group.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: group */ int snoopy_datasource_group (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/hostname.c000066400000000000000000000034551276626320200213170ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/hostname.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "hostname.h" #include "snoopy.h" #include #include #include #include /* * SNOOPY DATA SOURCE: hostname * * Description: * Returns hostname of this system. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_hostname (char * const result, char const * const arg) { int charCount; int retVal; retVal = gethostname(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE); if (0 != retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error @ gethostname(): %d)", errno); } // If hostname was something alien (longer than 1024 characters), // set last char to null just in case result[SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE-1] = '\0'; charCount = strlen(result); return charCount; } snoopy-snoopy-2.4.6/src/datasource/hostname.h000066400000000000000000000016601276626320200213200ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/hostname.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: hostname */ int snoopy_datasource_hostname (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/login.c000066400000000000000000000053111276626320200206020ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/login.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "login.h" #include "snoopy.h" #include #include #include /* * Local defines */ #define SNOOPY_DATASOURCE_LOGIN_loginSizeMaxWithoutNull 254 #define SNOOPY_DATASOURCE_LOGIN_loginSizeMaxWithNull 255 /* * SNOOPY DATA SOURCE: login * * Description: * Returns literal login name of logged-in user executing this process * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_login (char * const result, char const * const arg) { int loginSizeMaxWithoutNull = SNOOPY_DATASOURCE_LOGIN_loginSizeMaxWithoutNull; int loginSizeMaxWithNull = SNOOPY_DATASOURCE_LOGIN_loginSizeMaxWithNull; static char login[SNOOPY_DATASOURCE_LOGIN_loginSizeMaxWithNull]; char *loginptr = NULL; /* * Retrive the user login trying in order: * - The login information from the processus. * - the SUDO_USER environment variable. * - the LOGNAME environment variable. * * TIP to use with sudo and keep LOGNAME, add this in /etc/sudoers: * Defaults env_reset * Defaults env_keep="LOGNAME" */ if (0 != getlogin_r(login, loginSizeMaxWithNull)) { loginptr = getenv("SUDO_USER"); if (!loginptr) { loginptr = getenv("LOGNAME"); } if (!loginptr) { strcpy(login, "(unknown)"); } else { strncpy(login, loginptr, loginSizeMaxWithoutNull); // Coverity suggests using -1 size here if ((int)strlen(loginptr) > loginSizeMaxWithoutNull) { login[loginSizeMaxWithoutNull] = '\0'; } } } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", login); } snoopy-snoopy-2.4.6/src/datasource/login.h000066400000000000000000000016541276626320200206150ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/login.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: login */ int snoopy_datasource_login (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/noop.c000066400000000000000000000023431276626320200204470ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/noop.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "noop.h" /* * SNOOPY DATA SOURCE: noop * * Description: * Does nothing. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_noop (char * const result, char const * const arg) { return 0; } snoopy-snoopy-2.4.6/src/datasource/noop.h000066400000000000000000000016511276626320200204550ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/noop.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: noop */ int snoopy_datasource_noop (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/pid.c000066400000000000000000000026201276626320200202460ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/pid.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "pid.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: pid * * Description: * Returns PID (process ID) of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_pid (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%u", getpid()); } snoopy-snoopy-2.4.6/src/datasource/pid.h000066400000000000000000000016411276626320200202550ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/pid.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: pid */ int snoopy_datasource_pid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/ppid.c000066400000000000000000000026351276626320200204340ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/ppid.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "ppid.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: ppid * * Description: * Returns PPID (parent process ID) of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_ppid (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%u", getppid()); } snoopy-snoopy-2.4.6/src/datasource/ppid.h000066400000000000000000000016441276626320200204400ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/ppid.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: ppid */ int snoopy_datasource_ppid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/rpname.c000066400000000000000000000140701276626320200207560ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/rpname.c * * Copyright (c) 2015 Ariel Zach * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #ifndef _GNU_SOURCE #define _GNU_SOURCE #endif #include "rpname.h" #include "snoopy.h" #include #include #include #include #include #include #include /* * Local defines */ #define PID_ROOT 1 #define PID_EMPTY 0 #define PROC_PID_STATUS_KEY_NAME "Name" #define PROC_PID_STATUS_KEY_PPID "PPid" #define PROC_PID_STATUS_VAL_MAX_LENGTH NAME_MAX // Pid is max 2^2 (7-digit number), name can be max 255 bytes #define PROC_PID_STATUS_VAL_MAX_LENGTH_STR PROC_PID_STATUS_VAL_MAX_LENGTH + 1 // +1 for null termination #define UNKNOWN_STR "(unknown)" /* * Non-public function prototypes */ int get_parent_pid (int pid); int get_rpname (int pid, char *result); char* read_proc_property (int pid, char* prop_name); /* * SNOOPY DATA SOURCE: rpname * * Description: * Returns root process name of current process tree. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_rpname (char * const result, char const * const arg) { return get_rpname(getpid(), result); } /* Read /proc/{pid}/status file and extract the property */ char* read_proc_property (int pid, char* prop_name) { char pid_file[50]; FILE *fp; char *line = NULL; size_t lineLen = 0; char *k; char *v; size_t vLen = 0; char returnValue[PROC_PID_STATUS_VAL_MAX_LENGTH_STR] = ""; /* Open file or return */ sprintf(pid_file, "/proc/%d/status", pid); fp = fopen(pid_file, "r"); if (NULL == fp) { return NULL; } /* Read line by line */ while (getline(&line, &lineLen, fp) != -1) { /* If line is empty, bail out - no such thing in /proc/PID/status */ if (0 == lineLen) { goto RETURN_FREE_LINE_AND_CLOSE_FILE; } /* * The format must be "prop_name: value". * Otherwise bail out altogether - something must be wrong with this /proc/PID/status file */ if (NULL == strstr(line, ":")) { goto RETURN_FREE_LINE_AND_CLOSE_FILE; } /* * Separate line content into two tokens: key and value * If separation fails, continue to the next line ("Groups:" key is one such example) * * Explicitly initialized as pointer to "", otherwise coverity complains with * "Uninitialized pointer read (UNINIT)". */ char *savePtr = ""; k = strtok_r(line, ":", &savePtr); v = strtok_r(NULL, ":", &savePtr); if (NULL == v) { continue; } /* The key we are looking for? */ if (strcmp(prop_name, k) == 0) { /* Yes! */ v++; // There is one tab in front of PID number vLen = strlen(v); v[vLen-1] = 0; // Terminate the newline at the end of value vLen--; // Length is now shorter for 1 character /* * Choose string copy mode depending on length of PID * - prevent segfault if sth happens to MAX PID in future */ if (vLen > PROC_PID_STATUS_VAL_MAX_LENGTH) { strncpy(returnValue, v, PROC_PID_STATUS_VAL_MAX_LENGTH); returnValue[PROC_PID_STATUS_VAL_MAX_LENGTH_STR-1] = 0; // Change newline into null character } else { strncpy(returnValue, v, PROC_PID_STATUS_VAL_MAX_LENGTH_STR); } // Do a cleanup and return a string duplicate, which should be freed by the caller free(line); fclose(fp); return strdup(returnValue); } /* * Line is not freed between subsequent iteration as the same buffer is reused * (and realloc()-ed if required) */ } RETURN_FREE_LINE_AND_CLOSE_FILE: /* Only free if this was actually allocated */ if (NULL != line) { free(line); } fclose(fp); return NULL; } /* Get parent pid */ int get_parent_pid (int pid) { char *ppid_str; int ppid_int; ppid_str = read_proc_property(pid, PROC_PID_STATUS_KEY_PPID); if (NULL != ppid_str) { ppid_int = atoi(ppid_str); free(ppid_str); return ppid_int; } return PID_EMPTY; } /* Find root process name */ int get_rpname (int pid, char *result) { int parentPid; char *name; size_t nameLen; parentPid = get_parent_pid(pid); if (PID_ROOT == parentPid) { name = read_proc_property(pid, PROC_PID_STATUS_KEY_NAME); if (NULL != name) { nameLen = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", name); free(name); } else { nameLen = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", UNKNOWN_STR); } return nameLen; } else if (PID_EMPTY == parentPid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", UNKNOWN_STR); } else { return get_rpname(parentPid, result); } } snoopy-snoopy-2.4.6/src/datasource/rpname.h000066400000000000000000000016521276626320200207650ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/rpname.h * * Copyright (c) 2015 Ariel Zach * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: rpname */ int snoopy_datasource_rpname (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/sid.c000066400000000000000000000030321276626320200202470ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/sid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "sid.h" #include "snoopy.h" #ifndef _XOPEN_SOURCE /* Needed to get getpgid and getsid on older glibc */ #define _XOPEN_SOURCE 500 #endif #include #include #include /* * SNOOPY DATA SOURCE: sid * * Description: * Returns SID (Session leader process ID) of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_sid (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%u", getsid(0)); } snoopy-snoopy-2.4.6/src/datasource/sid.h000066400000000000000000000016461276626320200202650ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/sid.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: sid */ int snoopy_datasource_sid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/snoopy_literal.c000066400000000000000000000026651276626320200225460ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/snoopy_literal.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "snoopy_literal.h" #include "snoopy.h" #include /* * SNOOPY DATA SOURCE: snoopy_literal * * Description: * Dummy data source that returns literal string that is passed to it as argument. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_snoopy_literal (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", arg); } snoopy-snoopy-2.4.6/src/datasource/snoopy_literal.h000066400000000000000000000017021276626320200225420ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/snoopy_literal.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: snoopy_literal */ int snoopy_datasource_snoopy_literal (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/snoopy_threads.c000066400000000000000000000030241276626320200225320ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/snoopy_threads.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "snoopy_version.h" #include "snoopy.h" #include "tsrm.h" #include #include #include /* * SNOOPY DATA SOURCE: snoopy_threads * * Description: * Return count of threads that are currently configured in Snoopy's * thread repository. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_snoopy_threads (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%d", snoopy_tsrm_get_threadCount()); } snoopy-snoopy-2.4.6/src/datasource/snoopy_threads.h000066400000000000000000000017021276626320200225400ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/snoopy_threads.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: snoopy_threads */ int snoopy_datasource_snoopy_threads (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/snoopy_version.c000066400000000000000000000030771276626320200225750ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/snoopy_version.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "snoopy_version.h" #include "snoopy.h" #ifndef _XOPEN_SOURCE /* Needed to get getpgid and getsid on older glibc */ #define _XOPEN_SOURCE 500 #endif #include #include #include /* * SNOOPY DATA SOURCE: snoopy_version * * Description: * Dummy data source that returns Snoopy version. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_snoopy_version (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", SNOOPY_VERSION); } snoopy-snoopy-2.4.6/src/datasource/snoopy_version.h000066400000000000000000000017071276626320200226000ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/snoopy_version.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: snoopy_version */ int snoopy_datasource_snoopy_version (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/tid.c000066400000000000000000000031661276626320200202600ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tid.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "tid.h" #include "snoopy.h" #include #include /* * SNOOPY DATA SOURCE: tid * * Description: * Returns TID (thread ID) of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_tid (char * const result, char const * const arg) { pthread_t tid = pthread_self(); // This happens if -lpthread is not given to compiler if (0 == (unsigned long int)tid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error @ pthread_self())"); } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%lu", (unsigned long int)tid); } snoopy-snoopy-2.4.6/src/datasource/tid.h000066400000000000000000000016411276626320200202610ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tid.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: tid */ int snoopy_datasource_tid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/tid_kernel.c000066400000000000000000000033721276626320200216170ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tid_kernel.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #define _GNU_SOURCE #include "tid_kernel.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: tid_kernel * * Description: * Returns tid (thread ID) of current process. Queries kernel for it via * syscall SYS_gettid. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_tid_kernel (char * const result, char const * const arg) { pid_t tid = syscall(SYS_gettid); // This happens if -lpthread is not given to compiler if (0 == (unsigned long int)tid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error @ syscall(SYS_gettid))"); } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%lu", (unsigned long int)tid); } snoopy-snoopy-2.4.6/src/datasource/tid_kernel.h000066400000000000000000000016661276626320200216300ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tid_kernel.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: tid_kernel */ int snoopy_datasource_tid_kernel (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/timestamp.c000066400000000000000000000032021276626320200214720ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/timestamp.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "timestamp.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: timestamp * * Description: * Returns current Unix timestamp. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_timestamp (char * const result, char const * const arg) { struct timeval tv; int retVal; retVal = gettimeofday(&tv, NULL); if (0 == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%d", (int) tv.tv_sec); } else { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error: %d)", errno); } } snoopy-snoopy-2.4.6/src/datasource/timestamp.h000066400000000000000000000016631276626320200215100ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/timestamp.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: timestamp */ int snoopy_datasource_timestamp (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/timestamp_ms.c000066400000000000000000000032531276626320200221770ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/timestamp_ms.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "timestamp_ms.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: timestamp_ms * * Description: * Returns milliseconds part of current Unix timestamp. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_timestamp_ms (char * const result, char const * const arg) { struct timeval tv; int retVal; retVal = gettimeofday(&tv, NULL); if (0 == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%03d", (int) tv.tv_usec/1000); } else { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error: %d)", errno); } } snoopy-snoopy-2.4.6/src/datasource/timestamp_ms.h000066400000000000000000000016741276626320200222110ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/timestamp_ms.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: timestamp_ms */ int snoopy_datasource_timestamp_ms (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/timestamp_us.c000066400000000000000000000032461276626320200222110ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/timestamp_us.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "timestamp_us.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: timestamp_us * * Description: * Returns milliseconds part of current Unix timestamp. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_timestamp_us (char * const result, char const * const arg) { struct timeval tv; int retVal; retVal = gettimeofday(&tv, NULL); if (0 == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%06d", (int) tv.tv_usec); } else { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(error: %d)", errno); } } snoopy-snoopy-2.4.6/src/datasource/timestamp_us.h000066400000000000000000000016741276626320200222210ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/timestamp_us.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: timestamp_us */ int snoopy_datasource_timestamp_us (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/tty.c000066400000000000000000000041601276626320200203130ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tty.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "src/datasource/tty.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: tty * * Description: * Returns TTY of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_tty (char * const result, char const * const arg) { char ttyPath[SNOOPY_DATASOURCE_TTY_sizeMaxWithNull]; size_t ttyPathLen = SNOOPY_DATASOURCE_TTY_sizeMaxWithoutNull; int retVal; retVal = ttyname_r(0, ttyPath, ttyPathLen); if (0 != retVal) { if (EBADF == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->EBADF)"); } if (ERANGE == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->ERANGE)"); } if (ENOTTY == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(none)"); } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->EUNKNOWN)"); } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", ttyPath); } snoopy-snoopy-2.4.6/src/datasource/tty.h000066400000000000000000000021271276626320200203210ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tty.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Local defines */ #define SNOOPY_DATASOURCE_TTY_sizeMaxWithoutNull 4096 // PATH_MAX does not work here? #define SNOOPY_DATASOURCE_TTY_sizeMaxWithNull 4097 /* * SNOOPY DATA SOURCE: tty */ int snoopy_datasource_tty (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/tty_uid.c000066400000000000000000000047751276626320200211700ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tty_uid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "tty_uid.h" #include "tty.h" #include "snoopy.h" #include #include #include #include #include /* * SNOOPY DATA SOURCE: tty_uid * * Description: * Returns UID (User ID) of current controlling terminal, or -1 if not found. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_tty_uid (char * const result, char const * const arg) { char ttyPath[SNOOPY_DATASOURCE_TTY_sizeMaxWithNull]; size_t ttyPathLen = SNOOPY_DATASOURCE_TTY_sizeMaxWithoutNull; int retVal; struct stat statbuffer; long ttyUid; /* Get tty path */ retVal = ttyname_r(0, ttyPath, ttyPathLen); if (0 != retVal) { if (EBADF == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->EBADF)"); } if (ERANGE == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->ERANGE)"); } if (ENOTTY == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(none)"); } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->EUNKNOWN)"); } /* Get owner of tty */ if (-1 == stat(ttyPath, &statbuffer)) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(unable to stat() %s)", ttyPath); } ttyUid = statbuffer.st_uid; return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%ld", ttyUid); } snoopy-snoopy-2.4.6/src/datasource/tty_uid.h000066400000000000000000000016621276626320200211650ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tty_uid.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: tty_uid */ int snoopy_datasource_tty_uid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/tty_username.c000066400000000000000000000071551276626320200222210ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tty_username.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "tty_username.h" #include "tty.h" #include "snoopy.h" #include #include #include #include #include #include #include /* * SNOOPY DATA SOURCE: tty_username * * Description: * Returns litaral username of current controlling terminal * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_tty_username (char * const result, char const * const arg) { /* Variables for tty-to-uid conversion */ char ttyPath[SNOOPY_DATASOURCE_TTY_sizeMaxWithNull]; size_t ttyPathLen = SNOOPY_DATASOURCE_TTY_sizeMaxWithoutNull; int retVal; struct stat statbuffer; uid_t ttyUid; /* Variables for uid-to-username conversion */ struct passwd pwd; struct passwd *pwd_uid = NULL; char *buffpwd_uid = NULL; long buffpwdsize_uid = 0; int messageLength = 0; /* Get tty path */ retVal = ttyname_r(0, ttyPath, ttyPathLen); if (0 != retVal) { if (EBADF == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->EBADF)"); } if (ERANGE == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->ERANGE)"); } if (ENOTTY == retVal) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(none)"); } return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(ttyname_r->EUNKNOWN)"); } /* Get UID of tty */ if (-1 == stat(ttyPath, &statbuffer)) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(unable to stat() %s)", ttyPath); } ttyUid = statbuffer.st_uid; /* Allocate memory for pwd structure */ buffpwdsize_uid = sysconf(_SC_GETPW_R_SIZE_MAX); if (-1 == buffpwdsize_uid) { buffpwdsize_uid = 16384; } buffpwd_uid = malloc(buffpwdsize_uid); if (NULL == buffpwd_uid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(malloc)"); } /* Try to get data */ if (0 != getpwuid_r(ttyUid, &pwd, buffpwd_uid, buffpwdsize_uid, &pwd_uid)) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(getpwuid_r)"); } else { if (NULL == pwd_uid) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(undefined)"); } else { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", pwd_uid->pw_name); } } /* Cleanup and return */ free(buffpwd_uid); return messageLength; } snoopy-snoopy-2.4.6/src/datasource/tty_username.h000066400000000000000000000017011276626320200222150ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tty_username.