netlink_proc_event 0.1.0 → 0.2.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.rakeTasks +7 -0
- data/README.md +3 -3
- data/lib/netlink_proc_event/libnl.rb +27 -4
- data/lib/netlink_proc_event/version.rb +1 -1
- data/lib/netlink_proc_event.rb +4 -3
- metadata +3 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4baea63f3658d59c9b8509fc3870600c167c54f1
|
|
4
|
+
data.tar.gz: 1e94e8a58fd00d5f34a5a808f8caf2442e23e739
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 502f362a6f3c576c68bc1479b8661abf0b0d08cd20741abaf0cbf6d71b31ab510c88c543db0e24c471618c52b64a14749ddb2e2f4b18b3b62a4b6715ee572669
|
|
7
|
+
data.tar.gz: 4e4e587c8ad3f0ece039604a5aaf04a806a491e3b8dc951cee76e3927434b49c2006e764c1b467a8650d9c1b0bd40c7bce3b153f1af4f926b928433a786a8d72
|
data/.rakeTasks
ADDED
|
@@ -0,0 +1,7 @@
|
|
|
1
|
+
<?xml version="1.0" encoding="UTF-8"?>
|
|
2
|
+
<Settings><!--This file was automatically generated by Ruby plugin.
|
|
3
|
+
You are allowed to:
|
|
4
|
+
1. Remove rake task
|
|
5
|
+
2. Add existing rake tasks
|
|
6
|
+
To add existing rake tasks automatically delete this file and reload the project.
|
|
7
|
+
--><RakeGroup description="" fullCmd="" taksId="rake"><RakeTask description="Build netlink_proc_event-0.1.0.gem into the pkg directory" fullCmd="build" taksId="build" /><RakeTask description="Build and install netlink_proc_event-0.1.0.gem into system gems" fullCmd="install" taksId="install" /><RakeTask description="Create tag v0.1.0 and build and push netlink_proc_event-0.1.0.gem to Rubygems" fullCmd="release" taksId="release" /><RakeGroup description="" fullCmd="" taksId="release"><RakeTask description="" fullCmd="release:guard_clean" taksId="guard_clean" /><RakeTask description="" fullCmd="release:rubygem_push" taksId="rubygem_push" /><RakeTask description="" fullCmd="release:source_control_push" taksId="source_control_push" /></RakeGroup></RakeGroup></Settings>
|
data/README.md
CHANGED
|
@@ -24,15 +24,15 @@ Or install it yourself as:
|
|
|
24
24
|
require 'netlink_proc_event'
|
|
25
25
|
|
|
26
26
|
NetlinkProcEvent.on :PROC_EVENT_FORK do |event|
|
|
27
|
-
puts "#{event[:
|
|
27
|
+
puts "#{event[:parent_pid]} forked into #{event[:child_pid]}"
|
|
28
28
|
end
|
|
29
29
|
|
|
30
30
|
NetlinkProcEvent.on :PROC_EVENT_EXEC do |event|
|
|
31
|
-
puts "#{event[:
|
|
31
|
+
puts "#{event[:process_pid]} exec'd"
|
|
32
32
|
end
|
|
33
33
|
|
|
34
34
|
NetlinkProcEvent.on :PROC_EVENT_EXIT do |event|
|
|
35
|
-
puts "#{event[:
|
|
35
|
+
puts "#{event[:process_pid]} killed"
|
|
36
36
|
end
|
|
37
37
|
|
|
38
38
|
loop do
|
|
@@ -37,7 +37,31 @@ module NetlinkProcEvent
|
|
|
37
37
|
:PROC_EVENT_COMM , 0x00000200,
|
|
38
38
|
:PROC_EVENT_EXIT , -0x80000000)
|
|
39
39
|
|
|
40
|
-
class
|
|
40
|
+
class ForkProcEvent < FFI::Struct
|
|
41
|
+
layout :parent_pid, :uint32,
|
|
42
|
+