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: tty_username */ int snoopy_datasource_tty_username (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/uid.c000066400000000000000000000026221276626320200202550ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/uid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "uid.h" #include "snoopy.h" #include #include #include /* * SNOOPY DATA SOURCE: uid * * Description: * Returns UID (User ID) of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_uid (char * const result, char const * const arg) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%u", getuid()); } snoopy-snoopy-2.4.6/src/datasource/uid.h000066400000000000000000000016461276626320200202670ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/uid.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: uid */ int snoopy_datasource_uid (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasource/username.c000066400000000000000000000046451276626320200213220ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/username.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "username.h" #include "snoopy.h" #include #include #include #include #include /* * SNOOPY DATA SOURCE: username * * Description: * Returns literal username of current process * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_datasource_username (char * const result, char const * const arg) { struct passwd pwd; struct passwd *pwd_uid = NULL; char *buffpwd_uid = NULL; long buffpwdsize_uid = 0; int messageLength = 0; /* Allocate memory */ buffpwdsize_uid = sysconf(_SC_GETPW_R_SIZE_MAX); if (-1 == buffpwdsize_uid) { buffpwdsize_uid = 16384; } buffpwd_uid = malloc(buffpwdsize_uid); if (NULL == buffpwd_uid) { return snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(malloc)"); } /* Try to get data */ if (0 != getpwuid_r(getuid(), &pwd, buffpwd_uid, buffpwdsize_uid, &pwd_uid)) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "ERROR(getpwuid_r)"); } else { if (NULL == pwd_uid) { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "(undefined)"); } else { messageLength = snprintf(result, SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE, "%s", pwd_uid->pw_name); } } /* Cleanup and return */ free(buffpwd_uid); return messageLength; } snoopy-snoopy-2.4.6/src/datasource/username.h000066400000000000000000000016651276626320200213260ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/username.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY DATA SOURCE: username */ int snoopy_datasource_username (char * const result, char const * const arg); snoopy-snoopy-2.4.6/src/datasourceregistry.c000066400000000000000000000260631276626320200212720ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: datasourceregistry.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "datasourceregistry.h" #include "snoopy.h" #include "genericregistry.h" #include /* * Include headers of all datasource functions */ #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_cmdline #include "datasource/cmdline.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_cwd #include "datasource/cwd.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_datetime #include "datasource/datetime.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_domain #include "datasource/domain.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_egid #include "datasource/egid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_egroup #include "datasource/egroup.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_env #include "datasource/env.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_env_all #include "datasource/env_all.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_euid #include "datasource/euid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_eusername #include "datasource/eusername.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_filename #include "datasource/filename.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_gid #include "datasource/gid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_group #include "datasource/group.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_hostname #include "datasource/hostname.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_login #include "datasource/login.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_pid #include "datasource/pid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_ppid #include "datasource/ppid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_rpname #include "datasource/rpname.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_sid #include "datasource/sid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_literal #include "datasource/snoopy_literal.h" #endif #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_threads #include "datasource/snoopy_threads.h" #endif #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_version #include "datasource/snoopy_version.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tid #include "datasource/tid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tid_kernel #include "datasource/tid_kernel.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp #include "datasource/timestamp.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_ms #include "datasource/timestamp_ms.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_us #include "datasource/timestamp_us.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty #include "datasource/tty.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty_uid #include "datasource/tty_uid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty_username #include "datasource/tty_username.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_uid #include "datasource/uid.h" #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_username #include "datasource/username.h" #endif /* This prevents "ISO C forbids empty initializer braces" error */ #include "datasource/noop.h" /* * Two arrays holding data about all data sources */ char* snoopy_datasourceregistry_names[] = { #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_cmdline "cmdline", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_cwd "cwd", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_datetime "datetime", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_domain "domain", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_egid "egid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_egroup "egroup", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_env "env", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_env_all "env_all", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_euid "euid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_eusername "eusername", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_filename "filename", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_gid "gid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_group "group", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_hostname "hostname", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_login "login", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_pid "pid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_ppid "ppid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_rpname "rpname", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_sid "sid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_literal "snoopy_literal", #endif #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_threads "snoopy_threads", #endif #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_version "snoopy_version", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tid "tid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tid_kernel "tid_kernel", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp "timestamp", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_ms "timestamp_ms", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_us "timestamp_us", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty "tty", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty_uid "tty_uid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty_username "tty_username", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_uid "uid", #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_username "username", #endif /* This prevents "ISO C forbids empty initializer braces" error */ "noop", "", }; int (*snoopy_datasourceregistry_ptrs []) (char * const result, char const * const arg) = { #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_cmdline snoopy_datasource_cmdline, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_cwd snoopy_datasource_cwd, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_datetime snoopy_datasource_datetime, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_domain snoopy_datasource_domain, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_egid snoopy_datasource_egid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_egroup snoopy_datasource_egroup, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_env snoopy_datasource_env, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_env_all snoopy_datasource_env_all, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_euid snoopy_datasource_euid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_eusername snoopy_datasource_eusername, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_filename snoopy_datasource_filename, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_gid snoopy_datasource_gid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_group snoopy_datasource_group, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_hostname snoopy_datasource_hostname, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_login snoopy_datasource_login, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_pid snoopy_datasource_pid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_ppid snoopy_datasource_ppid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_rpname snoopy_datasource_rpname, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_sid snoopy_datasource_sid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_literal snoopy_datasource_snoopy_literal, #endif #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_threads snoopy_datasource_snoopy_threads, #endif #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_snoopy_version snoopy_datasource_snoopy_version, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tid snoopy_datasource_tid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tid_kernel snoopy_datasource_tid_kernel, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp snoopy_datasource_timestamp, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_ms snoopy_datasource_timestamp_ms, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_timestamp_us snoopy_datasource_timestamp_us, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty snoopy_datasource_tty, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty_uid snoopy_datasource_tty_uid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_tty_username snoopy_datasource_tty_username, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_uid snoopy_datasource_uid, #endif #ifdef SNOOPY_CONF_DATASOURCE_ENABLED_username snoopy_datasource_username, #endif /* This prevents "ISO C forbids empty initializer braces" error */ snoopy_datasource_noop, }; /* * getCount() * * Return number of available datasources */ int snoopy_datasourceregistry_getCount () { return snoopy_genericregistry_getCount(snoopy_datasourceregistry_names); } /* * doesIdExist() * * Return true if datasource exists (by id), otherwise return false */ int snoopy_datasourceregistry_doesIdExist (int datasourceId) { return snoopy_genericregistry_doesIdExist(snoopy_datasourceregistry_names, datasourceId); } /* * doesNameExist() * * Return true if datasource exists (by name), otherwise return false */ int snoopy_datasourceregistry_doesNameExist (char const * const datasourceName) { return snoopy_genericregistry_doesNameExist(snoopy_datasourceregistry_names, datasourceName); } /* * getIdFromName() * * Return index of given datasource, or -1 if not found */ int snoopy_datasourceregistry_getIdFromName (char const * const datasourceName) { return snoopy_genericregistry_getIdFromName(snoopy_datasourceregistry_names, datasourceName); } /* * getName() * * Return name of given datasource, or NULL */ char* snoopy_datasourceregistry_getName (int datasourceId) { return snoopy_genericregistry_getName(snoopy_datasourceregistry_names, datasourceId); } /* * callById() * * Call the given datasource by id and return its output */ int snoopy_datasourceregistry_callById (int datasourceId, char * const result, char const * const datasourceArg) { if (SNOOPY_FALSE == snoopy_datasourceregistry_doesIdExist(datasourceId)) { return -1; } return snoopy_datasourceregistry_ptrs[datasourceId](result, datasourceArg); } /* * callByName() * * Call the given datasource by name and return its output */ int snoopy_datasourceregistry_callByName (char const * const datasourceName, char * const result, char const * const datasourceArg) { int datasourceId; datasourceId = snoopy_datasourceregistry_getIdFromName(datasourceName); if (datasourceId == -1) { return -1; } return snoopy_datasourceregistry_ptrs[datasourceId](result, datasourceArg); } snoopy-snoopy-2.4.6/src/datasourceregistry.h000066400000000000000000000027431276626320200212760ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: datasourceregistry.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Functions to manage and utilise datasources */ int snoopy_datasourceregistry_getCount (); int snoopy_datasourceregistry_doesIdExist (int datasourceId); int snoopy_datasourceregistry_doesNameExist (char const * const datasourceName); int snoopy_datasourceregistry_getIdFromName (char const * const datasourceName); char* snoopy_datasourceregistry_getName (int datasourceId); int snoopy_datasourceregistry_callById (int datasourceId, char * const result, char const * const datasourceArg); int snoopy_datasourceregistry_callByName (char const * const datasourceName, char * const result, char const * const datasourceArg); snoopy-snoopy-2.4.6/src/error.c000066400000000000000000000026641276626320200165010ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: error.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "error.h" #include "snoopy.h" #include "configuration.h" #include "log.h" /* * snoopy_error_handler * * Description: * Does the actual error handling. If configured, it sends it * to syslog. * * Params: * (none) * * Return: * void */ void snoopy_error_handler (char *errorMsg) { snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); /* Only send error to syslog if configured like that */ if (SNOOPY_TRUE == CFG->error_logging_enabled) { snoopy_log_dispatch(errorMsg, SNOOPY_LOG_ERROR); } } snoopy-snoopy-2.4.6/src/error.h000066400000000000000000000015711276626320200165020ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: error.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Error-handling functions */ void snoopy_error_handler(char *errorMsg); snoopy-snoopy-2.4.6/src/eventsource/000077500000000000000000000000001276626320200175365ustar00rootroot00000000000000snoopy-snoopy-2.4.6/src/eventsource/Makefile.am000066400000000000000000000013401276626320200215700ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Include # AM_CFLAGS += -I$(top_srcdir)/src ### Create one library with all Snoopy data sources collected in it # noinst_LTLIBRARIES = libsnoopy_eventsource_execve_wrapper.la ### Event sources # # Please maintain alphabetical order, equal to what `ls` would do. # libsnoopy_eventsource_execve_wrapper_la_SOURCES = \ execve_wrapper.c \ execve_wrapper.h libsnoopy_eventsource_execve_wrapper_la_LDFLAGS = # # Exclude -pedantic from CFLAGS because casing object pointer received from # dlsym to function pointer is not allowed by ISO C. # libsnoopy_eventsource_execve_wrapper_la_CFLAGS = `echo $(AM_CFLAGS) | sed -e 's/-pedantic//'` snoopy-snoopy-2.4.6/src/eventsource/execve_wrapper.c000066400000000000000000000040161276626320200227220ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/eventsource/execve_wrapper.c * * Copyright (c) 2000 Marius Aamodt Eriksen * Copyright (c) 2000 Mike Baker * Copyright (c) 2010-2015 Bostjan Skufca * * Part hacked on flight KL 0617, 30,000 ft or so over the Atlantic :) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "execve_wrapper.h" #include "snoopy.h" #include "log.h" #include /* * Helpers to find pointer to overloaded function */ #if defined(RTLD_NEXT) # define REAL_LIBC RTLD_NEXT #else # define REAL_LIBC ((void *) -1L) #endif #define FN(ptr, type, name, args) ptr = (type (*)args)dlsym (REAL_LIBC, name) /* * Function wrapper - execv() */ int execv (const char *filename, char *const argv[]) { static int (*func)(const char *, char **); FN(func, int, "execv", (const char *, char **const)); snoopy_log_syscall_execv(filename, argv); return (*func) (filename, (char **) argv); } /* * Function wrapper - execve() */ int execve (const char *filename, char *const argv[], char *const envp[]) { static int (*func)(const char *, char **, char **); FN(func, int, "execve", (const char *, char **const, char **const)); snoopy_log_syscall_execve(filename, argv, envp); return (*func) (filename, (char**) argv, (char **) envp); } snoopy-snoopy-2.4.6/src/eventsource/execve_wrapper.h000066400000000000000000000022411276626320200227250ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/eventsource/execve_wrapper.h * * Copyright (c) 2000 Marius Aamodt Eriksen * Copyright (c) 2000 Mike Baker * Copyright (c) 2010-2015 Bostjan Skufca * * Part hacked on flight KL 0617, 30,000 ft or so over the Atlantic :) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Function prototypes */ int execv (const char *filename, char *const argv[]); int execve (const char *filename, char *const argv[], char *const envp[]); snoopy-snoopy-2.4.6/src/filter/000077500000000000000000000000001276626320200164615ustar00rootroot00000000000000snoopy-snoopy-2.4.6/src/filter/Makefile.am000066400000000000000000000021111276626320200205100ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Include # AM_CFLAGS += -I$(top_srcdir)/src ### Create one library with all Snoopy filters collected in it # noinst_LTLIBRARIES = libsnoopy_filters_all.la ### Filter collection is made of the following files # # Please maintain alphabetical order, equal to what `ls` would do # libsnoopy_filters_all_la_SOURCES = \ noop.c \ noop.h ### Filter: exclude_spawns_of # if FILTER_ENABLED_exclude_spawns_of libsnoopy_filters_all_la_SOURCES += \ exclude_spawns_of.c \ exclude_spawns_of.h endif ### Filter: exclude_uid # if FILTER_ENABLED_exclude_uid libsnoopy_filters_all_la_SOURCES += \ exclude_uid.c \ exclude_uid.h endif ### Filter: only_root # if FILTER_ENABLED_only_root libsnoopy_filters_all_la_SOURCES += \ only_root.c \ only_root.h endif ### Filter: only_tty # if FILTER_ENABLED_only_tty libsnoopy_filters_all_la_SOURCES += \ only_tty.c \ only_tty.h endif ### Filter: only_uid # if FILTER_ENABLED_only_uid libsnoopy_filters_all_la_SOURCES += \ only_uid.c \ only_uid.h endif snoopy-snoopy-2.4.6/src/filter/exclude_spawns_of.c000066400000000000000000000166601276626320200223460ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/filter/exclude_spawns_of.c * * Copyright (c) 2015 Datto, Inc. All rights reserved. * Author: Fred Mora - fmora@datto.com * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "exclude_spawns_of.h" #include "snoopy.h" #include #include #include #include #include /* * Local defines */ #define PROGLISTSEP ',' #define ST_COMM_SIZE_MAX 32 // Keep these 3 in sync #define ST_COMM_SCANF_PRECISION_S "31" // Keep these 3 in sync #define ST_COMM_LAST_CHAR_POS 31 // Keep these 3 in sync /* * Non-public function prototypes */ int find_ancestor_in_list(char **name_list); int find_string_in_array(char *str, char **str_array); char **string_to_token_array(char *str); /* * SNOOPY FILTER: exclude_spawns_of * * Description: * Excludes all log messages for executables that have the specified program name in their ancestors. * Strategy: We parse arg to create the "list of specified programs" (LoSP). * Then, we walk up the parent process ID (PPID) chain and we check if each executable name is part * of the LoSP. * * Params: * logMessage: Pointer to string that contains formatted log message (may be manipulated) * arg: Comma-separated list of program names for the spawns of which log messages are dropped. * * Return: * SNOOPY_FILTER_PASS or SNOOPY_FILTER_DROP */ int snoopy_filter_exclude_spawns_of(char *msg, char const * const arg) { char *argDup; // Must not alter arg char **losp; // List of specified programs derived from arg int is_ancestor_in_list = 0; // Turn comma-separated arg into array of program name strings argDup = strdup(arg); losp = string_to_token_array(argDup); if (losp == NULL) { // If failure, we cannot filter anything, just pass the message return SNOOPY_FILTER_PASS; } // Check if one of the program names in losp is an ancestor is_ancestor_in_list = find_ancestor_in_list(losp); free(losp); free(argDup); return (is_ancestor_in_list == 1) ? SNOOPY_FILTER_DROP : SNOOPY_FILTER_PASS; // Error means pass } // Helper functions /** * Description: * Walks the /proc tree from /proc/currentPID and iterate parent PIDs up to PID 1. For each PID, check if the * executable name is in name_list. * Params: * name_list: Ptr to array of char ptr. Each element point to the name of an executable. * Return: * 1 if the executable name of an ancestor process is found in name_list * 0 if there are no ancestor that have a name found in name_list * -1 if error. */ int find_ancestor_in_list(char **name_list) { pid_t ppid; char stat_path[32]; // Path "/proc/nnnn/stat" where nnnn = some PID FILE *statf; int rc, found; char *ancestor_name; /* * The following vars are read from /proc/PID/stat * * st_comm: * Buffer for exec file name. In kernel/include/linux/sched.h is this * defined as 16 byte string, but let's keep a bit of spare room if * something suddenly changes in the kernel. */ char st_commBuff[ST_COMM_SIZE_MAX]; char *st_comm; pid_t st_pid; char st_state; if (name_list == NULL) { return -1; } ppid = getppid(); // We start with the parent while (ppid != 1) { // Create the path to /proc//stat sprintf(stat_path, "/proc/%d/stat", ppid); statf = fopen(stat_path, "r"); if (statf == NULL) { return -1; } // Grab the first few elements from the stat pseudo-file. Format from man 5 proc. st_comm = st_commBuff; rc = fscanf(statf, "%d %"ST_COMM_SCANF_PRECISION_S"s %c %d", &st_pid, st_comm, &st_state, &ppid); if (rc == EOF) { fclose(statf); return -1; } /* * Do not worry about %31s not being enough if command name in * /proc/PID/stat exceeds it. fscanf() returns OK, it just shortens * the resulting string to 31+\0. */ // Secure string ending, just in case (this should be done by fscanf()) st_comm[ST_COMM_LAST_CHAR_POS] = '\0'; // stat provides st_comm as the name between parentheses. Get rid of the parens. ancestor_name = st_comm + 1; st_comm[strlen(st_comm) - 1] = '\0'; found = find_string_in_array(ancestor_name, name_list); if (found) { fclose(statf); return 1; } fclose(statf); } return 0; // Nothing found } /** * Description: * Searches for a string in an array of strings. All strings are zero-terminated. * Params: * str: Ptr to the string we are looking for in str_array. * str_array: Ptr to array of char ptr, each of them pointing to a string to compare to str. * Return: * 1 if str matches one of the strings in str_array * 0 if there are no matches or if either argument is NULL. */ int find_string_in_array(char *str, char **str_array) { if ((str == NULL) || (str_array == NULL)) { return 0; } char **p = str_array; while (*p != NULL) { if (strcmp(str, *p) == 0) { return 1; } p++; } return 0; } /** * Description: * Tokenizes string str using comma as a separator. Returns an array of individual tokens between delimiters. * * Params: * str: string to be tokenized. The string is modified as per strtok (delimiters replaced with \0).. * Returns: * Ptr to array of char ptr. Each element point to an individual substring between delimiters. * The last element is the NULL pointer to act as a delimiter. * The returned pointer should be freed by the caller after use. * If str is NULL or empty, or if error, returns NULL. */ char **string_to_token_array(char *str) { char *p; int i; int sepcount = 0; int token_count; char **token_array; // Return value char *saveptr = NULL; // For strtok_r() if ((str == NULL) || (*str == '\0')) { return NULL; } // Count the occurences of PROGLISTSEP p = strchr(str, PROGLISTSEP); while (p != NULL) { sepcount++; p=strchr(p+1, PROGLISTSEP); } // Allocate storage for token_array: one more than the separator count, and one more for the NULL delimiter. token_count = sepcount +1; token_array = calloc(token_count + 1, sizeof(p)); if (token_array == NULL) { return NULL; } // Fill in token_array with ptrs to individual tokens char delim[] = { PROGLISTSEP, '\0'}; // Make a string of delimiters p = str; for (i = 0; i < token_count; i++) { token_array[i] = strtok_r(p, delim, &saveptr); p = NULL; } token_array[token_count] = NULL; return(token_array); } snoopy-snoopy-2.4.6/src/filter/exclude_spawns_of.h000066400000000000000000000017341276626320200223470ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/filter/exclude_spawns_of.h * * Copyright (c) 2015 Datto, Inc. All rights reserved. * Author: Fred Mora - fmora@datto.com * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY FILTER: exclude_spawns_of */ int snoopy_filter_exclude_spawns_of (char *msg, char const * const arg); snoopy-snoopy-2.4.6/src/filter/exclude_uid.c000066400000000000000000000047761276626320200211350ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/filter/exclude_uid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "exclude_uid.h" #include "snoopy.h" #include "parser.h" #include #include #include #include #include /* * SNOOPY FILTER: exclude_uid * * Description: * Excludes all log messages comming from specified UIDs * * Params: * logMessage: pointer to string that contains formatted log message (may be manipulated) * arg: Comma-separated list of UIDs for which log messages are dropped, passed for others * * Return: * SNOOPY_FILTER_PASS or SNOOPY_FILTER_DROP */ int snoopy_filter_exclude_uid (char *msg, char const * const arg) { uid_t curUid; // Actual UID of running process char *argDup = NULL; char **argParsed = NULL; int argCount = 0; int retVal = -1; /* Get uid of current process */ curUid = getuid(); /* Parse arguments - values are malloc()-ed */ argDup = strdup(arg); argCount = snoopy_parser_argList_csv(argDup, &argParsed); /* Loop through all UIDs passed to the filter as argument */ for (int i=0 ; i * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY FILTER: exclude_uid */ int snoopy_filter_exclude_uid (char *msg, char const * const arg); snoopy-snoopy-2.4.6/src/filter/noop.c000066400000000000000000000023271276626320200176040ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/noop.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "src/filter/noop.h" #include "snoopy.h" /* * SNOOPY FILTER: noop * * Description: * Does nothing (just passes). * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * SNOOPY_FILTER_PASS */ int snoopy_filter_noop(char *msg, char const * const arg) { return SNOOPY_FILTER_PASS; } snoopy-snoopy-2.4.6/src/filter/noop.h000066400000000000000000000016251276626320200176110ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/noop.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY FILTER: noop */ int snoopy_filter_noop(char *msg, char const * const arg); snoopy-snoopy-2.4.6/src/filter/only_root.c000066400000000000000000000027161276626320200206570ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/filter/only_root.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "only_root.h" #include "snoopy.h" #include #include #include /* * SNOOPY FILTER: only_root * * Description: * Only logs messages from root (uid=0 actually) * * Params: * msg: pointer to string that contains formatted log message (may be manipulated) * arg: arguments passed to this filter * * Return: * SNOOPY_FILTER_PASS or SNOOPY_FILTER_DROP */ int snoopy_filter_only_root (char *msg, char const * const arg) { if (0 == getuid()) { return SNOOPY_FILTER_PASS; } else { return SNOOPY_FILTER_DROP; } } snoopy-snoopy-2.4.6/src/filter/only_root.h000066400000000000000000000016411276626320200206600ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/filter/only_root.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY FILTER: only_root */ int snoopy_filter_only_root (char *msg, char const * const arg); snoopy-snoopy-2.4.6/src/filter/only_tty.c000066400000000000000000000031521276626320200205070ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/datasource/tty.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "src/filter/only_tty.h" #include "snoopy.h" #include #include #include /* * SNOOPY FILTER: only_tty * * Description: * Returns TTY of current process. * * Params: * result: pointer to string, to write result into * arg: (ignored) * * Return: * number of characters in the returned string, or SNOOPY_DATASOURCE_FAILURE */ int snoopy_filter_only_tty(char *msg, char const * const arg) { char ttyPath[SNOOPY_DATASOURCE_TTY_sizeMaxWithNull]; size_t ttyPathLen = SNOOPY_DATASOURCE_TTY_sizeMaxWithoutNull; int retVal = ttyname_r(0, ttyPath, ttyPathLen); // Only pass in this case if (0 == retVal) { return SNOOPY_FILTER_PASS; } return SNOOPY_FILTER_DROP; } snoopy-snoopy-2.4.6/src/filter/only_tty.h000066400000000000000000000021161276626320200205130ustar00rootroot00000000000000 /* * SNOOPY LOGGER * * File: snoopy/datasource/tty.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Local defines */ #define SNOOPY_DATASOURCE_TTY_sizeMaxWithoutNull 4096 // PATH_MAX does not work here? #define SNOOPY_DATASOURCE_TTY_sizeMaxWithNull 4097 /* * SNOOPY FILTER: only_tty */ int snoopy_filter_only_tty(char *msg, char const * const arg); snoopy-snoopy-2.4.6/src/filter/only_uid.c000066400000000000000000000047611276626320200204570ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/filter/only_uid.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "only_uid.h" #include "snoopy.h" #include "parser.h" #include #include #include #include #include /* * SNOOPY FILTER: only_uid * * Description: * Excludes all log messages not comming from specific UID * * Params: * logMessage: pointer to string that contains formatted log message (may be manipulated) * arg: Comma-separated list of UIDs for which log message is passed on, dropped for all others * * Return: * SNOOPY_FILTER_PASS or SNOOPY_FILTER_DROP */ int snoopy_filter_only_uid (char *msg, char const * const arg) { uid_t curUid; // Actual UID of running process char *argDup = NULL; char **argParsed = NULL; int argCount = 0; int retVal = -1; /* Get uid of current process */ curUid = getuid(); /* Parse arguments - values are malloc()-ed */ argDup = strdup(arg); argCount = snoopy_parser_argList_csv(argDup, &argParsed); /* Loop through all UIDs passed to the filter as argument */ for (int i=0 ; i * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY FILTER: only_uid */ int snoopy_filter_only_uid (char *msg, char const * const arg); snoopy-snoopy-2.4.6/src/filtering.c000066400000000000000000000103421276626320200173230ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: filtering.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "filtering.h" #include "snoopy.h" #include "configuration.h" #include "filterregistry.h" #include "message.h" #ifndef _POSIX_SOURCE // For strtok_r #define _POSIX_SOURCE #endif #include #include #include /* * snoopy_filtering_check_chain * * Description: * Determines whether given message should be send to syslog or not * * Params: * logMessage: message about to be sent to syslog * chain: filter chain to check * * Return: * SNOOPY_FILTER_PASS or SNOOPY_FILTER_DROP */ int snoopy_filtering_check_chain ( char *logMessage, char *filterChain ) { char filterChainCopy[SNOOPY_FILTER_CHAIN_MAX_SIZE]; // Must be here, or strtok_r segfaults int filterChainCopySize; int j; char *str; char *rest; char *filterSpec; // Single filter specification from defined filter chain char *fcPos_filterSpecArg; // Pointer to argument part of single filter specification in a filter chain // Copy the filter chain specification to separate string, to be used in strtok_r filterChainCopySize = strlen(filterChain); if (filterChainCopySize > SNOOPY_FILTER_CHAIN_MAX_SIZE - 1) { filterChainCopySize = SNOOPY_FILTER_CHAIN_MAX_SIZE - 1; } strncpy(filterChainCopy, filterChain, filterChainCopySize); filterChainCopy[filterChainCopySize] = '\0'; // Loop through all filters for (j=1, str=filterChainCopy; ; j++, str=NULL) { char filterName[SNOOPY_FILTER_NAME_MAX_SIZE]; char *filterNamePtr; size_t filterNameSize; char filterArg[SNOOPY_FILTER_ARG_MAX_SIZE]; char *filterArgPtr; // Parse the remaining filter chain specification for next filterSpec filterSpec = strtok_r(str, ";", &rest); if (NULL == filterSpec) { // We are at the end of filtering chain break; } // If filter tag contains ":", then split it into filter name and filter argument fcPos_filterSpecArg = strstr(filterSpec, ":"); if (NULL == fcPos_filterSpecArg) { // filterSpec == filterName, there is no argument filterName[0] = '\0'; filterNamePtr = filterSpec; filterArg[0] = '\0'; filterArgPtr = filterArg; } else { // Change the colon to null character, which effectively splits the string in two parts. // Then point to first and second part with corresponding variables. filterNameSize = fcPos_filterSpecArg - filterSpec; filterName[0] = '\0'; strncpy(filterName, filterSpec, filterNameSize); filterName[filterNameSize] = '\0'; filterNamePtr = filterName; filterArgPtr = fcPos_filterSpecArg + 1; } // Check if filter actually exists if (SNOOPY_FALSE == snoopy_filterregistry_doesNameExist(filterNamePtr)) { snoopy_message_append(logMessage, "ERROR(Filter not found - "); snoopy_message_append(logMessage, filterNamePtr); snoopy_message_append(logMessage, ")"); break; } // Consult the filter, and return immediately if message should be dropped if (SNOOPY_FILTER_DROP == snoopy_filterregistry_callByName(filterNamePtr, logMessage, filterArgPtr)) { return SNOOPY_FILTER_DROP; } } return SNOOPY_FILTER_PASS; } snoopy-snoopy-2.4.6/src/filtering.h000066400000000000000000000015661276626320200173400ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: filtering.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ int snoopy_filtering_check_chain ( char *logMessage, char *chain ); snoopy-snoopy-2.4.6/src/filterregistry.c000066400000000000000000000107211276626320200204170ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: filterregistry.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "filterregistry.h" #include "snoopy.h" #include "genericregistry.h" /* * Include headers of all filter functions */ #ifdef SNOOPY_CONF_FILTER_ENABLED_exclude_spawns_of #include "filter/exclude_spawns_of.h" #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_exclude_uid #include "filter/exclude_uid.h" #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_root #include "filter/only_root.h" #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_tty #include "filter/only_tty.h" #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_uid #include "filter/only_uid.h" #endif /* This prevents "ISO C forbids empty initializer braces" error */ #include "filter/noop.h" /* * Two arrays holding data about filter functions */ char *snoopy_filterregistry_names[] = { #ifdef SNOOPY_CONF_FILTER_ENABLED_exclude_spawns_of "exclude_spawns_of", #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_exclude_uid "exclude_uid", #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_root "only_root", #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_tty "only_tty", #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_uid "only_uid", #endif /* This prevents "ISO C forbids empty initializer braces" error */ "noop", "", }; int (*snoopy_filterregistry_ptrs []) (char *logMessage, char const * const arg) = { #ifdef SNOOPY_CONF_FILTER_ENABLED_exclude_spawns_of snoopy_filter_exclude_spawns_of, #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_exclude_uid snoopy_filter_exclude_uid, #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_root snoopy_filter_only_root, #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_tty snoopy_filter_only_tty, #endif #ifdef SNOOPY_CONF_FILTER_ENABLED_only_uid snoopy_filter_only_uid, #endif /* This prevents "ISO C forbids empty initializer braces" error */ snoopy_filter_noop, }; /* * getCount() * * Return number of available filters */ int snoopy_filterregistry_getCount () { return snoopy_genericregistry_getCount(snoopy_filterregistry_names); } /* * doesIdExist() * * Return true if filter exists (by id), otherwise return false */ int snoopy_filterregistry_doesIdExist (int filterId) { return snoopy_genericregistry_doesIdExist(snoopy_filterregistry_names, filterId); } /* * doesNameExist() * * Return true if filter exists (by name), otherwise return false */ int snoopy_filterregistry_doesNameExist (char const * const filterName) { return snoopy_genericregistry_doesNameExist(snoopy_filterregistry_names, filterName); } /* * getIdFromName() * * Return index of given filter, or -1 if not found */ int snoopy_filterregistry_getIdFromName (char const * const filterName) { return snoopy_genericregistry_getIdFromName(snoopy_filterregistry_names, filterName); } /* * getName() * * Return name of given filter, or NULL */ char* snoopy_filterregistry_getName (int filterId) { return snoopy_genericregistry_getName(snoopy_filterregistry_names, filterId); } /* * callById() * * Call the given filter by id and return its output */ int snoopy_filterregistry_callById (int filterId, char *logMessage, char const * const filterArg) { if (SNOOPY_FALSE == snoopy_filterregistry_doesIdExist(filterId)) { return -1; } return snoopy_filterregistry_ptrs[filterId](logMessage, filterArg); } /* * callByName() * * Call the given filter by name and return its output */ int snoopy_filterregistry_callByName (char const * const filterName, char * logMessage, char const * const filterArg) { int filterId; filterId = snoopy_filterregistry_getIdFromName(filterName); if (filterId == -1) { return -1; } return snoopy_filterregistry_ptrs[filterId](logMessage, filterArg); } snoopy-snoopy-2.4.6/src/filterregistry.h000066400000000000000000000026331276626320200204270ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: filterregistry.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Functions to manage and utilise filters */ int snoopy_filterregistry_getCount (); int snoopy_filterregistry_doesIdExist (int filterId); int snoopy_filterregistry_doesNameExist (char const * const filterName); int snoopy_filterregistry_getIdFromName (char const * const filterName); char* snoopy_filterregistry_getName (int filterId); int snoopy_filterregistry_callById (int filterId, char * logMessage, char const * const filterArg); int snoopy_filterregistry_callByName (char const * const filterName, char * logMessage, char const * const filterArg); snoopy-snoopy-2.4.6/src/genericregistry.c000066400000000000000000000046601276626320200205530ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: genericregistry.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "genericregistry.h" #include "snoopy.h" #include /* * getCount() * * Return number of available items */ int snoopy_genericregistry_getCount (char *regArray[]) { int i; i = 0; while (strcmp(regArray[i], "") != 0) { i++; } return i; } /* * doesIdExist() * * Return true if item exists (by id) in the registry, otherwise return false */ int snoopy_genericregistry_doesIdExist (char *regArray[], int itemId) { if ((0 <= itemId ) && (itemId < snoopy_genericregistry_getCount(regArray))) { return SNOOPY_TRUE; } else { return SNOOPY_FALSE; } } /* * doesNameExist() * * Return true if item exists (by name) in the registry, otherwise return false */ int snoopy_genericregistry_doesNameExist (char *regArray[], char const * const itemName) { if (snoopy_genericregistry_getIdFromName(regArray, itemName) == -1) { return SNOOPY_FALSE; } else { return SNOOPY_TRUE; } } /* * getIdFromName() * * Return id of given item, or -1 if not found */ int snoopy_genericregistry_getIdFromName (char *regArray[], char const * const itemName) { for (int i=0 ; 0 != strcmp(regArray[i], "") ; i++) { if (strcmp(regArray[i], itemName) == 0) { return i; } } /* Not found */ return -1; } /* * getName() * * Return name of given item, or NULL */ char* snoopy_genericregistry_getName (char *regArray[], int itemId) { if (snoopy_genericregistry_doesIdExist(regArray, itemId)) { return regArray[itemId]; } /* Not found */ return NULL; } snoopy-snoopy-2.4.6/src/genericregistry.h000066400000000000000000000023531276626320200205550ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: genericregistry.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Generic registry functions */ int snoopy_genericregistry_getCount (char *regArray[]); int snoopy_genericregistry_doesIdExist (char *regArray[], int itemId); int snoopy_genericregistry_doesNameExist (char *regArray[], char const * const itemName); int snoopy_genericregistry_getIdFromName (char *regArray[], char const * const itemName); char* snoopy_genericregistry_getName (char *regArray[], int itemId); snoopy-snoopy-2.4.6/src/inputdatastorage.c000066400000000000000000000112771276626320200207260ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: inputdatastorage.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "inputdatastorage.h" #include "snoopy.h" #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED #include "tsrm.h" #endif /* * Common definitions */ #define EMPTY_FILENAME "" #define EMPTY_STRINGARRAY (char *[]){'\0'} /* * Storage of Snoopy's input data for non-thread-safe builds */ #ifndef SNOOPY_CONF_THREAD_SAFETY_ENABLED snoopy_inputdatastorage_t snoopy_inputdatastorage_data = { .initialized = SNOOPY_FALSE, }; #endif /* * snoopy_inputdatastorage_ctor * * Description: * Populates snoopy_inputdatastorage struct with default empty * data, in order to prevent data leaks between execv(e) calls. * * Params: * (none) * * Return: * void */ void snoopy_inputdatastorage_ctor () { /* Get IDS pointer */ snoopy_inputdatastorage_t *IDS = snoopy_inputdatastorage_get(); snoopy_inputdatastorage_setDefaults(IDS); } /* * snoopy_inputdatastorage_dtor * * Description: * Populates snoopy_inputdatastorage struct with default empty * data, in order to prevent data leaks between execv(e) calls. * * NOTE: This is intentional behaviour. Reset in ctor and in * dtor too. * * Params: * (none) * * Return: * void */ void snoopy_inputdatastorage_dtor () { /* Get IDS pointer */ snoopy_inputdatastorage_t *IDS = snoopy_inputdatastorage_get(); snoopy_inputdatastorage_setDefaults(IDS); } /* * snoopy_inputdatastorage_setUninitialized() * * Description: * Sets the state of IDS to uninitialized. * * Params: * (none) * * Return: * void */ void snoopy_inputdatastorage_setUninitialized ( snoopy_inputdatastorage_t *IDS ) { IDS->initialized = SNOOPY_FALSE; } /* * snoopy_inputdatastorage_setDefaults() * * Description: * Resets the input data storage to default values * * Params: * (none) * * Return: * void */ void snoopy_inputdatastorage_setDefaults ( snoopy_inputdatastorage_t *IDS ) { IDS->initialized = SNOOPY_TRUE; IDS->filename = EMPTY_FILENAME; IDS->argv = EMPTY_STRINGARRAY; IDS->envp = EMPTY_STRINGARRAY; } /* * snoopy_inputdatastorage_store_filename() * * Description: * Store filename of execv()/execve() syscall * * Params: * filename: filename to store * * Return: * void */ void snoopy_inputdatastorage_store_filename ( const char *filename ) { /* Get IDS pointer */ snoopy_inputdatastorage_t *IDS = snoopy_inputdatastorage_get(); /* Store value */ IDS->filename = filename; } /* * snoopy_inputdatastorage_store_argv() * * Description: * Store argv[] of execv()/execve() syscall * * Params: * argv: argv pointer to store * * Return: * void */ void snoopy_inputdatastorage_store_argv ( char *argv[] ) { /* Get IDS pointer */ snoopy_inputdatastorage_t *IDS = snoopy_inputdatastorage_get(); /* Store value */ IDS->argv = argv; } /* * snoopy_inputdatastorage_store_envp() * * Description: * Store envp[] of execve() syscall * * Params: * envp: environment array pointer to store * * Return: * void */ void snoopy_inputdatastorage_store_envp ( char *envp[] ) { /* Get IDS pointer */ snoopy_inputdatastorage_t *IDS = snoopy_inputdatastorage_get(); /* Store value */ IDS->envp = envp; } /* * snoopy_inputdatastorage_get() * * Description: * Retrieve inpudatastorage struct pointer * * Params: * (none) * * Return: * snoopy_inputdatastorage_t*: Pointer to inputdatastorage struct */ snoopy_inputdatastorage_t* snoopy_inputdatastorage_get () { snoopy_inputdatastorage_t *IDS; #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED IDS = snoopy_tsrm_get_inputdatastorage(); #else IDS = &snoopy_inputdatastorage_data; #endif if (SNOOPY_TRUE != IDS->initialized) { snoopy_inputdatastorage_setDefaults(IDS); } return IDS; } snoopy-snoopy-2.4.6/src/inputdatastorage.h000066400000000000000000000035021276626320200207230ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: inputdatastorage.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * START: Prevent cyclic inclusions */ #ifndef __SNOOPY_INPUTDATASTORAGE_H #define __SNOOPY_INPUTDATASTORAGE_H /* * Store execution data for inputs to consume */ typedef struct { int initialized; const char *filename; char **argv; char **envp; } snoopy_inputdatastorage_t; /* * Init functions */ void snoopy_inputdatastorage_ctor (); void snoopy_inputdatastorage_dtor (); void snoopy_inputdatastorage_setUninitialized (snoopy_inputdatastorage_t *IDS); void snoopy_inputdatastorage_setDefaults (snoopy_inputdatastorage_t *IDS); /* * Functions that do the actual data storing */ void snoopy_inputdatastorage_store_filename (const char *filename); void snoopy_inputdatastorage_store_argv ( char *argv[] ); void snoopy_inputdatastorage_store_envp ( char *envp[] ); /* * Retrieval functions */ snoopy_inputdatastorage_t* snoopy_inputdatastorage_get (); /* * END: Prevent cyclic inclusion */ #endif /* Cyclic inclusion */ snoopy-snoopy-2.4.6/src/libsnoopy-debug-addons.c000066400000000000000000000132231276626320200217110ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: libsnoopy-debug-addons.