:parent_tgid, :uint32,
|
|
43
|
+
:child_pid, :uint32,
|
|
44
|
+
:child_tgid, :uint32
|
|
45
|
+
end
|
|
46
|
+
|
|
47
|
+
class ExecProcEvent < FFI::Struct
|
|
48
|
+
layout :process_pid, :uint32,
|
|
49
|
+
:process_tgid, :uint32
|
|
50
|
+
end
|
|
51
|
+
|
|
52
|
+
class ExitProcEvent < FFI::Struct
|
|
53
|
+
layout :process_pid, :uint32,
|
|
54
|
+
:process_tgid, :uint32,
|
|
55
|
+
:exit_signal, :uint32
|
|
56
|
+
end
|
|
57
|
+
|
|
58
|
+
class EventData < FFI::Union
|
|
59
|
+
layout :fork, ForkProcEvent,
|
|
60
|
+
:exec, ExecProcEvent,
|
|
61
|
+
:exit, ExitProcEvent
|
|
62
|
+
end
|
|
63
|
+
|
|
64
|
+
class ProcEvent < FFI::Struct
|
|
41
65
|
layout :idx, :uint32,
|
|
42
66
|
:val, :uint32,
|
|
43
67
|
:seq, :uint32,
|
|
@@ -47,11 +71,10 @@ module NetlinkProcEvent
|
|
|
47
71
|
:what, Event,
|
|
48
72
|
:cpu, :uint32,
|
|
49
73
|
:timestamp_ns, :uint64,
|
|
50
|
-
:
|
|
51
|
-
:tid, :uint32
|
|
74
|
+
:event_data, EventData
|
|
52
75
|
end
|
|
53
76
|
|
|
54
|
-
class
|
|
77
|
+
class CnMsg < FFI::Struct
|
|
55
78
|
layout :idx, :uint32,
|
|
56
79
|
:val, :uint32,
|
|
57
80
|
:seq, :uint32,
|
data/lib/netlink_proc_event.rb
CHANGED
|
@@ -28,7 +28,7 @@ module NetlinkProcEvent
|
|
|
28
28
|
|
|
29
29
|
if msg_length > 0 && msg_ptr && msg_valid
|
|
30
30
|
msg_payload_ptr = Libnl.nlmsg_data(msg_ptr)
|
|
31
|
-
msg_payload = Libnl::
|
|
31
|
+
msg_payload = Libnl::ProcEvent.new(msg_payload_ptr)
|
|
32
32
|
handle_event(msg_payload)
|
|
33
33
|
end
|
|
34
34
|
end
|
|
@@ -75,7 +75,7 @@ module NetlinkProcEvent
|
|
|
75
75
|
msg = Libnl.nlmsg_alloc_simple(Libnl::NLMSG_DONE, 0)
|
|
76
76
|
data = Libnl.nlmsg_reserve(msg, 24, 4)
|
|
77
77
|
|
|
78
|
-
proc_message = Libnl::
|
|
78
|
+
proc_message = Libnl::CnMsg.new(data)
|
|
79
79
|
proc_message[:idx] = Libnl::CN_IDX_PROC
|
|
80
80
|
proc_message[:val] = Libnl::CN_VAL_PROC
|
|
81
81
|
proc_message[:data] = 1
|
|
@@ -90,7 +90,8 @@ module NetlinkProcEvent
|
|
|
90
90
|
|
|
91
91
|
def handle_event(event)
|
|
92
92
|
if event_handlers[event[:what]]
|
|
93
|
-
|
|
93
|
+
type = event[:what].to_s.split('_').last.downcase.to_sym
|
|
94
|
+
event_handlers[event[:what]].each{ |handler| handler.call(event[:event_data][type]) }
|
|
94
95
|
true
|
|
95
96
|
else
|
|
96
97
|
false
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: netlink_proc_event
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.
|
|
4
|
+
version: 0.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Christopher Aue
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2015-
|
|
11
|
+
date: 2015-06-14 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: bundler
|
|
@@ -60,6 +60,7 @@ extensions: []
|
|
|
60
60
|
extra_rdoc_files: []
|
|
61
61
|
files:
|
|
62
62
|
- ".gitignore"
|
|
63
|
+
- ".rakeTasks"
|
|
63
64
|
- ".rspec"
|
|
64
65
|
- ".ruby-version"
|
|
65
66
|
- Gemfile
|