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "libsnoopy-debug-addons.h" #include "snoopy.h" //#include "configuration.h" #include "datasourceregistry.h" #include "error.h" #ifdef SNOOPY_FILTERING_ENABLED #include "filterregistry.h" #endif #include "inputdatastorage.h" //#include "misc.h" #include "outputregistry.h" #include #include #include /* * snoopy_debug_test_all_datasources * * Description: * Loops through all data source and prints what they return * * Params: * (none) * * Return: * void */ void snoopy_debug_test_all_datasources () { char *itemName = NULL; char *itemArgs = NULL; char *itemResult = NULL; int itemResultSize; int i; int dCount; /* Initialize variables and spaces */ itemResult = malloc(SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE + 1); /* Loop throught all datasources and just send to output */ dCount = snoopy_datasourceregistry_getCount(); for (i=0 ; i SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE) { snoopy_error_handler("Maximum data source message size exceeded"); } /* Copy content, append */ printf("%s\n", itemResult); } /* Memory housekeeping */ free(itemResult); } #ifdef SNOOPY_FILTERING_ENABLED /* * snoopy_debug_test_all_filters * * Description: * Loops through all filters and runs them, with bogus data. * * Params: * (none) * * Return: * void */ void snoopy_debug_test_all_filters () { char *message = NULL; char *itemName = NULL; char *itemArgs = NULL; int itemResult; int fCount; int i; /* Initialize variables and spaces */ message = malloc(SNOOPY_LOG_MESSAGE_MAX_SIZE + 1); snprintf(message, SNOOPY_LOG_MESSAGE_MAX_SIZE, "bad message here"); /* Loop throught all filters and run them with bogus arguments */ fCount = snoopy_filterregistry_getCount(); for (i=0 ; i * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Debugging functions */ void snoopy_debug_test_all_datasources (); void snoopy_debug_test_all_filters (); void snoopy_debug_test_all_outputs (); snoopy-snoopy-2.4.6/src/log.c000066400000000000000000000105511276626320200161230ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: log.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "log.h" #include "snoopy.h" #include "configuration.h" #if defined(SNOOPY_FILTERING_ENABLED) #include "filtering.h" #endif #include "inputdatastorage.h" #include "message.h" #include "misc.h" #include "outputregistry.h" #include #include #include /* * snoopy_log_syscall_execv * * Description: * Log the call to syscall execv() * * Params: * filename: filename of program being executed * argv: arguments being passed to execv() * * Return: * void */ void snoopy_log_syscall_execv ( const char *filename, char *const argv[] ) { // Syscall was done without new environmental variables, so let's create // a fake empty array to simulate it. char *envp[] = { NULL }; snoopy_log_syscall_exec("execv", filename, argv, envp); } /* * snoopy_log_syscall_execve * * Description: * Log the call to syscall execve() * * Params: * filename: filename of program being executed * argv: arguments being passed to execve() * envp: environment being passed to execve() * * Return: * void */ void snoopy_log_syscall_execve ( const char *filename, char *const argv[], char *const envp[] ) { snoopy_log_syscall_exec("execve", filename, argv, envp); } /* * snoopy_log_syscall_exec * * Description: * Common routine that does execv(e)() logging * * Params: * syscallName: system call name to log * filename: filename of program being executed * argv: arguments being passed to execv(e)() * envp: environment being passed to execve() * * Return: * void */ void snoopy_log_syscall_exec ( const char *syscallName, const char *filename, char *const argv[], char *const envp[] ) { char *logMessage = NULL; snoopy_configuration_t *CFG; /* Initialize Snoopy */ snoopy_init(); /* Get config pointer */ CFG = snoopy_configuration_get(); // Store arguments passed to execv(e)() snoopy_inputdatastorage_store_filename(filename); snoopy_inputdatastorage_store_argv((char**)argv); snoopy_inputdatastorage_store_envp((char**)envp); /* Initialize empty log message */ logMessage = malloc(SNOOPY_LOG_MESSAGE_MAX_SIZE); logMessage[0] = '\0'; /* Generate log message in specified format */ snoopy_message_generateFromFormat(logMessage, CFG->message_format); #if defined(SNOOPY_FILTERING_ENABLED) /* Should message be passed to syslog or not? */ if ( (SNOOPY_FALSE == CFG->filtering_enabled) || ( (SNOOPY_TRUE == CFG->filtering_enabled) && (SNOOPY_FILTER_PASS == snoopy_filtering_check_chain(logMessage, CFG->filter_chain)) ) ) { #endif snoopy_log_dispatch(logMessage, SNOOPY_LOG_MESSAGE); #if defined(SNOOPY_FILTERING_ENABLED) } #endif /* Housekeeping */ free(logMessage); snoopy_cleanup(); } /* * snoopy_log_dispatch * * Description: * Dispatch given message to configured output * * Params: * logMessage: message to dispatch * errorOrMessage: is this a message or an error? * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_log_dispatch ( char *logMessage, int errorOrMessage ) { /* Dispatch only if non-zero size */ if (0 == strlen(logMessage)) { return SNOOPY_OUTPUT_GRACEFUL_DISCARD; } // Dispatch to configured output return snoopy_outputregistry_dispatch(logMessage, errorOrMessage); } snoopy-snoopy-2.4.6/src/log.h000066400000000000000000000024501276626320200161270ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: log.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Syscall-interception-handling functions */ void snoopy_log_syscall_execv ( const char *filename, char *const argv[] ); void snoopy_log_syscall_execve ( const char *filename, char *const argv[], char *const envp[] ); void snoopy_log_syscall_exec ( const char *syscallName, const char *filename, char *const argv[], char *const envp[] ); /* * Log message dispatching functions */ int snoopy_log_dispatch ( char *logMessage, int errorOrMessage ); snoopy-snoopy-2.4.6/src/message.c000066400000000000000000000131031276626320200167620ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: message.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "message.h" #include "snoopy.h" #include "configuration.h" #include "error.h" #include "datasourceregistry.h" #include "misc.h" #include #include #include /* * snoopy_message_generateFromFormat * * Description: * Generates log message as specified by messageFormat, using * data sources where requested. * * Params: * logMessage: destination string to return message in * logMessageFormat: log message format to use * * Return: * void */ void snoopy_message_generateFromFormat ( char *logMessage, char *logMessageFormat ) { char *fmtPos_cur; char *fmtPos_nextFormatTag; char *fmtPos_nextFormatTagClose; char *msgPos_cur; int retVal; fmtPos_cur = logMessageFormat; fmtPos_nextFormatTag = logMessageFormat; msgPos_cur = logMessage; // Loop all the way to the end of log message format specification while (strlen(fmtPos_nextFormatTag) > 0) { int lengthToCopy; char fmtStaticText[SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE]; char dataSourceTag[100]; int dataSourceTagLength; char *fmtPos_dataSourceTagArg; char *dataSourceNamePtr; char *dataSourceArgPtr; char dataSourceArg[SNOOPY_DATASOURCE_ARG_MAX_SIZE]; char dataSourceMsg[SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE]; // If no data source tag is found, just copy the text and bail out fmtPos_nextFormatTag = strstr(fmtPos_cur, "%{"); if (NULL == fmtPos_nextFormatTag) { snoopy_message_append(logMessage, fmtPos_cur); break; } // Otherwise copy text up to the next data source tag lengthToCopy = fmtPos_nextFormatTag - fmtPos_cur + 1; // + 1 for null termination if (lengthToCopy > (int)(SNOOPY_LOG_MESSAGE_MAX_SIZE-strlen(logMessage))) { lengthToCopy = SNOOPY_LOG_MESSAGE_MAX_SIZE-strlen(logMessage); } fmtStaticText[0] = '\0'; snprintf(fmtStaticText, lengthToCopy, "%s", fmtPos_cur); snoopy_message_append(logMessage, fmtStaticText); msgPos_cur += lengthToCopy; // Get data source tag fmtPos_nextFormatTagClose = strstr(fmtPos_nextFormatTag, "}"); if (NULL == fmtPos_nextFormatTagClose) { snoopy_message_append(logMessage, " ERROR: Closing data source tag not found: '}'"); break; } dataSourceTag[0] = '\0'; dataSourceTagLength = (fmtPos_nextFormatTagClose-1) - (fmtPos_nextFormatTag+2) + 2; snprintf(dataSourceTag, dataSourceTagLength, "%s", fmtPos_nextFormatTag + 2); // If data source tag contains ":", then split it into data source name and data source argument fmtPos_dataSourceTagArg = strstr(dataSourceTag, ":"); if (NULL == fmtPos_dataSourceTagArg) { // Format tag == data source name ATM dataSourceNamePtr = dataSourceTag; dataSourceArg[0] = '\0'; dataSourceArgPtr = dataSourceArg; } else { // Change the colon to null string, and copy fist and second part to corresponding variables fmtPos_dataSourceTagArg[0] = '\0'; dataSourceNamePtr = dataSourceTag; dataSourceArgPtr = fmtPos_dataSourceTagArg + 1; } // Check if data source actually exists if (! snoopy_datasourceregistry_doesNameExist(dataSourceNamePtr)) { snoopy_message_append(logMessage, "ERROR(Data source not found - "); snoopy_message_append(logMessage, dataSourceNamePtr); snoopy_message_append(logMessage, ")"); break; } // Call the provider, and append the results to log message dataSourceMsg[0] = '\0'; retVal = snoopy_datasourceregistry_callByName(dataSourceNamePtr, dataSourceMsg, dataSourceArgPtr); if (SNOOPY_DATASOURCE_FAILED(retVal)) { snoopy_message_append(logMessage, "ERROR(Data source failed, msg:"); snoopy_message_append(logMessage, dataSourceMsg); snoopy_message_append(logMessage, ")"); } else { snoopy_message_append(logMessage, dataSourceMsg); } // Where to start next iteration fmtPos_cur = fmtPos_nextFormatTagClose + 1; msgPos_cur = fmtPos_nextFormatTagClose + 1; } } /* * snoopy_message_append * * Description: * Appends content to the end of log message, watching for * buffer overrun. * * Params: * logMessage: message container to append to * appendThis: content to append to logMessage * * Return: * void */ void snoopy_message_append ( char *logMessage, char *appendThis ) { snoopy_string_append(logMessage, appendThis, SNOOPY_LOG_MESSAGE_MAX_SIZE); } snoopy-snoopy-2.4.6/src/message.h000066400000000000000000000017461276626320200170010ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: message.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ void snoopy_message_generateFromFormat ( char *logMessage, char *logMessageFormat ); void snoopy_message_append ( char *logMessage, char *appendThis ); snoopy-snoopy-2.4.6/src/misc.c000066400000000000000000000236511276626320200163020ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: misc.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "misc.h" #include "snoopy.h" #include "configuration.h" #include "error.h" #include "inputdatastorage.h" #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED #include "tsrm.h" #endif #include #include #include #include /* * snoopy_init * * Description: * Handles Snoopy initialization/startup specifics. * This method must be called when initializing anything that is * Snoopy-based. This is especially true for thread-safe Snoopy builds. * * Params: * (none) * * Return: * void */ void snoopy_init () { #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED snoopy_tsrm_ctor(); #endif snoopy_configuration_ctor(); snoopy_inputdatastorage_ctor(); } /* * snoopy_cleanup * * Description: * Handles all Snoopy deinitialization/shutdown specifics * * Params: * (none) * * Return: * void */ void snoopy_cleanup () { /* Reverse order from ctor */ snoopy_inputdatastorage_dtor(); snoopy_configuration_dtor(); #ifdef SNOOPY_CONF_THREAD_SAFETY_ENABLED snoopy_tsrm_dtor(); #endif } /* * snoopy_string_append * * Description: * Appends content to the end of string, watching for * buffer overrun. * * Params: * destString: string container to append to * appendThis: content to append to destString * destStringMaxLength: maximum length of dest string, including \0 * * Return: * void */ void snoopy_string_append ( char *destString, char *appendThis, int destStringMaxLength ) { int destStringSize = -1; int destStringSizeRemaining = -1; int appendThisSize = -1; /* Verify the limits */ destStringSize = strlen(destString); appendThisSize = strlen(appendThis); destStringSizeRemaining = destStringMaxLength - destStringSize; if (destStringSizeRemaining < appendThisSize) { snoopy_error_handler("Maximum destination string size exceeded"); } /* Copy to the destination string */ strcat(&destString[destStringSize], appendThis); } /* * snoopy_string_countChars * * Description: * Counts number of occurences of specified character in a given string. * * Params: * stringToSearch: string to look into * characterToCount: search for this character * * Return: * int Number of occurences */ int snoopy_string_countChars (const char *stringToSearch, char characterToCount) { const char *strPtr = stringToSearch; int charCount = 0; while ('\0' != *strPtr) { if (*strPtr == characterToCount) { charCount++; } strPtr++; } return charCount; } /* * snoopy_syslog_convert_facilityToInt * * Description: * Returns corresponding integer for each syslog facility, or -1 on failure. * * Params: * facilityStr Syslog facility string to convert * * Return: * int Corresponding syslog facility id, or -1 if not found */ int snoopy_syslog_convert_facilityToInt ( char *facilityStr ) { char *facilityStrAdj; int facilityInt; facilityStrAdj = facilityStr; // If there is LOG_ prefix, loose it. if ('_' == facilityStr[3]) { facilityStrAdj = &facilityStr[4]; } // Evaluate if (strcmp(facilityStrAdj, "AUTH") == 0) { facilityInt = LOG_AUTH; } else if (strcmp(facilityStrAdj, "AUTHPRIV") == 0) { facilityInt = LOG_AUTHPRIV; } else if (strcmp(facilityStrAdj, "CRON") == 0) { facilityInt = LOG_CRON; } else if (strcmp(facilityStrAdj, "DAEMON") == 0) { facilityInt = LOG_DAEMON; } else if (strcmp(facilityStrAdj, "FTP") == 0) { facilityInt = LOG_FTP; } else if (strcmp(facilityStrAdj, "KERN") == 0) { facilityInt = LOG_KERN; } else if (strcmp(facilityStrAdj, "LOCAL0") == 0) { facilityInt = LOG_LOCAL0; } else if (strcmp(facilityStrAdj, "LOCAL1") == 0) { facilityInt = LOG_LOCAL1; } else if (strcmp(facilityStrAdj, "LOCAL2") == 0) { facilityInt = LOG_LOCAL2; } else if (strcmp(facilityStrAdj, "LOCAL3") == 0) { facilityInt = LOG_LOCAL3; } else if (strcmp(facilityStrAdj, "LOCAL4") == 0) { facilityInt = LOG_LOCAL4; } else if (strcmp(facilityStrAdj, "LOCAL5") == 0) { facilityInt = LOG_LOCAL5; } else if (strcmp(facilityStrAdj, "LOCAL6") == 0) { facilityInt = LOG_LOCAL6; } else if (strcmp(facilityStrAdj, "LOCAL7") == 0) { facilityInt = LOG_LOCAL7; } else if (strcmp(facilityStrAdj, "LPR") == 0) { facilityInt = LOG_LPR; } else if (strcmp(facilityStrAdj, "MAIL") == 0) { facilityInt = LOG_MAIL; } else if (strcmp(facilityStrAdj, "NEWS") == 0) { facilityInt = LOG_NEWS; } else if (strcmp(facilityStrAdj, "SYSLOG") == 0) { facilityInt = LOG_SYSLOG; } else if (strcmp(facilityStrAdj, "USER") == 0) { facilityInt = LOG_USER; } else if (strcmp(facilityStrAdj, "UUCP") == 0) { facilityInt = LOG_UUCP; } else { facilityInt = -1; } return facilityInt; } /* * snoopy_syslog_convert_facilityToStr * * Description: * Convert syslog facility from integer code to corresponding string. * * Params: * facilityInt Syslog facility to convert * * Return: * const char* Corresponding syslog facility string */ const char* snoopy_syslog_convert_facilityToStr ( int facilityInt ) { char *facilityStr; // Evaluate and set return value if (LOG_AUTH == facilityInt) { facilityStr = "AUTH"; } else if (LOG_AUTHPRIV == facilityInt) { facilityStr = "AUTHPRIV"; } else if (LOG_CRON == facilityInt) { facilityStr = "CRON"; } else if (LOG_DAEMON == facilityInt) { facilityStr = "DAEMON"; } else if (LOG_FTP == facilityInt) { facilityStr = "FTP"; } else if (LOG_KERN == facilityInt) { facilityStr = "KERN"; } else if (LOG_LOCAL0 == facilityInt) { facilityStr = "LOCAL0"; } else if (LOG_LOCAL1 == facilityInt) { facilityStr = "LOCAL1"; } else if (LOG_LOCAL2 == facilityInt) { facilityStr = "LOCAL2"; } else if (LOG_LOCAL3 == facilityInt) { facilityStr = "LOCAL3"; } else if (LOG_LOCAL4 == facilityInt) { facilityStr = "LOCAL4"; } else if (LOG_LOCAL5 == facilityInt) { facilityStr = "LOCAL5"; } else if (LOG_LOCAL6 == facilityInt) { facilityStr = "LOCAL6"; } else if (LOG_LOCAL7 == facilityInt) { facilityStr = "LOCAL7"; } else if (LOG_LPR == facilityInt) { facilityStr = "LPR"; } else if (LOG_MAIL == facilityInt) { facilityStr = "MAIL"; } else if (LOG_NEWS == facilityInt) { facilityStr = "NEWS"; } else if (LOG_SYSLOG == facilityInt) { facilityStr = "SYSLOG"; } else if (LOG_USER == facilityInt) { facilityStr = "USER"; } else if (LOG_UUCP == facilityInt) { facilityStr = "UUCP"; } else { facilityStr = "(invalid)"; } return facilityStr; } /* * snoopy_syslog_convert_levelToInt * * Description: * Returns corresponding integer for each syslog level, or -1 on failure. * * Params: * levelStr Syslog level string to convert * * Return: * int Corresponding syslog level id, or -1 if not found */ int snoopy_syslog_convert_levelToInt ( char *levelStr ) { char *levelStrAdj; int levelInt; levelStrAdj = levelStr; // If there is LOG_ prefix, loose it. if ('_' == levelStr[3]) { levelStrAdj = &levelStr[4]; } // Evaluate and set return value if (strcmp(levelStrAdj, "EMERG") == 0) { levelInt = LOG_EMERG; } else if (strcmp(levelStrAdj, "ALERT") == 0) { levelInt = LOG_ALERT; } else if (strcmp(levelStrAdj, "CRIT") == 0) { levelInt = LOG_CRIT; } else if (strcmp(levelStrAdj, "ERR") == 0) { levelInt = LOG_ERR; } else if (strcmp(levelStrAdj, "WARNING") == 0) { levelInt = LOG_WARNING; } else if (strcmp(levelStrAdj, "NOTICE") == 0) { levelInt = LOG_NOTICE; } else if (strcmp(levelStrAdj, "INFO") == 0) { levelInt = LOG_INFO; } else if (strcmp(levelStrAdj, "DEBUG") == 0) { levelInt = LOG_DEBUG; } else { levelInt = SNOOPY_SYSLOG_LEVEL; } return levelInt; } /* * snoopy_syslog_convert_levelToStr * * Description: * Convert syslog level from integer code to corresponding string. * * Params: * levelInt Syslog level to convert * * Return: * const char* Corresponding syslog facility string */ const char* snoopy_syslog_convert_levelToStr ( int levelInt ) { char *levelStr; // Evaluate and set return value if (LOG_EMERG == levelInt) { levelStr = "EMERG"; } else if (LOG_ALERT == levelInt) { levelStr = "ALERT"; } else if (LOG_CRIT == levelInt) { levelStr = "CRIT"; } else if (LOG_ERR == levelInt) { levelStr = "ERR"; } else if (LOG_WARNING == levelInt) { levelStr = "WARNING"; } else if (LOG_NOTICE == levelInt) { levelStr = "NOTICE"; } else if (LOG_INFO == levelInt) { levelStr = "INFO"; } else if (LOG_DEBUG == levelInt) { levelStr = "DEBUG"; } else { levelStr = "(invalid)"; } return levelStr; } snoopy-snoopy-2.4.6/src/misc.h000066400000000000000000000025661276626320200163110ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: misc.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Init/shutdown functions */ void snoopy_init (); void snoopy_cleanup (); /* * String functions */ void snoopy_string_append (char *destString, char *appendThis, int destStringMaxLength); int snoopy_string_countChars (const char *stringToSearch, char characterToCount); /* * Syslog functions */ int snoopy_syslog_convert_facilityToInt (char *facilityStr); const char* snoopy_syslog_convert_facilityToStr (int facilityInt); int snoopy_syslog_convert_levelToInt (char *levelStr); const char* snoopy_syslog_convert_levelToStr (int levelInt); snoopy-snoopy-2.4.6/src/output/000077500000000000000000000000001276626320200165345ustar00rootroot00000000000000snoopy-snoopy-2.4.6/src/output/Makefile.am000066400000000000000000000027401276626320200205730ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Include # AM_CFLAGS += -I$(top_srcdir)/src ### Create one library with all Snoopy outputs collected in it # noinst_LTLIBRARIES = libsnoopy_outputs_all.la ### Filter collection is made of the following files # # Please maintain alphabetical order, equal to what `ls` would do. # libsnoopy_outputs_all_la_SOURCES = \ noopoutput.c \ noopoutput.h # Output: devlog # if OUTPUT_ENABLED_devlog libsnoopy_outputs_all_la_SOURCES += \ devlogoutput.c \ devlogoutput.h endif # Output: devnull # if OUTPUT_ENABLED_devnull libsnoopy_outputs_all_la_SOURCES += \ devnulloutput.c \ devnulloutput.h endif # Output: devtty # if OUTPUT_ENABLED_devtty libsnoopy_outputs_all_la_SOURCES += \ devttyoutput.c \ devttyoutput.h endif # Output: file # if OUTPUT_ENABLED_file libsnoopy_outputs_all_la_SOURCES += \ fileoutput.c \ fileoutput.h endif # Output: socket # # This one is always enabled, unconditionally # libsnoopy_outputs_all_la_SOURCES += \ socketoutput.c \ socketoutput.h # Output: stderr # if OUTPUT_ENABLED_stderr libsnoopy_outputs_all_la_SOURCES += \ stderroutput.c \ stderroutput.h endif # Output: stdout # if OUTPUT_ENABLED_stdout libsnoopy_outputs_all_la_SOURCES += \ stdoutoutput.c \ stdoutoutput.h endif # Output: syslog # if OUTPUT_ENABLED_syslog libsnoopy_outputs_all_la_SOURCES += \ syslogoutput.c \ syslogoutput.h endif snoopy-snoopy-2.4.6/src/output/devlogoutput.c000066400000000000000000000044431276626320200214460ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/devlogoutput.c * * Copyright (c) 2014-2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "devlogoutput.h" #include "snoopy.h" #include "configuration.h" #include "output/socketoutput.h" #include #include //#include /* * SNOOPY OUTPUT: devlogoutput * * Description: * Sends given message directly to /dev/log socket, without using syslog() syscall * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_devlogoutput (char const * const logMessage, int errorOrMessage, char const * const arg) { char *logMessageWithPrefix = NULL; int retVal; snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); /* Generate final message - add prefix which is otherwise added by syslog() syscall */ logMessageWithPrefix = malloc(SNOOPY_LOG_MESSAGE_MAX_SIZE + 100); // +100 ought to be enough logMessageWithPrefix[0] = '\0'; sprintf(logMessageWithPrefix, "<%d>%s[%d]: %s", CFG->syslog_facility | CFG->syslog_level, CFG->syslog_ident, getpid(), logMessage ); /* Pass execution to another output provider */ retVal = snoopy_output_socketoutput(logMessageWithPrefix, errorOrMessage, "/dev/log"); /* Housekeeping */ free(logMessageWithPrefix); return retVal; } snoopy-snoopy-2.4.6/src/output/devlogoutput.h000066400000000000000000000017401276626320200214500ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/devlogoutput.h * * Copyright (c) 2014-2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: directly to /dev/log */ int snoopy_output_devlogoutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/devnulloutput.c000066400000000000000000000027131276626320200216350ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/devnulloutput.c * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "devnulloutput.h" #include "output/fileoutput.h" /* * SNOOPY OUTPUT: devnulloutput * * Description: * Sends given message directly to /dev/null * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_devnulloutput (char const * const logMessage, int errorOrMessage, char const * const arg) { return snoopy_output_fileoutput(logMessage, errorOrMessage, "/dev/null"); } snoopy-snoopy-2.4.6/src/output/devnulloutput.h000066400000000000000000000017351276626320200216450ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/devnulloutput.h * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: directly to /dev/tty */ int snoopy_output_devnulloutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/devttyoutput.c000066400000000000000000000027121276626320200215020ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/devttyoutput.c * * Copyright (c) 2014-2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "devttyoutput.h" #include "output/fileoutput.h" /* * SNOOPY OUTPUT: devttyoutput * * Description: * Sends given message directly to /dev/tty * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_devttyoutput (char const * const logMessage, int errorOrMessage, char const * const arg) { return snoopy_output_fileoutput(logMessage, errorOrMessage, "/dev/tty"); } snoopy-snoopy-2.4.6/src/output/devttyoutput.h000066400000000000000000000017401276626320200215070ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/devttyoutput.h * * Copyright (c) 2014-2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: directly to /dev/tty */ int snoopy_output_devttyoutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/fileoutput.c000066400000000000000000000037011276626320200211010ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/fileoutput.c * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global (local, this-subsystem, snoopy.h, other-subsystems, global) */ #include "fileoutput.h" #include "snoopy.h" #include "configuration.h" #include #include #include /* * SNOOPY OUTPUT: fileoutput (called like this because is system library * * Description: * Sends given message to socket * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_fileoutput (char const * const logMessage, int errorOrMessage, char const * const arg) { FILE *fp; int charCount; // Check if output file is properly configured if (0 == strcmp(arg, "")) { return SNOOPY_OUTPUT_FAILURE; } // Try to open file in append mode fp = fopen(arg, "a"); if (NULL == fp) { return SNOOPY_OUTPUT_FAILURE; } // Try to print to file charCount = fprintf(fp, "%s\n", logMessage); fclose(fp); return charCount; } snoopy-snoopy-2.4.6/src/output/fileoutput.h000066400000000000000000000017311276626320200211070ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/fileoutput.h * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: write directly to file */ int snoopy_output_fileoutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/noopoutput.c000066400000000000000000000024311276626320200211340ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/noopoutput.c * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "noopoutput.h" /* * SNOOPY OUTPUT: noopoutput * * Description: * Does nothing. * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: 0 */ int snoopy_output_noopoutput (char const * const logMessage, int errorOrMessage, char const * const arg) { return 0; } snoopy-snoopy-2.4.6/src/output/noopoutput.h000066400000000000000000000017071276626320200211460ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/noopoutput.h * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: noop */ int snoopy_output_noopoutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/socketoutput.c000066400000000000000000000056221276626320200214560ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/socketoutput.c * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "socketoutput.h" #include "snoopy.h" #include "configuration.h" #include #include #include #include #include #include #include /* * SNOOPY OUTPUT: socketoutput (called like this because is system library) * * Description: * Sends given message to socket * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_socketoutput (char const * const logMessage, int errorOrMessage, char const * const arg) { int s; struct sockaddr_un remote; int remoteLength; /* Dispatch only if non-zero size */ if (0 == strlen(logMessage)) { return SNOOPY_OUTPUT_GRACEFUL_DISCARD; } #if (defined(__GLIBC__) && (2 == __GLIBC__) && (__GLIBC_MINOR__ < 9)) /* Prepare socket - non-blocking sockets are not supported on older glibc */ if ((s = socket(AF_LOCAL, SOCK_DGRAM, 0)) == -1) { #else /* Prepare socket - NON BLOCKING (systemd blocks /dev/log if journald is not running) */ if ((s = socket(AF_LOCAL, SOCK_DGRAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0)) == -1) { #endif return SNOOPY_OUTPUT_FAILURE; } remote.sun_family = AF_LOCAL; strncpy(remote.sun_path, arg, 107); // Coverity suggests -1 here if (strlen(arg) > 107) { remote.sun_path[107] = '\0'; } remoteLength = strlen(remote.sun_path) + sizeof(remote.sun_family); if (connect(s, (struct sockaddr *)&remote, remoteLength) == -1) { close(s); return SNOOPY_OUTPUT_FAILURE; } /* Send message - returns -1 on error, chars sent on success */ if (send(s, logMessage, strlen(logMessage), MSG_DONTWAIT|MSG_NOSIGNAL) == -1) { close(s); return SNOOPY_OUTPUT_FAILURE; } /* Return success status */ close(s); return strlen(logMessage); } snoopy-snoopy-2.4.6/src/output/socketoutput.h000066400000000000000000000017151276626320200214620ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/socketoutput.h * * Copyright (c) 2014 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: socket */ int snoopy_output_socketoutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/stderroutput.c000066400000000000000000000026211276626320200214650ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/stderroutput.c * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "stderroutput.h" #include /* * SNOOPY OUTPUT: stderroutput * * Description: * Sends given message to STDERR * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_stderroutput (char const * const logMessage, int errorOrMessage, char const * const arg) { return fprintf(stderr, "%s\n", logMessage); } snoopy-snoopy-2.4.6/src/output/stderroutput.h000066400000000000000000000017261276626320200214770ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/stderroutput.h * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: write to stderr */ int snoopy_output_stderroutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/stdoutoutput.c000066400000000000000000000026211276626320200215040ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/stdoutoutput.c * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "stdoutoutput.h" #include /* * SNOOPY OUTPUT: stdoutoutput * * Description: * Sends given message to STDOUT * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_stdoutoutput (char const * const logMessage, int errorOrMessage, char const * const arg) { return fprintf(stdout, "%s\n", logMessage); } snoopy-snoopy-2.4.6/src/output/stdoutoutput.h000066400000000000000000000017261276626320200215160ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/stdoutoutput.h * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: write to stdout */ int snoopy_output_stdoutoutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/output/syslogoutput.c000066400000000000000000000042441276626320200215050ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/syslogoutput.c * * Copyright (c) 2015 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "syslogoutput.h" #include "snoopy.h" #include "configuration.h" #include #include #include #include #include #include /* * SNOOPY OUTPUT: syslogouput (called like this because is system library * * Description: * Sends given message to syslog * * Params: * message: message to send * errOrMsg: is message and error message or ordinary Snoopy log message * arg: output argument(s) * * Return: * int: See snoopy.h (SNOOPY_OUTPUT_*) for details. */ int snoopy_output_syslogoutput (char const * const logMessage, int errorOrMessage, char const * const arg) { snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); /* Dispatch only if non-zero size */ if (0 == strlen(logMessage)) { return SNOOPY_OUTPUT_GRACEFUL_DISCARD; } /* Prepare logging stuff */ openlog(CFG->syslog_ident, LOG_PID, CFG->syslog_facility); /* Log error or ordinary message */ if (SNOOPY_LOG_ERROR == errorOrMessage) { syslog(LOG_ERR, "ERROR: %s", logMessage); } else { syslog(CFG->syslog_level, "%s", logMessage); } /* Close the syslog file descriptor */ closelog(); return strlen(logMessage); } snoopy-snoopy-2.4.6/src/output/syslogoutput.h000066400000000000000000000017151276626320200215120ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy/output/syslogoutput.h * * Copyright (c) 2014 Bostjan Skufca (bostjan _A_T_ a2o.si) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * SNOOPY OUTPUT: syslog */ int snoopy_output_syslogoutput (char const * const logMessage, int errorOrMessage, char const * const arg); snoopy-snoopy-2.4.6/src/outputregistry.c000066400000000000000000000137561276626320200205050ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: outputregistry.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "outputregistry.h" #include "snoopy.h" #include "configuration.h" #include "genericregistry.h" #include /* * Include headers of all output functions * * Please maintain alphabetical order, equal to what `ls` would do. */ #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devlog #include "output/devlogoutput.h" #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devnull #include "output/devnulloutput.h" #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devtty #include "output/devttyoutput.h" #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_file #include "output/fileoutput.h" #endif //#ifdef SNOOPY_CONF_OUTPUT_ENABLED_journald //#include "output/journaldoutput.h" //#endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_socket #include "output/socketoutput.h" #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_stderr #include "output/stderroutput.h" #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_stdout #include "output/stdoutoutput.h" #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_syslog #include "output/syslogoutput.h" #endif /* This prevents "ISO C forbids empty initializer braces" error */ #include "output/noopoutput.h" /* * Two arrays holding data about output functions * * Please maintain alphabetical order, equal to what `ls` would do. */ char *snoopy_outputregistry_names[] = { #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devlog "devlog", #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devnull "devnull", #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devtty "devtty", #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_file "file", #endif //#ifdef SNOOPY_CONF_OUTPUT_ENABLED_journald // "journald", //#endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_socket "socket", #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_stderr "stderr", #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_stdout "stdout", #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_syslog "syslog", #endif /* This prevents "ISO C forbids empty initializer braces" error */ "noop", "", }; int (*snoopy_outputregistry_ptrs []) (char const * const logMessage, int errorOrMessage, char const * const arg) = { #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devlog snoopy_output_devlogoutput, #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devnull snoopy_output_devnulloutput, #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_devtty snoopy_output_devttyoutput, #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_file snoopy_output_fileoutput, #endif //#ifdef SNOOPY_CONF_OUTPUT_ENABLED_journald // snoopy_output_journaldoutput, //#endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_socket snoopy_output_socketoutput, #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_stderr snoopy_output_stderroutput, #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_stdout snoopy_output_stdoutoutput, #endif #ifdef SNOOPY_CONF_OUTPUT_ENABLED_syslog snoopy_output_syslogoutput, #endif /* This prevents "ISO C forbids empty initializer braces" error */ snoopy_output_noopoutput, }; /* * getCount() * * Return number of available outputs */ int snoopy_outputregistry_getCount () { return snoopy_genericregistry_getCount(snoopy_outputregistry_names); } /* * doesIdExist() * * Return true if output exists (by id), otherwise return false */ int snoopy_outputregistry_doesIdExist (int outputId) { return snoopy_genericregistry_doesIdExist(snoopy_outputregistry_names, outputId); } /* * doesNameExist() * * Return true if output exists (by name), otherwise return false */ int snoopy_outputregistry_doesNameExist (char const * const outputName) { return snoopy_genericregistry_doesNameExist(snoopy_outputregistry_names, outputName); } /* * getIdFromName() * * Return index of given output, or -1 if not found */ int snoopy_outputregistry_getIdFromName (char const * const outputName) { return snoopy_genericregistry_getIdFromName(snoopy_outputregistry_names, outputName); } /* * getName() * * Return name of given output, or NULL */ char* snoopy_outputregistry_getName (int outputId) { return snoopy_genericregistry_getName(snoopy_outputregistry_names, outputId); } /* * callById() * * Call the given output by id and return its output */ int snoopy_outputregistry_callById (int outputId, char const * const logMessage, int errorOrMessage, char const * const outputArg) { if (SNOOPY_FALSE == snoopy_outputregistry_doesIdExist(outputId)) { return -1; } return snoopy_outputregistry_ptrs[outputId](logMessage, errorOrMessage, outputArg); } /* * callByName() * * Call the given output by name and return its output */ int snoopy_outputregistry_callByName (char const * const outputName, char const * const logMessage, int errorOrMessage, char const * const outputArg) { int outputId; outputId = snoopy_outputregistry_getIdFromName(outputName); if (outputId == -1) { return -1; } return snoopy_outputregistry_ptrs[outputId](logMessage, errorOrMessage, outputArg); } /* * dispatch() * * Dispatch the message to configured outputProvider */ int snoopy_outputregistry_dispatch (char const * const logMessage, int errorOrMessage) { snoopy_configuration_t *CFG; /* Get config pointer */ CFG = snoopy_configuration_get(); /* Dispatch */ return snoopy_outputregistry_callByName(CFG->output, logMessage, errorOrMessage, CFG->output_arg); } snoopy-snoopy-2.4.6/src/outputregistry.h000066400000000000000000000031321276626320200204750ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: outputregistry.h * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Functions to manage and utilise outputs */ int snoopy_outputregistry_getCount (); int snoopy_outputregistry_doesIdExist (int outputId); int snoopy_outputregistry_doesNameExist (char const * const outputName); int snoopy_outputregistry_getIdFromName (char const * const outputName); char* snoopy_outputregistry_getName (int outputId); int snoopy_outputregistry_callById (int outputId, char const * const logMessage, int errorOrMessage, char const * const outputArg); int snoopy_outputregistry_callByName (char const * const outputName, char const * const logMessage, int errorOrMessage, char const * const outputArg); int snoopy_outputregistry_dispatch (char const * const logMessage, int errorOrMessage); snoopy-snoopy-2.4.6/src/parser.c000066400000000000000000000063311276626320200166370ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: parser.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include "parser.h" #include "misc.h" #include #include /* * snoopy_parser_argList_csv * * Description: * Parses comma-separated list of arguments in an array of char pointers. * Last array entry contains only '\0' character. * * NOTE 1: argListRaw will be modified (commas will be replaced with \0s, * argListParsed array will contain pointers to parts of this newly * mangled argListRaw. * NOTE 2: argListParsed is malloc()-ed and must be freed afterwards. * * Params: * char* * * Return: * char* Number of arguments parsed out. */ int snoopy_parser_argList_csv (char *argListRaw, char ***argListParsed) { int commaCount; int argCount; char **argListParsedPtr; int argListRaw_charCount; // excluding trailing \0 char *argListRaw_pos; char *nextCommaPtr; int i; // Get size of raw argument list argListRaw_charCount = strlen(argListRaw); // Allocate memory for array of string pointers: // - 1st +1 is because of common sense (X commas =~ X-1 arguments) // - 2nd +1 is for "" at the end or array commaCount = snoopy_string_countChars(argListRaw, ','); argCount = commaCount + 1; argListParsedPtr = malloc(sizeof(char*) * (argCount+1)); // Initial assignment if (0 == argListRaw_charCount) { // Argument list is empty, assign nothing, keep argCount down argCount = 0; i = 0; } else { // Assign initial pointer, to beginning of character array // This might be the only argument if no comma was found. argListParsedPtr[0] = argListRaw; i = 1; } // Parse for commas, changing commas into '\0' characters and assigning pointers // Optimize: do not count characters 2 times (1st in snoopy_string_charCount() function) if (commaCount > 0 ) { argListRaw_pos = argListRaw; while (NULL != (nextCommaPtr = strchr(argListRaw_pos, ','))) { *nextCommaPtr = '\0'; argListRaw_pos = nextCommaPtr+1; argListParsedPtr[i] = argListRaw_pos; i++; } } // Assign last pointer - must point to terminating null character argListParsedPtr[i] = argListRaw + argListRaw_charCount+1; *argListParsed = argListParsedPtr; return argCount; } snoopy-snoopy-2.4.6/src/parser.h000066400000000000000000000016131276626320200166420ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: parser.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Parser functions */ int snoopy_parser_argList_csv (char *argListRaw, char ***argListParsed); snoopy-snoopy-2.4.6/src/snoopy.h000066400000000000000000000146541276626320200167060ustar00rootroot00000000000000/* * SNOOPY LOGGER * * snoopy.h * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /** * Include all required system headers */ /* This should generaly be done wherever unistd.h is required. */ /* But sysconf is needed here, and all files include snoopy.h. */ /* Needed to get getpgid and getsid on older glibc */ /* This must be the first file to be included, or implicit inclusion * (by i.e. ) does the wrong thing */ #ifdef _XOPEN_SOURCE #undef _XOPEN_SOURCE #endif #define _XOPEN_SOURCE 500 #include /* Needed for GLIBC macros here */ #include /* Needed for syslog defaults */ #include /* Needed for _SC_ARG_MAX constant */ /** * Include ./configured constants * * At least must be included before including this file, as * LOG_... constants are needed. */ #include "config.h" /** * SNOOPY_MAX_ARG_LENGTH * * Maximum length of arguments passed to execv(e) functions */ #define SNOOPY_SYSCONF_ARG_MAX ((-1 == sysconf(_SC_ARG_MAX)) ? 4096 : sysconf(_SC_ARG_MAX)) /** * SNOOPY_DATASOURCE_ARG_MAX_SIZE * * Maximum length of a string argument to each data source */ #define SNOOPY_DATASOURCE_ARG_MAX_SIZE 1024 /** * SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE * * Maximum length of a string returned from any data source function, * including terminating null character. */ #define SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE 1024 /** * SNOOPY_DATASOURCE_(SUCCESS|FAILURE|...) * * Datasource results */ #define SNOOPY_DATASOURCE_SUCCESS 1 #define SNOOPY_DATASOURCE_FAILURE -1 #define SNOOPY_DATASOURCE_SUCCEEDED(retVal) (retVal >= 0) #define SNOOPY_DATASOURCE_FAILED(retVal) (retVal < 0) /** * SNOOPY_FILTER_CHAIN_MAX_SIZE * * Maximum length of filter chain definition */ #define SNOOPY_FILTER_CHAIN_MAX_SIZE 4096 /** * SNOOPY_FILTER_NAME_MAX_SIZE * * Maximum length of each filter name */ #define SNOOPY_FILTER_NAME_MAX_SIZE 1024 /** * SNOOPY_FILTER_ARG_MAX_SIZE * * Maximum length of a string argument to each filter */ #define SNOOPY_FILTER_ARG_MAX_SIZE 1024 /** * SNOOPY_LOG_MESSAGE_MAX_SIZE * * Maximum length of single (whole) log message, * including terminating null character. */ #define SNOOPY_LOG_MESSAGE_MAX_SIZE 16383 /** * SNOOPY_LOG_MESSAGE_FORMAT_default * * Default format of Snoopy log message */ #define SNOOPY_VERSION PACKAGE_VERSION /** * SNOOPY_MESSAGE_FORMAT * * Actual message format to use, unless configured otherwise in config file. * For format specification consult comments in etc/snoopy.ini. */ #define SNOOPY_MESSAGE_FORMAT SNOOPY_CONF_MESSAGE_FORMAT /** * SNOOPY_TRUE * SNOOPY_FALSE */ #define SNOOPY_TRUE 1 #define SNOOPY_FALSE 0 /** * SNOOPY_LOG_ERROR * SNOOPY_LOG_MESSAGE */ #define SNOOPY_LOG_ERROR 1 #define SNOOPY_LOG_MESSAGE 2 /** * Filter return values * * SNOOPY_FILTER_PASS - message should be passed on * SNOOPY_FILTER_DROP - message should be dropped */ #define SNOOPY_FILTER_PASS 1 #define SNOOPY_FILTER_DROP 0 /** * SNOOPY_FILTERING_ENABLED * * Whether filtering is enabled or not */ #ifdef SNOOPY_CONF_FILTERING_ENABLED #define SNOOPY_FILTERING_ENABLED 1 #endif /** * SNOOPY_FILTER_CHAIN * * Actual filter chain specification to use * * Filter chain format: * - example: filter1; filter2; filter3:arg1; filter3:arg2 * - you may pass argument to filter by suffixing it with :arg * - spaces are ignored */ #ifdef SNOOPY_FILTERING_ENABLED #define SNOOPY_FILTER_CHAIN SNOOPY_CONF_FILTER_CHAIN #endif /** * SNOOPY_CONFIGFILE_* * * Path to INI configuration file, if enabled * * If configuration file is enabled, this constant is defined * and holds absolute path to it */ #ifdef SNOOPY_CONF_CONFIGFILE_ENABLED #define SNOOPY_CONFIGFILE_ENABLED 1 #define SNOOPY_CONFIGFILE_PATH SNOOPY_CONF_CONFIGFILE_PATH #endif /** * SNOOPY_OUTPUT * * Where is the outlet of Snoopy messages * * By default, messages get sent to syslog. Groundwork for other outputs * is provided to facilitate unforseen uses. */ #ifdef SNOOPY_CONF_OUTPUT_DEFAULT #define SNOOPY_OUTPUT_DEFAULT SNOOPY_CONF_OUTPUT_DEFAULT #define SNOOPY_OUTPUT_DEFAULT_ARG SNOOPY_CONF_OUTPUT_DEFAULT_ARG #else /* SNOOPY_CONF_OUTPUT_DEFAULT */ #if (defined(__GLIBC__) && (2 == __GLIBC__) && (__GLIBC_MINOR__ < 9)) /* Use 'syslog' on older linuxes that od not support SOCK_CLOEXEC and SOCK_NONBLOCK */ #define SNOOPY_OUTPUT_DEFAULT "syslog" #else /* Otherwise do not use 'syslog' (was default before), because systemd is funny (blocks the syslog() call */ #define SNOOPY_OUTPUT_DEFAULT "devlog" #endif #define SNOOPY_OUTPUT_DEFAULT_ARG "" #endif /* SNOOPY_CONF_OUTPUT_DEFAULT */ /** * Output return values/macro * * SNOOPY_OUTPUT_SUCCESS - message was sent successfully * SNOOPY_OUTPUT_FAILURE - message was NOT sent */ #define SNOOPY_OUTPUT_SUCCESS 1 #define SNOOPY_OUTPUT_GRACEFUL_DISCARD 0 #define SNOOPY_OUTPUT_FAILURE -1 #define SNOOPY_OUTPUT_SUCCEEDED(retVal) (retVal >= 0) #define SNOOPY_OUTPUT_FAILED(retVal) (retVal < 0) /** * SNOOPY_LOG_ERRORS * * Whether errors are logged or not? * * If error logging is enabled, then all errors that occur when using Snoopy * will be sent to syslog. This is to aid developers and integrators with * their endeavours. */ #ifdef SNOOPY_CONF_ERROR_LOGGING_ENABLED #define SNOOPY_ERROR_LOGGING_ENABLED SNOOPY_CONF_ERROR_LOGGING_ENABLED #endif /** * SNOOPY_SYSLOG_* * * Default syslog configuration settings */ #define SNOOPY_SYSLOG_FACILITY SNOOPY_CONF_SYSLOG_FACILITY #define SNOOPY_SYSLOG_IDENT SNOOPY_CONF_SYSLOG_IDENT #define SNOOPY_SYSLOG_LEVEL SNOOPY_CONF_SYSLOG_LEVEL snoopy-snoopy-2.4.6/src/tsrm.c000066400000000000000000000231531276626320200163310ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: tsrm.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #define _XOPEN_SOURCE 700 // Required by pthread_mutex_setattr #include "tsrm.h" #include "snoopy.h" #include "configuration.h" #include "inputdatastorage.h" #include "lib/liblcthw/src/list.h" #include /* * Global variables */ pthread_once_t snoopy_tsrm_init_onceControl = PTHREAD_ONCE_INIT; pthread_mutex_t snoopy_tsrm_threadRepo_mutex; pthread_mutexattr_t snoopy_tsrm_threadRepo_mutexAttr; List snoopy_tsrm_threadRepo_data = { .first = NULL, .last = NULL, .count = 0, }; List *snoopy_tsrm_threadRepo = &snoopy_tsrm_threadRepo_data; /* * Non-exported function prototypes */ void snoopy_tsrm_init (); int snoopy_tsrm_doesThreadRepoEntryExist (snoopy_tsrm_threadId_t threadId); snoopy_tsrm_threadId_t snoopy_tsrm_getCurrentThreadId (); ListNode* snoopy_tsrm_getCurrentThreadRepoEntry (); snoopy_tsrm_threadData_t* snoopy_tsrm_getCurrentThreadData (); snoopy_tsrm_threadData_t* snoopy_tsrm_createNewThreadData (snoopy_tsrm_threadId_t threadId); /* * snoopy_tsrm_ctor * * Description: * Initialize threadRepo list. * * Params: * (none) * * Return: * void */ void snoopy_tsrm_ctor () { snoopy_tsrm_threadId_t curTid; snoopy_tsrm_threadData_t *tData; // Initialize threading support pthread_once(&snoopy_tsrm_init_onceControl, snoopy_tsrm_init); // Get my thread id - before mutex, no need for mutex here curTid = snoopy_tsrm_getCurrentThreadId(); // Mutex START pthread_mutex_lock(&snoopy_tsrm_threadRepo_mutex); // Create my entry if it does not exist if (SNOOPY_FALSE == snoopy_tsrm_doesThreadRepoEntryExist(curTid)) { tData = snoopy_tsrm_createNewThreadData(curTid); List_push(snoopy_tsrm_threadRepo, tData); } // Mutex END pthread_mutex_unlock(&snoopy_tsrm_threadRepo_mutex); } /* * snoopy_tsrm_dtor * * Description: * Removes own entry from threadRepo, or removes threadRepo altogether. * * Params: * (none) * * Return: * void */ void snoopy_tsrm_dtor () { ListNode *tRepoEntry; snoopy_tsrm_threadData_t *tData; // Get my thread data structure tRepoEntry = snoopy_tsrm_getCurrentThreadRepoEntry(); if (NULL == tRepoEntry) { // This is an error condition, but let's not free NULLs below return; } // Mutex START pthread_mutex_lock(&snoopy_tsrm_threadRepo_mutex); // Remove from repo tData = List_remove(snoopy_tsrm_threadRepo, tRepoEntry); // Mutex END pthread_mutex_unlock(&snoopy_tsrm_threadRepo_mutex); // Free the results AFTER my node has been removed from repo free(tData->inputdatastorage); free(tData->configuration); free(tData); return; } /* * snoopy_tsrm_init * * Description: * Initialize threading subsystem. This function should be run * only once, by only one thread. * * Params: * (none) * * Return: * void */ void snoopy_tsrm_init () { // Initialize threadRepo mutex pthread_mutexattr_init (&snoopy_tsrm_threadRepo_mutexAttr); pthread_mutexattr_settype(&snoopy_tsrm_threadRepo_mutexAttr, PTHREAD_MUTEX_RECURSIVE); pthread_mutex_init (&snoopy_tsrm_threadRepo_mutex, &snoopy_tsrm_threadRepo_mutexAttr); } /* * snoopy_tsrm_doesThreadRepoEntryExist * * Description: * Check if thread with id threadId already has an entry in Snoopy's thread * repository. * * Params: * snoopy_tsrm_threadId_t: Thread ID to look for * * Return: * int: SNOOPY_TRUE if yes, SNOOPY_FALSE if not */ int snoopy_tsrm_doesThreadRepoEntryExist (snoopy_tsrm_threadId_t threadId) { snoopy_tsrm_threadData_t *tData; int retVal = SNOOPY_FALSE; // Mutex START pthread_mutex_lock(&snoopy_tsrm_threadRepo_mutex); LIST_FOREACH(snoopy_tsrm_threadRepo, first, next, cur) { if (NULL == cur->value) { continue; } tData = cur->value; if (0 != pthread_equal(threadId, tData->threadId)) { /* Thread ID matches */ retVal = SNOOPY_TRUE; goto FOUND; } } FOUND: // Mutex END pthread_mutex_unlock(&snoopy_tsrm_threadRepo_mutex); return retVal; } /* * snoopy_tsrm_createNewThreadData * * Description: * Mallocs space and creates new thread data structure, for given thread ID. * * Params: * snoopy_tsrm_threadId_t: Thread ID to create entry for * * Return: * snoopy_tsrm_threadData_t*: Pointer to newly-created threadData structure */ snoopy_tsrm_threadData_t* snoopy_tsrm_createNewThreadData (snoopy_tsrm_threadId_t threadId) { snoopy_tsrm_threadData_t *tData; // Allocte storage memory for new threadData structure tData = malloc(sizeof(snoopy_tsrm_threadData_t)); tData->configuration = malloc(sizeof(snoopy_configuration_t)); tData->inputdatastorage = malloc(sizeof(snoopy_inputdatastorage_t)); // Store thread ID tData->threadId = threadId; // Initialize empty values snoopy_configuration_setUninitialized (tData->configuration); snoopy_inputdatastorage_setUninitialized(tData->inputdatastorage); return tData; } /* * snoopy_tsrm_getCurrentThreadId * * Description: * Retrieve id of current thread * * Params: * (none) * * Return: * snoopy_tsrm_threadId_t: Current thread id */ snoopy_tsrm_threadId_t snoopy_tsrm_getCurrentThreadId () { return pthread_self(); } /* * snoopy_tsrm_getCurrentThreadRepoEntry * * Description: * Retrieve pointer to threadRepo list node structure of current thread. * * Params: * (none) * * Return: * ListNode*: Current threadRepo entry, or null if it does not exist */ ListNode* snoopy_tsrm_getCurrentThreadRepoEntry () { snoopy_tsrm_threadId_t myThreadId; ListNode *tRepoEntry = NULL; snoopy_tsrm_threadData_t *tData; // This is the thread ID we are looking for myThreadId = snoopy_tsrm_getCurrentThreadId(); // Mutex START pthread_mutex_lock(&snoopy_tsrm_threadRepo_mutex); LIST_FOREACH(snoopy_tsrm_threadRepo, first, next, cur) { // This should not happen, but maybe, just maybe, there is another thread // that is just creating new entry. if (NULL == cur->value) { continue; } tData = cur->value; if (0 != pthread_equal(myThreadId, tData->threadId)) { tRepoEntry = cur; goto FOUND; } } FOUND: // Mutex END pthread_mutex_unlock(&snoopy_tsrm_threadRepo_mutex); // Return return tRepoEntry; } /* * snoopy_tsrm_getCurrentThreadData * * Description: * Retrieve pointer to thread data structure of current thread. Creates * a new repo entry if it does not exist. * * Params: * (none) * * Return: * snoopy_tsrm_threadData_t: Current threadRepo list entry, or NULL */ snoopy_tsrm_threadData_t* snoopy_tsrm_getCurrentThreadData () { ListNode *tRepoEntry; tRepoEntry = snoopy_tsrm_getCurrentThreadRepoEntry(); if (NULL == tRepoEntry) { return NULL; } return tRepoEntry->value; } /* * snoopy_tsrm_get_configuration() * * Description: * Retrieve configuration array pointer for current thread. * This function is to be consumed by the rest of Snoopy. * * Params: * (none) * * Return: * snoopy_configuration_t*: Pointer to thread-specific Snoopy configuration data structure */ snoopy_configuration_t* snoopy_tsrm_get_configuration () { snoopy_tsrm_threadData_t *tData; tData = snoopy_tsrm_getCurrentThreadData(); return tData->configuration; } /* * snoopy_tsrm_get_inputdatastorage() * * Description: * Retrieve input data storage array pointer for current thread. * This function is to be consumed by the rest of Snoopy. * * Params: * (none) * * Return: * snoopy_inputdatastorage_t*: Pointer to thread-specific input data storage structure */ snoopy_inputdatastorage_t* snoopy_tsrm_get_inputdatastorage () { snoopy_tsrm_threadData_t *tData; tData = snoopy_tsrm_getCurrentThreadData(); return tData->inputdatastorage; } /* * snoopy_tsrm_get_threadCount() * * Description: * Retrieves number of currently configured threads. * * Params: * (none) * * Return: * snoopy_inputdatastorage_t*: Pointer to thread-specific input data storage structure */ int snoopy_tsrm_get_threadCount () { int threadCount; // Mutex START pthread_mutex_lock(&snoopy_tsrm_threadRepo_mutex); // Get count threadCount = snoopy_tsrm_threadRepo->count; // Mutex END pthread_mutex_unlock(&snoopy_tsrm_threadRepo_mutex); return threadCount; } snoopy-snoopy-2.4.6/src/tsrm.h000066400000000000000000000032601276626320200163330ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: tsrm.h * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * START: Prevent cyclic inclusions */ #ifndef __SNOOPY_TSRM_H #define __SNOOPY_TSRM_H /* * Includes order: from local to global */ #include "configuration.h" #include "inputdatastorage.h" #include /* * Type alias: threadId */ typedef pthread_t snoopy_tsrm_threadId_t; /* * Type: thread data struct */ typedef struct { snoopy_tsrm_threadId_t threadId; snoopy_configuration_t *configuration; snoopy_inputdatastorage_t *inputdatastorage; } snoopy_tsrm_threadData_t; /* * Init/shutdown functions */ void snoopy_tsrm_ctor (); void snoopy_tsrm_dtor (); /* * Getter functions */ snoopy_configuration_t* snoopy_tsrm_get_configuration (); snoopy_inputdatastorage_t* snoopy_tsrm_get_inputdatastorage (); int snoopy_tsrm_get_threadCount (); /* * END: Prevent cyclic inclusion */ #endif /* Cyclic inclusion */ snoopy-snoopy-2.4.6/tests/000077500000000000000000000000001276626320200155475ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/Makefile.am000066400000000000000000000011441276626320200176030ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Subdir processing order # SUBDIRS = SUBDIRS += bin if CONFIGFILE_ENABLED SUBDIRS += configfile endif SUBDIRS += datasource if FILTERING_ENABLED SUBDIRS += filter endif SUBDIRS += message SUBDIRS += output if THREAD_SAFETY_ENABLED SUBDIRS += threads endif # # Functional tests at last # if CONFIGFILE_ENABLED if DATASOURCE_ENABLED_cmdline if OUTPUT_ENABLED_file SUBDIRS += combined endif endif endif ### Include tests in distribution archive # EXTRA_DIST = _bootstrap.sh snoopy-snoopy-2.4.6/tests/_bootstrap.sh000077500000000000000000000052771276626320200202750ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u #echo ${BASH_SOURCE[1]} ### Get variables about current test # SNOOPY_CUR_TEST_PATH=`readlink -e $0` SNOOPY_CUR_TEST_DIR=`dirname $SNOOPY_CUR_TEST_PATH` SNOOPY_CUR_TEST_FILENAME=`basename $SNOOPY_CUR_TEST_PATH` SNOOPY_CUR_TEST_NAME=`echo $SNOOPY_CUR_TEST_FILENAME | sed -e 's/\.sh$//'` SNOOPY_CUR_TEST_GROUP_PATH=`dirname $SNOOPY_CUR_TEST_PATH` SNOOPY_CUR_TEST_GROUP_NAME=`basename $SNOOPY_CUR_TEST_GROUP_PATH` ### Configure paths # SNOOPY_TESTS_ROOTDIR=`dirname $SNOOPY_CUR_TEST_GROUP_PATH` # # Current working directory might not be the same, # if build is being done outside of source tree. # # Also now there is an assumption that all tests are placed in subdirs of # root tests/ directory. # # Do not use "readlink -e $THIS_FILE_PATH" - PWD differs when building outside of source dir # SNOOPY_CUR_TEST_WORKDIR=`pwd` SNOOPY_TESTS_BINDIR="$SNOOPY_CUR_TEST_WORKDIR/../bin" SNOOPY_TESTS_BIN_PREFIX="$SNOOPY_TESTS_BINDIR/snoopy-test" ### Configure paths to test helpers # export SNOOPY_TEST_CONFIGFILE="${SNOOPY_TESTS_BIN_PREFIX}-configfile" export SNOOPY_TEST_DATASOURCE="${SNOOPY_TESTS_BIN_PREFIX}-datasource" export SNOOPY_TEST_FILTER="${SNOOPY_TESTS_BIN_PREFIX}-filter" export SNOOPY_TEST_MESSAGE_FORMAT="${SNOOPY_TESTS_BIN_PREFIX}-message-format" export SNOOPY_TEST_OUTPUT="${SNOOPY_TESTS_BIN_PREFIX}-output" export SNOOPY_TEST_EXEC_IN_THREADS="${SNOOPY_TESTS_BIN_PREFIX}-exec-in-threads" export SNOOPY_TEST_THREADS="${SNOOPY_TESTS_BIN_PREFIX}-threads" export SNOOPY_LIBSNOOPY_TEST_SO_PATH="${SNOOPY_TESTS_BINDIR}/.libs/libsnoopy-test.so" ### Test run function: info output # snoopy_testRun_info() { echo "$1" } ### Result function: PASS # snoopy_testResult_pass() { echo "PASS" if [ ! -z "${1:-}" ]; then echo "$1" fi exit 0 } ### Result function: PASS # snoopy_testResult_fail() { MSG="$1" echo "FAIL" echo "$1" exit 1 } ### Result function: SKIP # snoopy_testResult_skip() { MSG="$1" echo "SKIPPED: $MSG" exit 77 } ### Comparison function: PASS # snoopy_test_compareValues() { VAL_SNOOPY="$1" VAL_REAL="$2" if [ "$VAL_SNOOPY" != "$VAL_REAL" ]; then snoopy_testResult_fail "Values do not match (snoopy=\"$VAL_SNOOPY\", real=\"$VAL_REAL\")" fi snoopy_testResult_pass } ### Data retriever: from ps # snoopy_test_getValue_fromPs() { PID="$1" FIELD="$2" COUNT=`ps -eo pid,$FIELD | grep -E "^[ ]*$PID[ ]+" -c` if [ "$COUNT" != "1" ]; then echo "ERROR: Invalid number of processes matched while looking for $FIELD" return 1 fi VALUE=`ps -eo pid,$FIELD | grep -E "^[ ]*$PID[ ]+" | head -n1 | awk '{print $2}'` echo "$VALUE" return 0 } snoopy-snoopy-2.4.6/tests/bin/000077500000000000000000000000001276626320200163175ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/bin/Makefile.am000066400000000000000000000037501276626320200203600ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Include # AM_CFLAGS += -I$(top_srcdir)/src ### Init empty program install list, but always link with given library # noinst_PROGRAMS = LDADD = ../../src/libsnoopy_no_execve.la ### Programs that are needed for testing suite # if CONFIGFILE_ENABLED noinst_PROGRAMS += snoopy-test-configfile snoopy_test_configfile_SOURCES = snoopy-test-configfile.c endif noinst_PROGRAMS += snoopy-test-datasource snoopy_test_datasource_SOURCES = snoopy-test-datasource.c if FILTERING_ENABLED noinst_PROGRAMS += snoopy-test-filter snoopy_test_filter_SOURCES = snoopy-test-filter.c endif noinst_PROGRAMS += snoopy-test-message-format snoopy_test_message_format_SOURCES = snoopy-test-message-format.c noinst_PROGRAMS += snoopy-test-output snoopy_test_output_SOURCES = snoopy-test-output.c if THREAD_SAFETY_ENABLED noinst_PROGRAMS += snoopy-test-exec-in-threads snoopy_test_exec_in_threads_SOURCES = snoopy-test-exec-in-threads.c noinst_PROGRAMS += snoopy-test-threads snoopy_test_threads_SOURCES = snoopy-test-threads.c snoopy_test_threads_LDADD = $(top_builddir)/src/libsnoopy-debug-addons.la endif ### Create test library, whole # # Exclude -pedantic from CFLAGS because casing object pointer received from # dlsym to function pointer is not allowed by ISO C. # # This library reads path to snoopy.ini from SNOOPY_INI environmental variable. # noinst_LTLIBRARIES = libsnoopy-test.la libsnoopy_test_la_SOURCES = libsnoopy-test.c libsnoopy_test_la_CFLAGS = `echo $(AM_CFLAGS) | sed -e 's/-pedantic//'` libsnoopy_test_la_LIBADD = $(top_builddir)/src/libsnoopy_no_execve.la # # This needs to be added as automake does not create shared library for # things in noinst_LTLIBRARIES. # libsnoopy_test_la_LDFLAGS = -module -rpath /nowhere snoopy-snoopy-2.4.6/tests/bin/libsnoopy-test.c000066400000000000000000000042461276626320200214640ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy.c -- execve() logging wrapper * * Copyright (c) 2000 Marius Aamodt Eriksen * Copyright (c) 2000 Mike Baker * Copyright (c) 2010-2015 Bostjan Skufca * * Part hacked on flight KL 0617, 30,000 ft or so over the Atlantic :) * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ //#include "libsnoopy-test.h" #include "snoopy.h" #include "configuration.h" #include "log.h" #include /* * Helpers to find pointer to overloaded function */ #if defined(RTLD_NEXT) # define REAL_LIBC RTLD_NEXT #else # define REAL_LIBC ((void *) -1L) #endif #define FN(ptr, type, name, args) ptr = (type (*)args)dlsym (REAL_LIBC, name) /* * Function wrapper - execv() */ int execv (const char *filename, char *const argv[]) { static int (*func)(const char *, char **); FN(func, int, "execv", (const char *, char **const)); snoopy_configuration_preinit_setConfigFilePathFromEnv(); snoopy_log_syscall_execv(filename, argv); return (*func) (filename, (char **) argv); } /* * Function wrapper - execve() */ int execve (const char *filename, char *const argv[], char *const envp[]) { static int (*func)(const char *, char **, char **); FN(func, int, "execve", (const char *, char **const, char **const)); snoopy_configuration_preinit_setConfigFilePathFromEnv(); snoopy_log_syscall_execve(filename, argv, envp); return (*func) (filename, (char**) argv, (char **) envp); } snoopy-snoopy-2.4.6/tests/bin/snoopy-test-configfile.c000066400000000000000000000076651276626320200231100ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-test-filter.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ //#include "snoopy-test-filter.h" #include "snoopy.h" #include "configuration.h" #include "inputdatastorage.h" #include "misc.h" #include #include #include /* * We do not use separate .h file here */ int main (int argc, char **argv); void displayHelp(); int fatalError(char *errorMsg); int main (int argc, char **argv) { char *iniFilePath; char *showConfigVar; snoopy_configuration_t *CFG; /* Check if all arguments are present */ if (argc < 2) { displayHelp(); return fatalError("Missing argument: path to INI config file"); } iniFilePath = argv[1]; if (argc < 3) { displayHelp(); return fatalError("Missing argument: configuration variable to display"); } showConfigVar = argv[2]; /* Check if config file exists and is readable */ if (-1 == access(iniFilePath, R_OK)) { displayHelp(); return fatalError("Unable to open/read given config file"); } /* Initialize Snoopy, which parses alternate configuration file too */ snoopy_configuration_preinit_enableAltConfigFileParsing(iniFilePath); snoopy_init(); snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); /* Get config pointer */ CFG = snoopy_configuration_get(); /* Output appropriate value */ if (0 == strcmp(showConfigVar, "message_format")) { printf("%s\n", CFG->message_format); } else if (0 == strcmp(showConfigVar, "filter_chain")) { printf("%s\n", CFG->filter_chain); } else if (0 == strcmp(showConfigVar, "output")) { printf("%s", CFG->output); if ('\0' != CFG->output_arg[0]) { printf(":%s", CFG->output_arg); } printf("\n"); } else if (0 == strcmp(showConfigVar, "syslog_facility")) { printf("%s\n", snoopy_syslog_convert_facilityToStr(CFG->syslog_facility)); } else if (0 == strcmp(showConfigVar, "syslog_ident")) { printf("%s\n", CFG->syslog_ident); } else if (0 == strcmp(showConfigVar, "syslog_level")) { printf("%s\n", snoopy_syslog_convert_levelToStr(CFG->syslog_level)); } else { return fatalError("Unknown configuration variable given"); } /* Housekeeping and return */ snoopy_cleanup(); return 0; } /* * displayHelp() * * Description: * Displays help * * Params: * (none) * * Return: * void */ void displayHelp () { printf("\n"); printf("Usage: \n"); printf(" snoopy-test-configfile PATH-TO-INI CONFIG-VARIABLE-TO-DISPLAY\n"); printf("\n"); printf("Available configfile variables:\n"); printf(" (check etc/snoopy.ini for list of supported configuration variables)\n"); printf("\n"); } /* * fatalError() * * Description: * Displays error message + help and returns non-zero exit status * * Params: * errorMsg Error message to display to user * * Return: * int Exit status to return to calling process */ int fatalError (char *errorMsg) { printf("ERROR: %s\n", errorMsg); printf("\n"); return 127; } snoopy-snoopy-2.4.6/tests/bin/snoopy-test-datasource.c000066400000000000000000000073701276626320200231260ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-test-datasource.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ //#include "snoopy-test-datasource.h" #include "snoopy.h" #include "configuration.h" #include "datasourceregistry.h" #include "inputdatastorage.h" #include "misc.h" #include #include /* * We do not use separate .h file here */ int main (int argc, char **argv); void displayHelp(); int fatalError(char *errorMsg); int main (int argc, char **argv) { char *datasourceName; char *datasourceArg; char datasourceResult[SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE]; int retVal; /* Initialize Snoopy */ snoopy_configuration_preinit_disableConfigFileParsing(); snoopy_init(); snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); /* Check if there is a data source name passed as an argument */ if (argc < 2) { displayHelp(); return fatalError("Missing argument: datasource name or '--list'"); } datasourceName = argv[1]; /* Is second argument --list? */ if (0 == strcmp(argv[1], "--list")) { /* Loop throught all data sources and just append the output */ int dCount = snoopy_datasourceregistry_getCount(); for (int i=0 ; i * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #include #include #include #include #include #include #include #define THREAD_COUNT_MAX 10000 /* * Thread data */ typedef struct { int seqNr; } tData_t; /* * We do not use separate .h file here */ int main (int argc, char **argv); void displayHelp (); int fatalError (char *errorMsg); void * threadMain (void *arg); /* * Global variables */ char **runCmdAndArgv; pthread_t tRepo[THREAD_COUNT_MAX]; int main (int argc, char **argv) { int threadsToCreate; int i; int retVal = 0; /* Check arguments and parse them */ if (argc < 2) { displayHelp(); return fatalError("Missing argument: number of threads to run"); } threadsToCreate = atoi(argv[1]); if ((threadsToCreate < 1) || (threadsToCreate > THREAD_COUNT_MAX)) { displayHelp(); return fatalError("Invalid number of threads to create (min 1, max THREAD_COUNT_MAX)"); } if (argc < 3) { displayHelp(); return fatalError("Missing argument: command to run"); } runCmdAndArgv = &argv[2]; // Create threads and run the function in them printf("M: Starting threads:\n"); for (i=0 ; iseqNr = i; printf(" M: Starting thread #%d:\n", i+1); retVal = pthread_create(&tRepo[i], NULL, &threadMain, tArgs); } printf("M: All threads started\n"); // Wait for threads to finish printf("M: Waiting for all threads to finish:\n"); for (i=0 ; iseqNr+1, tArgs->seqNr+1); // Fork pid_t pid = fork(); if (pid > 0) { // Parent printf(" t%dp: Hello from parent proc\n", tArgs->seqNr+1); int * status = 0; waitpid(pid, status, 0); printf(" t%dp: Child proc has finished\n", tArgs->seqNr+1); } else if (pid == 0) { // Child printf(" t%dc: Hello from child proc\n", tArgs->seqNr+1); // Set variables cmd = runCmdAndArgv[0]; argv = &runCmdAndArgv[0]; printf(" t%dc: running cmd %s %s\n", tArgs->seqNr+1, cmd, argv[0]); execv(cmd, argv); } else { // fork failed printf(" t%d : Fork failed!\n", tArgs->seqNr+1); } free (tArgs); return NULL; } /* * displayHelp() * * Description: * Displays help * * Params: * (none) * * Return: * void */ void displayHelp () { printf("\n"); printf("Usage: \n"); printf(" snoopy-run-threads THREAD_COUNT THREAD_EXEC_CMD [THREAD_EXEC_ARGS]\n"); printf("\n"); } /* * fatalError() * * Description: * Displays error message + help and returns non-zero exit status * * Params: * errorMsg Error message to display to user * * Return: * int Exit status to return to calling process */ int fatalError (char *errorMsg) { printf("ERROR: %s\n", errorMsg); printf("\n"); return 127; } snoopy-snoopy-2.4.6/tests/bin/snoopy-test-filter.c000066400000000000000000000064711276626320200222620ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-test-filter.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ //#include "snoopy-test-filter.h" #include "snoopy.h" #include "configuration.h" #include "filterregistry.h" #include "inputdatastorage.h" #include "misc.h" #include /* * We do not use separate .h file here */ int main (int argc, char **argv); void displayHelp(); int fatalError(char *errorMsg); int main (int argc, char **argv) { char *message; char *filterName; char *filterArg; int filterResult; /* Initialize Snoopy */ snoopy_configuration_preinit_disableConfigFileParsing(); snoopy_init(); snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); /* Check if all arguments are present */ if (argc < 2) { displayHelp(); return fatalError("Missing argument: log message"); } message = argv[1]; if (argc < 3) { displayHelp(); return fatalError("Missing argument: filter name"); } filterName = argv[2]; /* Is there an argument for this data source */ if (3 < argc) { filterArg = argv[3]; } else { filterArg = ""; } /* Check if what we got is a valid filter name */ if (SNOOPY_FALSE == snoopy_filterregistry_doesNameExist(filterName)) { displayHelp(); return fatalError("Invalid filter name given"); } /* Call the filter */ filterResult = snoopy_filterregistry_callByName(filterName, message, filterArg); /* Housekeeping */ snoopy_cleanup(); /* Display and return */ if (SNOOPY_FILTER_PASS == filterResult) { printf("PASS\n"); return 0; } else { printf("DROP\n"); return 1; } } /* * displayHelp() * * Description: * Displays help * * Params: * (none) * * Return: * void */ void displayHelp () { printf("\n"); printf("Usage: \n"); printf(" snoopy-test-filter LOG_MESSAGE FILTER [FILTER_ARG]\n"); printf("\n"); printf("Available filters:\n"); int fCount = snoopy_filterregistry_getCount(); for (int i=0 ; i * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ //#include "snoopy-test-message-format.h" #include "snoopy.h" #include "configuration.h" #include "inputdatastorage.h" #include "message.h" #include "misc.h" #include #include /* * We do not use separate .h file here */ int main (int argc, char **argv); void displayHelp(); int fatalError(char *errorMsg); int main (int argc, char **argv) { char *messageFormat; char *message; /* Initialize Snoopy */ snoopy_configuration_preinit_disableConfigFileParsing(); snoopy_init(); snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); /* Check if all arguments are present */ if (argc < 2) { displayHelp(); return fatalError("Missing argument: message format"); } messageFormat = argv[1]; /* Initialize message */ message = malloc(SNOOPY_LOG_MESSAGE_MAX_SIZE); message[0] = '\0'; /* Call the filter */ snoopy_message_generateFromFormat(message, messageFormat); /* Display result */ printf("%s\n", message); /* Housekeeping and return */ free(message); snoopy_cleanup(); return 0; } /* * displayHelp() * * Description: * Displays help * * Params: * (none) * * Return: * void */ void displayHelp () { printf("\n"); printf("Usage: \n"); printf(" snoopy-test-message-format MESSAGE_FORMAT\n"); printf("\n"); } /* * fatalError() * * Description: * Displays error message + help and returns non-zero exit status * * Params: * errorMsg Error message to display to user * * Return: * int Exit status to return to calling process */ int fatalError (char *errorMsg) { printf("ERROR: %s\n", errorMsg); printf("\n"); return 127; } snoopy-snoopy-2.4.6/tests/bin/snoopy-test-output.c000066400000000000000000000064331276626320200223330ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-test-output.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ //#include "snoopy-test-output.h" #include "snoopy.h" #include "configuration.h" #include "inputdatastorage.h" #include "misc.h" #include "outputregistry.h" #include #include /* * We do not use separate .h file here */ int main (int argc, char **argv); void displayHelp(); int fatalError(char *errorMsg); int main (int argc, char **argv) { char *message; char *outputName; char *outputArg; int retVal; /* Initialize Snoopy */ snoopy_configuration_preinit_disableConfigFileParsing(); snoopy_init(); snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); /* Check if all arguments are present */ if (argc < 2) { displayHelp(); return fatalError("Missing argument: log message"); } message = argv[1]; if (argc < 3) { displayHelp(); return fatalError("Missing argument: output name"); } outputName = argv[2]; /* Is there an argument for this data source */ if (3 < argc) { outputArg = argv[3]; } else { outputArg = ""; } /* Check if what we got is a valid output name */ if (SNOOPY_FALSE == snoopy_outputregistry_doesNameExist(outputName)) { displayHelp(); return fatalError("Invalid output name given"); } /* Dispatch message to output */ retVal = snoopy_outputregistry_callByName(outputName, message, SNOOPY_LOG_MESSAGE, outputArg); if (SNOOPY_OUTPUT_FAILED(retVal)) { return fatalError("Output failure"); } /* Housekeeping and return */ snoopy_cleanup(); return 0; } /* * displayHelp() * * Description: * Displays help * * Params: * (none) * * Return: * void */ void displayHelp () { printf("\n"); printf("Usage: \n"); printf(" snoopy-test-output LOG_MESSAGE OUTPUT [OUTPUT_ARG]\n"); printf("\n"); printf("Available outputs:\n"); int oCount = snoopy_outputregistry_getCount(); for (int i=0 ; i * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ #define _XOPEN_SOURCE 500 #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include #include #include #include #define THREAD_COUNT_MAX 10000 /* * Thread data */ typedef struct { int seqNr; } tData_t; /* * We do not use separate .h file here */ int main (int argc, char **argv); void displayHelp (); int fatalError (char *errorMsg); void * threadMain (void *arg); int randomNumberInclusive (int idMin, int idMax); /* * Global variables */ char **runCmdAndArgv; pthread_t tRepo[THREAD_COUNT_MAX]; pthread_mutex_t threadCountMutex = PTHREAD_MUTEX_INITIALIZER; int threadCountCreated = 0; // Created threads, as seen by each thread int threadCountAliveNow = 0; // Number of threads currently alive int threadCountAliveMax = 0; // Maximum number of threads alive at any one time int main (int argc, char **argv) { int threadsToCreate; int i; int retVal = 0; /* Check arguments and parse them */ if (argc < 2) { displayHelp(); return fatalError("Missing argument: number of threads to create"); } threadsToCreate = atoi(argv[1]); if ((threadsToCreate < 1) || (threadsToCreate > THREAD_COUNT_MAX)) { displayHelp(); return fatalError("Invalid number of threads to create (min 1, max THREAD_COUNT_MAX)"); } // Disable config file parsing snoopy_configuration_preinit_disableConfigFileParsing(); // Do the initial Snoopy init in main thread // - left out intentionally, let the child threads figure it out for themselves! // printf("M: Threads before initial snoopy_init(): %d\n", snoopy_tsrm_get_threadCount()); // snoopy_init(); // printf("M: Threads after initial snoopy_init(): %d\n", snoopy_tsrm_get_threadCount()); // Create threads and run the function in them printf("M: Starting threads... "); for (i=0 ; iseqNr = i; // printf(" M: Starting thread #%d:\n", i+1); retVal = pthread_create(&tRepo[i], NULL, &threadMain, tArgs); } printf("done.\n"); printf("M: Threads alive right after thread creation was completed: %d\n", threadCountAliveNow); // Sleep a bit, and get thread count, should be max // usleep(200000); // maxThreadsSeen = snoopy_tsrm_get_threadCount(); // printf("M: Threads after first sleep: %d\n", maxThreadsSeen); // Sleep a bit more for all threads to finish // usleep(200000); // printf("M: Threads after all threads are supposedly finished: %d\n", snoopy_tsrm_get_threadCount()); // Wait for threads to finish printf("M: Waiting for all threads to finish... "); for (i=0 ; iseqNr; int seqNrPub = seqNr + 1; int dsCount; int dsId; char *dsName; char *dsArg = ""; char dsResult[SNOOPY_DATASOURCE_MESSAGE_MAX_SIZE]; int retVal; // Initialize thread pthread_mutex_lock(&threadCountMutex); threadCountCreated++; threadCountAliveNow++; if (threadCountAliveNow > threadCountAliveMax) { threadCountAliveMax = threadCountAliveNow; } pthread_mutex_unlock(&threadCountMutex); // Hello the user // printf(" t%d %llu : Hello from thread #%d\n", seqNrPub, (unsigned long long)pthread_self(), seqNrPub); // Initialize Snoopy // printf(" t%d %llu : Threads before snoopy_init(): %d\n", seqNrPub, (unsigned long long)pthread_self(), snoopy_tsrm_get_threadCount()); snoopy_init(); // printf(" t%d %llu : Threads after snoopy_init(): %d\n", seqNrPub, (unsigned long long)pthread_self(), snoopy_tsrm_get_threadCount()); // Run a random snoopy datasource dsCount = snoopy_datasourceregistry_getCount(); dsId = randomNumberInclusive(0, dsCount-1); dsName = snoopy_datasourceregistry_getName(dsId); retVal = snoopy_datasourceregistry_callById(dsId, dsResult, dsArg); if (0 > retVal) { printf(" t%d %llu : Datasource %s returned negative result: %d\n", seqNrPub, (unsigned long long)pthread_self(), dsName, retVal); } else { printf(" t%d %llu : DS result: %30s = %s\n", seqNrPub, (unsigned long long)pthread_self(), dsName, dsResult); } // Retest at thread end // printf(" t%d %llu : Threads before snoopy_cleanup(): %d\n", seqNrPub, (unsigned long long)pthread_self(), snoopy_tsrm_get_threadCount()); snoopy_cleanup(); // printf(" t%d %llu : Threads after snoopy_cleanup(): %d\n", seqNrPub, (unsigned long long)pthread_self(), snoopy_tsrm_get_threadCount()); // Goodbye to user // printf(" t%d %llu : Thread exiting: #%d\n", seqNrPub, (unsigned long long)pthread_self(), seqNrPub); // Cleanup thread pthread_mutex_lock(&threadCountMutex); threadCountAliveNow--; pthread_mutex_unlock(&threadCountMutex); free (tArgs); return NULL; } /* * displayHelp() * * Description: * Displays help * * Params: * (none) * * Return: * void */ void displayHelp () { printf("\n"); printf("Usage: \n"); printf(" snoopy-test-threads THREAD_COUNT\n"); printf("\n"); } /* * fatalError() * * Description: * Displays error message + help and returns non-zero exit status * * Params: * errorMsg Error message to display to user * * Return: * int Exit status to return to calling process */ int fatalError (char *errorMsg) { printf("ERROR: %s\n", errorMsg); printf("\n"); return 127; } /* * randomNumberInclusive() * * Description: * Return random number between idMin and idMax inclusive * * Params: * * Return: * int Random number */ int randomNumberInclusive (int nMin, int nMax) { unsigned int rndSeed; int randomNr; // Seed rndSeed = (unsigned int) (pthread_self() + getpid() + syscall(SYS_gettid) + time(NULL)); srand(rndSeed); // Generate randomNr = ( rand() % (nMax - nMin + 1) ) + nMin; return randomNr; } snoopy-snoopy-2.4.6/tests/combined/000077500000000000000000000000001276626320200173275ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/combined/Makefile.am000066400000000000000000000015201276626320200213610ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Which tests to run # SCRIPT_PREFIX = combined TESTS = XFAIL_TESTS = TESTS += $(SCRIPT_PREFIX)-nofilter-1.sh TESTS += $(SCRIPT_PREFIX)-nofilter-2.sh if FILTERING_ENABLED if FILTER_ENABLED_exclude_uid TESTS += $(SCRIPT_PREFIX)-filter-exclude_uid-drop.sh TESTS += $(SCRIPT_PREFIX)-filter-exclude_uid-pass.sh endif if FILTER_ENABLED_only_uid TESTS += $(SCRIPT_PREFIX)-filter-only_uid-drop.sh TESTS += $(SCRIPT_PREFIX)-filter-only_uid-pass.sh endif endif ### Include tests in distribution archive # EXTRA_DIST = _bootstrap.sh EXTRA_DIST += combined-generic.sh EXTRA_DIST += $(TESTS) ### Remove stale temporary test files, if tests got stuck # clean-local: rm -f *.ini ; rm -f *.out ; snoopy-snoopy-2.4.6/tests/combined/_bootstrap.sh000077500000000000000000000002011276626320200220330ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Include main _bootstrap.sh # . `dirname $BASH_SOURCE`/../_bootstrap.sh snoopy-snoopy-2.4.6/tests/combined/combined-filter-exclude_uid-drop.sh000077500000000000000000000005071276626320200261650ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Set test configuration # MY_UID=`id -a | grep -Eo 'uid=[0-9]+' | grep -Eo '[0-9]+'` ARG_1="ls -la /" ARG_2="%{cmdline}" ARG_3="exclude_uid:$MY_UID" ARG_4="0" ARG_5="" ### Call/source common combined test implementation # . `dirname $BASH_SOURCE`/combined-generic.sh snoopy-snoopy-2.4.6/tests/combined/combined-filter-exclude_uid-pass.sh000077500000000000000000000006561276626320200261740ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Set test configuration # CUR_TIMESTAMP=`date +%s` MY_UID=`id -a | grep -Eo 'uid=[0-9]+' | grep -Eo '[0-9]+'` MY_UID_PLUS_1=`expr $MY_UID + 1` ARG_1="ls -la /" ARG_2="$CUR_TIMESTAMP %{cmdline}" ARG_3="exclude_uid:$MY_UID_PLUS_1" ARG_4="1" ARG_5="$CUR_TIMESTAMP ls -la /" ### Call/source common combined test implementation # . `dirname $BASH_SOURCE`/combined-generic.sh snoopy-snoopy-2.4.6/tests/combined/combined-filter-only_uid-drop.sh000077500000000000000000000005541276626320200255170ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Set test configuration # MY_UID=`id -a | grep -Eo 'uid=[0-9]+' | grep -Eo '[0-9]+'` MY_UID_PLUS_1=`expr $MY_UID + 1` ARG_1="ls -la /" ARG_2="%{cmdline}" ARG_3="only_uid:$MY_UID_PLUS_1" ARG_4="0" ARG_5="" ### Call/source common combined test implementation # . `dirname $BASH_SOURCE`/combined-generic.sh snoopy-snoopy-2.4.6/tests/combined/combined-filter-only_uid-pass.sh000077500000000000000000000006011276626320200255120ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Set test configuration # CUR_TIMESTAMP=`date +%s` MY_UID=`id -a | grep -Eo 'uid=[0-9]+' | grep -Eo '[0-9]+'` ARG_1="ls -la /" ARG_2="$CUR_TIMESTAMP %{cmdline}" ARG_3="only_uid:$MY_UID" ARG_4="1" ARG_5="$CUR_TIMESTAMP $ARG_1" ### Call/source common combined test implementation # . `dirname $BASH_SOURCE`/combined-generic.sh snoopy-snoopy-2.4.6/tests/combined/combined-generic.sh000077500000000000000000000035531276626320200230660ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get arguments # # If this file is sourced from other tests, get arguments from ARG_x variables. # Otherwise use CLI args. # if [ "x$ARG_1" != "x" ]; then COMMAND="$ARG_1" MESSAGE_FORMAT="$ARG_2" FILTER_CHAIN="$ARG_3" EXPECTED_OUTPUT_LINECOUNT="$ARG_4" EXPECTED_OUTPUT_CONTENT="$ARG_5" else COMMAND="$1" MESSAGE_FORMAT="$2" FILTER_CHAIN="$3" EXPECTED_OUTPUT_LINECOUNT="$4" EXPECTED_OUTPUT_CONTENT="$5" fi TMP_INI=$SNOOPY_CUR_TEST_FILENAME.$$.ini TMP_OUT=$SNOOPY_CUR_TEST_FILENAME.$$.out # Remove possibly stale files rm -f $TMP_INI rm -f $TMP_OUT # Readlink fails if file does not exist touch $TMP_INI touch $TMP_OUT # Make paths absolute TMP_INI=`readlink -e $TMP_INI` TMP_OUT=`readlink -e $TMP_OUT` cat > $TMP_INI < /dev/null ) unset LD_PRELOAD unset SNOOPY_INI ### Compare output line count # OUTPUT_LINECOUNT=`cat $TMP_OUT | wc -l` if [ "$OUTPUT_LINECOUNT" != "$EXPECTED_OUTPUT_LINECOUNT" ]; then snoopy_testResult_fail "Expected line count ($EXPECTED_OUTPUT_LINECOUNT) does not equal actual line count ($OUTPUT_LINECOUNT)." fi # If linecount is zero, there is no point comparing content if [ "$OUTPUT_LINECOUNT" == "0" ]; then # Cleanup too rm -f $TMP_INI rm -f $TMP_OUT snoopy_testResult_pass fi ### Compare content # OUTPUT_CONTENT=`cat $TMP_OUT` ### Cleanup # rm -f $TMP_INI rm -f $TMP_OUT ### Evaluate # snoopy_test_compareValues "$OUTPUT_CONTENT" "$EXPECTED_OUTPUT_CONTENT" snoopy-snoopy-2.4.6/tests/combined/combined-nofilter-1.sh000077500000000000000000000004011276626320200234170ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Set test configuration # ARG_1="ls -la /" ARG_2="%{cmdline}" ARG_3="" ARG_4="1" ARG_5="ls -la /" ### Call/source common combined test implementation # . `dirname $BASH_SOURCE`/combined-generic.sh snoopy-snoopy-2.4.6/tests/combined/combined-nofilter-2.sh000077500000000000000000000004161276626320200234260ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Set test configuration # ARG_1="ls -la /; ls /" ARG_2="%{cmdline}" ARG_3="" ARG_4="2" ARG_5=$'ls -la /\nls /' ### Call/source common combined test implementation # . `dirname $BASH_SOURCE`/combined-generic.sh snoopy-snoopy-2.4.6/tests/configfile/000077500000000000000000000000001276626320200176545ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/configfile/Makefile.am000066400000000000000000000015201276626320200217060ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Which tests to run # SCRIPT_PREFIX = configfile TESTS = XFAIL_TESTS = TESTS += $(SCRIPT_PREFIX)-filter_chain-1.sh TESTS += $(SCRIPT_PREFIX)-message_format-1.sh TESTS += $(SCRIPT_PREFIX)-output-devlog.sh if OUTPUT_ENABLED_file TESTS += $(SCRIPT_PREFIX)-output-file.sh endif TESTS += $(SCRIPT_PREFIX)-output-invalid.sh XFAIL_TESTS += $(SCRIPT_PREFIX)-output-invalid.sh TESTS += $(SCRIPT_PREFIX)-output-socket.sh TESTS += $(SCRIPT_PREFIX)-syslog_facility.sh TESTS += $(SCRIPT_PREFIX)-syslog_ident.sh TESTS += $(SCRIPT_PREFIX)-syslog_level.sh ### Include tests in distribution archive # EXTRA_DIST = _bootstrap.sh EXTRA_DIST += configfile-generic.sh EXTRA_DIST += $(TESTS) snoopy-snoopy-2.4.6/tests/configfile/_bootstrap.sh000077500000000000000000000002011276626320200223600ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Include main _bootstrap.sh # . `dirname $BASH_SOURCE`/../_bootstrap.sh snoopy-snoopy-2.4.6/tests/configfile/configfile-filter_chain-1.sh000077500000000000000000000006551276626320200251110ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_REAL="fake message format `date +%s`" TMP_INI=$SNOOPY_CUR_TEST_FILENAME.ini rm -f $TMP_INI cat > $TMP_INI < $TMP_INI < $TMP_INI < $TMP_INI < $TMP_INI < $TMP_INI < $TMP_INI < datasource_pid.out.tmp & # Capture its pid from BASH VAL_REAL=$! # Wait for it to finish wait $VAL_REAL # Get its output VAL_SNOOPY=`cat datasource_pid.out.tmp` # Do a cleanup rm -f datasource_pid.out.tmp ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_ppid.sh000077500000000000000000000003661276626320200234130ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE ppid` VAL_REAL=$$ ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_rpname.sh000077500000000000000000000012331276626320200237330ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE rpname` # Get root process PID CUR_PID=$$ NEW_PPID=`snoopy_test_getValue_fromPs "$CUR_PID" "ppid"` I=0 while [ "$NEW_PPID" != "1" ]; do I=`expr $I + 1` if [ "$I" -gt "100" ]; then snoopy_testResult_fail "Endless loop". fi CUR_PID="$NEW_PPID" NEW_PPID=`snoopy_test_getValue_fromPs "$NEW_PPID" "ppid"` done # Get root parent process name VAL_REAL=`cat /proc/$CUR_PID/status | grep '^Name:' | awk '{print $2}'` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_sid.sh000077500000000000000000000004521276626320200232320ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE sid` MY_PID=$$ VAL_REAL=`snoopy_test_getValue_fromPs "$MY_PID" "sid"` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_snoopy_literal.sh000077500000000000000000000004421276626320200255150ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_REAL="test-string-`date +%s`" VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE snoopy_literal "$VAL_REAL"` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_snoopy_threads.sh000077500000000000000000000004041276626320200255110ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_REAL="1" VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE snoopy_threads ""` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_snoopy_version.sh000077500000000000000000000005021276626320200255430ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE snoopy_version` ### Evaluate # if [[ $VAL_SNOOPY =~ ^[0-9]+\.[0-9]+\.[0-9]+ ]]; then snoopy_testResult_pass else snoopy_testResult_fail "$VAL_SNOOPY" fi snoopy-snoopy-2.4.6/tests/datasource/datasource_tid.sh000077500000000000000000000005131276626320200232310ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE tid` ### Evaluate # if [[ $VAL_SNOOPY =~ ^[0-9]{10,16}$ ]]; then snoopy_testResult_pass else snoopy_testResult_fail "Unexpected thread ID format: $VAL_SNOOPY" fi snoopy-snoopy-2.4.6/tests/datasource/datasource_tid_kernel.sh000077500000000000000000000005201276626320200245670ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE tid_kernel` ### Evaluate # if [[ $VAL_SNOOPY =~ ^[0-9]{1,7}$ ]]; then snoopy_testResult_pass else snoopy_testResult_fail "Unexpected thread ID format: $VAL_SNOOPY" fi snoopy-snoopy-2.4.6/tests/datasource/datasource_timestamp.sh000077500000000000000000000012011276626320200244470ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE timestamp` snoopy_testRun_info "Snoopy value: $VAL_SNOOPY" VAL_REAL=`date +"%s"` snoopy_testRun_info "Real value: $VAL_REAL" VAL_DIFF=`expr $VAL_SNOOPY - $VAL_REAL | sed -e 's/^-//'` snoopy_testRun_info "Difference: $VAL_DIFF" ### Evaluate # # We allow 3 seconds of difference, just in case. # if [ "$VAL_DIFF" -le "3" ]; then snoopy_testResult_pass else snoopy_testResult_fail "Too much difference (diff=\"$VAL_DIFF\", snoopy=\"$VAL_SNOOPY\", real=\"$VAL_REAL\")" fi snoopy-snoopy-2.4.6/tests/datasource/datasource_timestamp_ms.sh000077500000000000000000000012241276626320200251530ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY_1=`$SNOOPY_TEST_DATASOURCE timestamp_ms` sleep 0.005 VAL_SNOOPY_2=`$SNOOPY_TEST_DATASOURCE timestamp_ms` if [ "$VAL_SNOOPY_1" -gt "$VAL_SNOOPY_2" ]; then VAL_SNOOPY_1=`$SNOOPY_TEST_DATASOURCE timestamp_ms` sleep 0.005 VAL_SNOOPY_2=`$SNOOPY_TEST_DATASOURCE timestamp_ms` fi ### Evaluate # VAL_DIFF=`expr $VAL_SNOOPY_2 - $VAL_SNOOPY_1` if [[ "$VAL_DIFF" -ge "5" ]] && [[ "$VAL_DIFF" -lt "500" ]]; then snoopy_testResult_pass "$VAL_DIFF" else snoopy_testResult_fail "${VAL_SNOOPY_1}ms ${VAL_SNOOPY_2}ms" fi snoopy-snoopy-2.4.6/tests/datasource/datasource_timestamp_us.sh000077500000000000000000000012311276626320200251610ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY_1=`$SNOOPY_TEST_DATASOURCE timestamp_us` sleep 0.005 VAL_SNOOPY_2=`$SNOOPY_TEST_DATASOURCE timestamp_us` if [ "$VAL_SNOOPY_1" -gt "$VAL_SNOOPY_2" ]; then VAL_SNOOPY_1=`$SNOOPY_TEST_DATASOURCE timestamp_us` sleep 0.005 VAL_SNOOPY_2=`$SNOOPY_TEST_DATASOURCE timestamp_us` fi ### Evaluate # VAL_DIFF=`expr $VAL_SNOOPY_2 - $VAL_SNOOPY_1` if [[ "$VAL_DIFF" -ge "5000" ]] && [[ "$VAL_DIFF" -lt "50000" ]]; then snoopy_testResult_pass "$VAL_DIFF" else snoopy_testResult_fail "${VAL_SNOOPY_1}ms ${VAL_SNOOPY_2}ms" fi snoopy-snoopy-2.4.6/tests/datasource/datasource_tty.sh000077500000000000000000000004541276626320200232750ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE tty` if ! tty -s; then VAL_REAL="(none)" else VAL_REAL=`tty` fi ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_tty_uid.sh000077500000000000000000000005231276626320200241330ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE tty_uid` if ! tty -s; then VAL_REAL="(none)" else VAL_REAL=`tty | xargs ls -lan | awk '{print $3}'` fi ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_tty_username.sh000077500000000000000000000005271276626320200251750ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE tty_username` if ! tty -s; then VAL_REAL="(none)" else VAL_REAL=`tty | xargs ls -la | awk '{print $3}'` fi ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_uid.sh000077500000000000000000000004461276626320200232370ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE uid` VAL_REAL=`id -a | grep -Eo 'uid=[0-9]+' | grep -Eo '[0-9]+'` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/datasource/datasource_username.sh000077500000000000000000000005171276626320200242740ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_SNOOPY=`$SNOOPY_TEST_DATASOURCE username` VAL_REAL=`id -a | grep -Eo 'uid=[0-9]+[(][^)]+[)]' | grep -Eo '[(][^)]+[)]' | grep -Eo '[^()]+'` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/filter/000077500000000000000000000000001276626320200170345ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/filter/Makefile.am000066400000000000000000000015711276626320200210740ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Which tests to run # SCRIPT_PREFIX = filter TESTS = XFAIL_TESTS = if DATASOURCE_ENABLED_uid if FILTER_ENABLED_exclude_uid TESTS += $(SCRIPT_PREFIX)_exclude_uid-pass.sh TESTS += $(SCRIPT_PREFIX)_exclude_uid-pass-multi.sh TESTS += $(SCRIPT_PREFIX)_exclude_uid-drop.sh TESTS += $(SCRIPT_PREFIX)_exclude_uid-drop-multi.sh endif endif if FILTER_ENABLED_only_tty TESTS += $(SCRIPT_PREFIX)_only_tty.sh endif if DATASOURCE_ENABLED_uid if FILTER_ENABLED_only_uid TESTS += $(SCRIPT_PREFIX)_only_uid-pass.sh TESTS += $(SCRIPT_PREFIX)_only_uid-pass-multi.sh TESTS += $(SCRIPT_PREFIX)_only_uid-drop.sh TESTS += $(SCRIPT_PREFIX)_only_uid-drop-multi.sh endif endif ### Include tests in distribution archive # EXTRA_DIST = _bootstrap.sh EXTRA_DIST += $(TESTS) snoopy-snoopy-2.4.6/tests/filter/_bootstrap.sh000077500000000000000000000002011276626320200215400ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Include main _bootstrap.sh # . `dirname $BASH_SOURCE`/../_bootstrap.sh snoopy-snoopy-2.4.6/tests/filter/filter_exclude_uid-drop-multi.sh000077500000000000000000000006361276626320200253310ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` MY_UID_PLUS_1=`expr $MY_UID + 1` MY_UID_PLUS_2=`expr $MY_UID + 2` if ! $SNOOPY_TEST_FILTER "msg" "exclude_uid" "$MY_UID_PLUS_1,$MY_UID,$MY_UID_PLUS_2" > /dev/null; then snoopy_testResult_pass else snoopy_testResult_fail "My UID: $MY_UID" fi snoopy-snoopy-2.4.6/tests/filter/filter_exclude_uid-drop.sh000077500000000000000000000004761276626320200242030ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` if ! $SNOOPY_TEST_FILTER "msg" "exclude_uid" "$MY_UID" > /dev/null; then snoopy_testResult_pass else snoopy_testResult_fail "My UID: $MY_UID" fi snoopy-snoopy-2.4.6/tests/filter/filter_exclude_uid-pass-multi.sh000077500000000000000000000007061276626320200253310ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` MY_UID_PLUS_1=`expr $MY_UID + 1` MY_UID_PLUS_2=`expr $MY_UID + 2` MY_UID_PLUS_3=`expr $MY_UID + 3` if ! $SNOOPY_TEST_FILTER "msg" "exclude_uid" "$MY_UID_PLUS_1,$MY_UID_PLUS_2,$MY_UID_PLUS_3" > /dev/null; then snoopy_testResult_fail "My UID: $MY_UID" else snoopy_testResult_pass fi snoopy-snoopy-2.4.6/tests/filter/filter_exclude_uid-pass.sh000077500000000000000000000005461276626320200242030ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` MY_UID_PLUS_1=`expr $MY_UID + 1` if ! $SNOOPY_TEST_FILTER "msg" "exclude_uid" "$MY_UID_PLUS_1" > /dev/null; then snoopy_testResult_fail "My UID: $MY_UID" else snoopy_testResult_pass fi snoopy-snoopy-2.4.6/tests/filter/filter_only_tty.sh000077500000000000000000000020001276626320200226110ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Check if currently running on tty # # These do not work correctly: # if [[ $- == *i* ]]; then # if [ -t 1 ]; then # # In $(tty), tty is a program. When test suite is run with -j1, it runs in # interactive shell. If -j16 is used, then it runs in background. # RES="$(tty)" || RES="not-on-tty" # This || is here to compensate for non-zero exit status. if [[ $RES == /dev/* ]]; then ON_TTY="true" else ON_TTY="false" fi ### Execute on-tty-dependent check # if [ "$ON_TTY" == "true" ]; then if $SNOOPY_TEST_FILTER "msg" "only_tty" > /dev/null; then snoopy_testResult_pass else snoopy_testResult_fail "only_tty check running in non-interactive mode failed" fi else if ! $SNOOPY_TEST_FILTER "msg" "only_tty" > /dev/null; then snoopy_testResult_pass else snoopy_testResult_fail "only_tty check NOT running on interactive tty failed" fi fi snoopy-snoopy-2.4.6/tests/filter/filter_only_uid-drop-multi.sh000077500000000000000000000007031276626320200246540ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` MY_UID_PLUS_1=`expr $MY_UID + 1` MY_UID_PLUS_2=`expr $MY_UID + 2` MY_UID_PLUS_3=`expr $MY_UID + 3` if ! $SNOOPY_TEST_FILTER "msg" "only_uid" "$MY_UID_PLUS_1,$MY_UID_PLUS_2,$MY_UID_PLUS_3" > /dev/null; then snoopy_testResult_pass else snoopy_testResult_fail "My UID: $MY_UID" fi snoopy-snoopy-2.4.6/tests/filter/filter_only_uid-drop.sh000077500000000000000000000005441276626320200235270ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` MY_UID_PLUS_1=`expr $MY_UID + 1` if ! $SNOOPY_TEST_FILTER "msg" "only_uid" "$MY_UID_PLUS_1" > /dev/null; then snoopy_testResult_pass else snoopy_testResult_fail "My UID: $MY_UID" fi snoopy-snoopy-2.4.6/tests/filter/filter_only_uid-pass-multi.sh000077500000000000000000000006331276626320200246600ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` MY_UID_PLUS_1=`expr $MY_UID + 1` MY_UID_PLUS_2=`expr $MY_UID + 2` if ! $SNOOPY_TEST_FILTER "msg" "only_uid" "$MY_UID_PLUS_1,$MY_UID,$MY_UID_PLUS_2" > /dev/null; then snoopy_testResult_fail "My UID: $MY_UID" else snoopy_testResult_pass fi snoopy-snoopy-2.4.6/tests/filter/filter_only_uid-pass.sh000077500000000000000000000004731276626320200235320ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # MY_UID=`$SNOOPY_TEST_DATASOURCE uid` if ! $SNOOPY_TEST_FILTER "msg" "only_uid" "$MY_UID" > /dev/null; then snoopy_testResult_fail "My UID: $MY_UID" else snoopy_testResult_pass fi snoopy-snoopy-2.4.6/tests/message/000077500000000000000000000000001276626320200171735ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/message/Makefile.am000066400000000000000000000007211276626320200212270ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Which tests to run # SCRIPT_PREFIX = message TESTS = XFAIL_TESTS = TESTS += $(SCRIPT_PREFIX)_format-datasource-arg.sh TESTS += $(SCRIPT_PREFIX)_format-datasource-noarg.sh TESTS += $(SCRIPT_PREFIX)_format-empty.sh TESTS += $(SCRIPT_PREFIX)_format-static.sh ### Include tests in distribution archive # EXTRA_DIST = _bootstrap.sh EXTRA_DIST += $(TESTS) snoopy-snoopy-2.4.6/tests/message/_bootstrap.sh000077500000000000000000000002011276626320200216770ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Include main _bootstrap.sh # . `dirname $BASH_SOURCE`/../_bootstrap.sh snoopy-snoopy-2.4.6/tests/message/message_format-datasource-arg.sh000077500000000000000000000011451276626320200254260ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Check if there is ENV datasource available # RES=`$SNOOPY_TEST_DATASOURCE --list | grep -E '^(snoopy_version|env)$' -c` if [ "$RES" -eq "1" ]; then snoopy_testResult_skip "Required datasource 'env' is not available" fi ### Get data # VAR_NAME="SNOOPY_TEST_MESSAGE_FORMAT_`date +%s`" VAR_VALUE="${VAR_NAME}-value" export $VAR_NAME="$VAR_VALUE" VAL_SNOOPY=`$SNOOPY_TEST_MESSAGE_FORMAT "%{env:$VAR_NAME}"` VAL_REAL="$VAR_VALUE" ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/message/message_format-datasource-noarg.sh000077500000000000000000000005071276626320200257640ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # DATASOURCE="snoopy_version" VAL_SNOOPY=`$SNOOPY_TEST_MESSAGE_FORMAT "%{$DATASOURCE}"` VAL_REAL=`$SNOOPY_TEST_DATASOURCE "$DATASOURCE"` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/message/message_format-empty.sh000077500000000000000000000004071276626320200236630ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # STR="" VAL_SNOOPY=`$SNOOPY_TEST_MESSAGE_FORMAT "$STR"` VAL_REAL="$STR" ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/message/message_format-static.sh000077500000000000000000000004431276626320200240140ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # STR="staticUselessText-`date +%s`" VAL_SNOOPY=`$SNOOPY_TEST_MESSAGE_FORMAT "$STR"` VAL_REAL="$STR" ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/output/000077500000000000000000000000001276626320200171075ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/output/Makefile.am000066400000000000000000000011601276626320200211410ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Which tests to run # SCRIPT_PREFIX = output TESTS = XFAIL_TESTS = if OUTPUT_ENABLED_devnull TESTS += $(SCRIPT_PREFIX)_devnull.sh endif if OUTPUT_ENABLED_file TESTS += $(SCRIPT_PREFIX)_file.sh endif if OUTPUT_ENABLED_socket TESTS += $(SCRIPT_PREFIX)_socket.sh endif if OUTPUT_ENABLED_stderr TESTS += $(SCRIPT_PREFIX)_stderr.sh endif if OUTPUT_ENABLED_stdout TESTS += $(SCRIPT_PREFIX)_stdout.sh endif ### Include tests in distribution archive # EXTRA_DIST = _bootstrap.sh EXTRA_DIST += $(TESTS) snoopy-snoopy-2.4.6/tests/output/_bootstrap.sh000077500000000000000000000002011276626320200216130ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Include main _bootstrap.sh # . `dirname $BASH_SOURCE`/../_bootstrap.sh snoopy-snoopy-2.4.6/tests/output/output_devnull.sh000077500000000000000000000004121276626320200225340ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Output data # VAL_REAL="" VAL_SNOOPY=`$SNOOPY_TEST_OUTPUT "$VAL_REAL" "devnull"` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/output/output_file.sh000077500000000000000000000006101276626320200220020ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Output data # VAL_REAL=`date +%s` MY_PID=$$ FILE="output_file.sh.$MY_PID.tmp.out" # Write rm -f $FILE $SNOOPY_TEST_OUTPUT "$VAL_REAL" "file" "$FILE" > /dev/null # Read VAL_SNOOPY=`cat $FILE` rm -f $FILE ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/output/output_socket.sh000077500000000000000000000020011276626320200223470ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Output data # VAL_REAL=`date +%s` MY_PID=$$ FILE_SOCKET="output_socket.sh.$MY_PID.socket" FILE_OUT="output_socket.sh.$MY_PID.sock.out" # Listen rm -f $FILE_SOCKET rm -f $FILE_OUT touch $FILE_OUT socat UNIX-LISTEN:$FILE_SOCKET OPEN:$FILE_OUT & SOCAT_PID=$! # Sleep a bit, if socket file, or sometimes this fails as socket is not yet present if [ ! -e $FILE_SOCKET ]; then sleep 0.2 elif [ ! -S $FILE_SOCKET ]; then sleep 0.5 elif [ ! -S $FILE_SOCKET ]; then sleep 2 fi # Send content to this socket echo "$VAL_REAL" | socat - UNIX-CONNECT:$FILE_SOCKET # Kill the listener if it is still alive by accident #wait $SOCAT_PID PS_COUNT=`ps -p 1,$SOCAT_PID -o pid,cmd | grep -E -c '^[ ]*[0-9]+[ ]+'` if [ "$PS_COUNT" -gt "2" ]; then kill -9 $SOCAT_PID fi # Read what has been written VAL_SNOOPY=`cat $FILE_OUT` rm -f $FILE_OUT ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/output/output_stderr.sh000077500000000000000000000004411276626320200223700ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Output data # VAL_REAL=`date +%s` VAL_SNOOPY=`$SNOOPY_TEST_OUTPUT "$VAL_REAL" "stderr" 2>&1 >/dev/null` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/output/output_stdout.sh000077500000000000000000000004351276626320200224120ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Output data # VAL_REAL=`date +%s` VAL_SNOOPY=`$SNOOPY_TEST_OUTPUT "$VAL_REAL" "stdout" 2>/dev/null` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/threads/000077500000000000000000000000001276626320200172015ustar00rootroot00000000000000snoopy-snoopy-2.4.6/tests/threads/Makefile.am000066400000000000000000000006611276626320200212400ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Which tests to run # SCRIPT_PREFIX = threads TESTS = XFAIL_TESTS = if THREAD_SAFETY_ENABLED TESTS += $(SCRIPT_PREFIX)_creation.sh TESTS += $(SCRIPT_PREFIX)_fork_exec.sh TESTS += $(SCRIPT_PREFIX)_try-to-segfault.sh endif ### Include tests in distribution archive # EXTRA_DIST = _bootstrap.sh EXTRA_DIST += $(TESTS) snoopy-snoopy-2.4.6/tests/threads/_bootstrap.sh000077500000000000000000000002011276626320200217050ustar00rootroot00000000000000#!/bin/bash ### Configure shell # set -e set -u ### Include main _bootstrap.sh # . `dirname $BASH_SOURCE`/../_bootstrap.sh snoopy-snoopy-2.4.6/tests/threads/threads_creation.sh000077500000000000000000000005451276626320200230620ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_REAL="100" #$SNOOPY_TEST_THREADS $VAL_REAL #VAL_SNOOPY=`$SNOOPY_TEST_THREADS $VAL_REAL| grep '^SUCCESS' | grep -Eo '[0-9]+$'` $SNOOPY_TEST_THREADS $VAL_REAL ### Evaluate # #snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/threads/threads_fork_exec.sh000077500000000000000000000005501276626320200232170ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # #set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Get data # VAL_REAL="1" THREAD_COUNT="100" THREAD_EXEC_CMD="/bin/hostname" VAL_SNOOPY=`$SNOOPY_TEST_EXEC_IN_THREADS $THREAD_COUNT $THREAD_EXEC_CMD | grep '^SUCCESS' -c | cat` ### Evaluate # snoopy_test_compareValues "$VAL_SNOOPY" "$VAL_REAL" snoopy-snoopy-2.4.6/tests/threads/threads_try-to-segfault.sh000077500000000000000000000014221276626320200243170ustar00rootroot00000000000000#!/bin/bash ### Configure shell and bootstrap # set -e set -u . `dirname $BASH_SOURCE`/_bootstrap.sh ### Default config # ITERATIONS="100" THREADS="200" ### Override with CLI args # if [ ! -z ${1:-} ]; then ITERATIONS="$1" fi if [ ! -z ${2:-} ]; then THREADS="$2" fi ### Run the test # echo "Running $ITERATIONS iterations with $THREADS threads in each:" for i in `seq 1 $ITERATIONS`; do echo -n " Iteration #$i... " $SNOOPY_TEST_THREADS $THREADS > /dev/null RES=$? if [ "$RES" == "0" ]; then echo "done, exit status = $?" else echo echo " ERROR: Exit status = $?" fi done ### Evaluate # snoopy_testResult_pass "No segmentation faults occured. Iterations: $ITERATIONS. Threads-per-iteration: $THREADS." snoopy-snoopy-2.4.6/util/000077500000000000000000000000001276626320200153625ustar00rootroot00000000000000snoopy-snoopy-2.4.6/util/Makefile.am000066400000000000000000000027231276626320200174220ustar00rootroot00000000000000### Include common Makefile configuration # include $(top_srcdir)/build/Makefile.am.common ### Use includes from src/ directory # AM_CFLAGS += -I$(top_srcdir)/src bin_PROGRAMS = sbin_SCRIPTS = noinst_LTLIBRARIES = noinst_PROGRAMS = ### Scripts to enable/disable Snoopy # sbin_SCRIPTS += snoopy-enable sbin_SCRIPTS += snoopy-disable ### Test programs # # Some development/testing programs here # if DEV_TOOLS_ENABLED bin_PROGRAMS += snoopy-test-output snoopy_test_output_SOURCES = snoopy-test-output.c snoopy_test_output_LDADD = ../src/libsnoopy_no_execve.la noinst_PROGRAMS += snoopy-detect snoopy_detect_SOURCES = snoopy-detect.c noinst_PROGRAMS += snoopy-test-all-data-sources snoopy_test_all_data_sources_SOURCES = snoopy-test-all-data-sources.c snoopy_test_all_data_sources_LDADD = ../src/libsnoopy_no_execve.la \ ../src/libsnoopy-debug-addons.la noinst_PROGRAMS += snoopy-run-everything snoopy_run_everything_SOURCES = snoopy-run-everything.c snoopy_run_everything_LDADD = ../src/libsnoopy_no_execve.la \ ../src/libsnoopy-debug-addons.la noinst_PROGRAMS += snoopy-dev-helper snoopy_dev_helper_SOURCES = snoopy-dev-helper.c snoopy_dev_helper_LDADD = ../src/libsnoopy_no_execve.la endif snoopy-snoopy-2.4.6/util/snoopy-detect.c000066400000000000000000000025061276626320200203260ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: detect.c -- simple execve() wrapper detection * * Copyright (c) 2000 Marius Aamodt Eriksen * Copyright (c) 2000 Mike Baker * * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ #include #include #ifndef RTLD_DEFAULT # define RTLD_DEFAULT ((void *) 0) #endif int main(void) { char *libc = ((size_t)-1 > 0xffffffffUL) ? "/lib64/libc.so.6" : "/lib/libc.so.6"; void *handle = dlopen(libc, RTLD_LAZY); //simple test to see if the execve in memory matches libc.so.6 if (dlsym(handle, "execve") != dlsym(RTLD_DEFAULT, "execve")) printf("something fishy...\n"); else printf("secure\n"); return 0; } snoopy-snoopy-2.4.6/util/snoopy-dev-helper.c000066400000000000000000000044231276626320200211110ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-dev-helper.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Include all snoopy-related resources */ #include "snoopy.h" #include "configuration.h" #include "inputdatastorage.h" #include "message.h" #include "misc.h" #include "parser.h" /* * Include all required C resources */ #include #include #include int main (int argc, char **argv) { char *logMessage = NULL; /* Initialize Snoopy */ snoopy_init(); /* Fake init */ snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); // Init log message as empty string logMessage = malloc(SNOOPY_LOG_MESSAGE_MAX_SIZE); logMessage[0] = '\0'; printf("Snoopy: testing custom message formatting:\n\n"); printf("Message format used: \n%s\n\n", SNOOPY_MESSAGE_FORMAT); snoopy_message_generateFromFormat(logMessage, SNOOPY_MESSAGE_FORMAT); printf("Produced output:\n%s\n\n", logMessage); char *argListRaw; argListRaw = strdup(argv[1]); int charCount; charCount = snoopy_string_countChars(argListRaw, ','); printf("CC: %d\n", charCount); int argCount; char **argListParsed = NULL; argCount = snoopy_parser_argList_csv(argListRaw, &argListParsed); printf("AC: %d\n", argCount); printf("ARG1: '%s'\n", argListParsed[0]); printf("ARG2: '%s'\n", argListParsed[1]); printf("ARG3: '%s'\n", argListParsed[2]); free(argListRaw); free(argListParsed); /* Housekeeping */ free(logMessage); snoopy_cleanup(); return 0; } snoopy-snoopy-2.4.6/util/snoopy-disable.in000077500000000000000000000025371276626320200206540ustar00rootroot00000000000000#!/bin/sh # This is a script that disables system-wide Snoopy installation. # You have to run this script as a privileged user. # This script is also run when you execute "make disable" or # implicitly when running "make uninstall". ### Where is the library installed? # LIBDIR="@SNOOPY_LIBDIR@" ### If unprivileged user is running this script? # MY_UID=`id -a | grep -Eo 'uid=[0-9]+' | grep -Eo '[0-9]+'` if [ "$MY_UID" != "0" ]; then echo echo 'SNOOPY WARNING: NOT running as privileged user.' echo exit 0 fi ### Check if writeable /etc/ld.so.preload # touch /etc/ld.so.preload if [ ! -w /etc/ld.so.preload ]; then echo echo 'SNOOPY ERROR: /etc/ld.so.preload not writable!' echo exit 1 fi ### Do the actual installation # COUNT=`grep -Ec "/(lib)?snoopy.so" /etc/ld.so.preload` if [ "$COUNT" -gt "1" ]; then echo echo "SNOOPY ERROR: Multiple instances of (lib)snoopy.so found in /etc/ld.so.preload. Unable to proceed." echo exit 1 elif [ "$COUNT" -eq "1" ]; then echo -n "SNOOPY: Removing from /etc/ld.so.preload: " cat /etc/ld.so.preload | grep -E "/(lib)?snoopy.so" sed -i "/\/\(lib\)\?snoopy.so/d" /etc/ld.so.preload echo "SNOOPY: Disabled." echo "SNOOPY: Hint: Your system needs to be restarted to finish Snoopy cleanup." else echo "SNOOPY: Snoopy is NOT enabled on this system." fi snoopy-snoopy-2.4.6/util/snoopy-enable.in000077500000000000000000000026131276626320200204720ustar00rootroot00000000000000#!/bin/sh # This is a script that enables Snoopy system-wide. # You have to run this script as a privileged user. # This script is also run when you execute "make enable". ### Where is the library installed? # LIBDIR="@SNOOPY_LIBDIR@" ### Check Snoopy installation # if [ ! -r $LIBDIR/libsnoopy.so ]; then echo echo "SNOOPY ERROR: $LIBDIR/libsnoopy.so is not installed or is not readable" echo exit 1 fi ### Check user that is running this script # touch /etc/ld.so.preload if [ ! -w /etc/ld.so.preload ]; then echo echo 'SNOOPY ERROR: /etc/ld.so.preload not writable - are you running this script as a unprivileged user?' echo exit 1 fi ### Do the actual installation # COUNT=`grep -Ec "/(lib)?snoopy.so" /etc/ld.so.preload` if [ "$COUNT" -gt "1" ]; then echo echo "SNOOPY ERROR: Multiple instances of (lib)snoopy.so found in /etc/ld.so.preload. Unable to proceed." echo exit 1 elif [ "$COUNT" -eq "1" ]; then echo -n "SNOOPY: Removing from /etc/ld.so.preload: " cat /etc/ld.so.preload | grep -E "/(lib)?snoopy.so" sed -i "/\/\(lib\)\?snoopy.so/d" /etc/ld.so.preload fi echo "SNOOPY: Adding to /etc/ld.so.preload: $LIBDIR/libsnoopy.so" echo "$LIBDIR/libsnoopy.so" >> /etc/ld.so.preload echo "SNOOPY: Hint #1: Reboot your machine to load Snoopy system-wide." echo "SNOOPY: Hint #2: Check your log files for output." echo "SNOOPY: Enabled." snoopy-snoopy-2.4.6/util/snoopy-run-everything.c000066400000000000000000000056701276626320200220510ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-test-filter.c * * Copyright (c) 2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Includes order: from local to global */ //#include "snoopy-test-filter.h" #include "snoopy.h" #include "libsnoopy-debug-addons.h" #include "configuration.h" #ifdef SNOOPY_FILTERING_ENABLED #include "filtering.h" #endif #include "log.h" #include "message.h" #include "misc.h" #include "inputdatastorage.h" #include #include int main (int argc, char **argv); int main (int argc, char **argv) { char *logMessage = NULL; snoopy_configuration_t *CFG; /* Initialize Snoopy */ snoopy_init(); snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); /* Get config pointer */ CFG = snoopy_configuration_get(); /* Initialize empty log message */ logMessage = malloc(SNOOPY_LOG_MESSAGE_MAX_SIZE); logMessage[0] = '\0'; /* Run throught as much code as possible */ /* TODO: Parse config file with all settings */ printf("-----[ Datasources ]-----------------------------------\n"); snoopy_debug_test_all_datasources(); #ifdef SNOOPY_FILTERING_ENABLED printf("-----[ Filters ]---------------------------------------\n"); snoopy_debug_test_all_filters(); #endif printf("-----[ Outputs ]---------------------------------------\n"); snoopy_debug_test_all_outputs(); printf("-----[ Message formatting ]----------------------------\n"); snoopy_message_generateFromFormat(logMessage, CFG->message_format); printf("Message: %s\n", logMessage); printf("-----[ Filtering ]-------------------------------------\n"); #ifdef SNOOPY_FILTERING_ENABLED snoopy_filtering_check_chain(logMessage, "exclude_uid:10,11,12;only_uid=0,1,2,3"); printf("Done.\n"); #else printf("SKIPPED - not enabled.\n"); #endif printf("-----[ Dispatching ]-----------------------------------\n"); snoopy_log_dispatch(logMessage, SNOOPY_LOG_MESSAGE); printf("Done.\n"); printf("\nAll done.\n"); /* Cleanup and return */ free(logMessage); snoopy_cleanup(); /* Close these FDs too, otherwise valgrind complains */ fclose(stdin); fclose(stdout); fclose(stderr); return 0; } snoopy-snoopy-2.4.6/util/snoopy-test-all-data-sources.c000066400000000000000000000031301276626320200231650ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-test-all-data-sources.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Include all required C resources */ #include #include #include /* * Include all snoopy-related resources */ #include "snoopy.h" #include "configuration.h" #include "error.h" #include "inputdatastorage.h" #include "libsnoopy-debug-addons.h" #include "misc.h" /* * We do not use separate .h file here */ int main (int argc, char **argv); void snoopy_test_all_datasources (); int snoopy_get_datasource_name_length_max (); int main (int argc, char **argv) { /* Initialize Snoopy */ snoopy_init(); snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); /* Run the main function */ snoopy_debug_test_all_datasources(); /* Housekeeping */ snoopy_cleanup(); return 0; } snoopy-snoopy-2.4.6/util/snoopy-test-output.c000066400000000000000000000064551276626320200214020ustar00rootroot00000000000000/* * SNOOPY LOGGER * * File: snoopy-test-output.c * * Copyright (c) 2014-2015 Bostjan Skufca * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2, or (at your option) * any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software Foundation, * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. */ /* * Include all required C resources */ #include #include /* * Include all snoopy-related resources */ #include "snoopy.h" #include "configuration.h" #if defined(SNOOPY_FILTERING_ENABLED) #include "filtering.h" #endif #include "inputdatastorage.h" #include "log.h" #include "message.h" #include "misc.h" int main (int argc, char **argv) { char *logMessage = NULL; snoopy_configuration_t *CFG; /* Initialize Snoopy */ snoopy_init(); /* Get config pointer */ CFG = snoopy_configuration_get(); /* Initialize empty log message */ logMessage = malloc(SNOOPY_LOG_MESSAGE_MAX_SIZE); logMessage[0] = '\0'; snoopy_inputdatastorage_store_filename(argv[0]); snoopy_inputdatastorage_store_argv(argv); if (SNOOPY_TRUE == CFG->configfile_enabled) { printf("Configuration file is enabled: %s\n", CFG->configfile_path); if (SNOOPY_TRUE == CFG->configfile_found) { printf("Configuration file found.\n"); } else { printf("WARNING: Configuration file does not exist!\n"); } if (SNOOPY_TRUE == CFG->configfile_parsed) { printf("Configuration file was parsed sucessfully.\n"); } else { printf("WARNING: Configuration file parsing FAILED!\n"); } } else { printf("INFO: Configuration file is NOT enabled.\n"); } snoopy_message_generateFromFormat(logMessage, CFG->message_format); printf("Message generated:\n"); printf("\n"); printf("%s\n", logMessage); printf("\n"); #if defined(SNOOPY_FILTERING_ENABLED) /* Should message be passed to syslog or not? */ if ( (SNOOPY_FALSE == CFG->filtering_enabled) || ( (SNOOPY_TRUE == CFG->filtering_enabled) && (SNOOPY_FILTER_PASS == snoopy_filtering_check_chain(logMessage, CFG->filter_chain)) ) ) { #endif snoopy_log_dispatch(logMessage, SNOOPY_LOG_MESSAGE); printf("Message sent to output '%s(%s)'.\n", CFG->output, CFG->output_arg); printf("If Snoopy is already enabled on your system, you should see two identical messages.\n"); printf("If you are testing Snoopy via LD_PRELOAD environmental variable, you will see another identical message.\n"); #if defined(SNOOPY_FILTERING_ENABLED) } else { printf("Message NOT sent to syslog. One of the filters dropped it.\n"); } #endif /* Housekeeping */ free(logMessage); snoopy_cleanup(); return 0; }