vivarium 0.2.0 → 0.3.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (15) hide show
  1. checksums.yaml +4 -4
  2. data/CONTEXT.md +535 -0
  3. data/README.md +2 -2
  4. data/examples/raise_demo.rb +42 -0
  5. data/examples/sudo_attempt_demo.rb +18 -0
  6. data/exe/vivarium +6 -0
  7. data/image.png +0 -0
  8. data/lib/vivarium/cli.rb +40 -0
  9. data/lib/vivarium/correlator.rb +137 -0
  10. data/lib/vivarium/tree_renderer.rb +543 -0
  11. data/lib/vivarium/version.rb +1 -1
  12. data/lib/vivarium.rb +314 -171
  13. data/logo-simple.png +0 -0
  14. metadata +28 -5
  15. data/lib/vivarium/logger.rb +0 -80
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: vivarium
3
3
  version: !ruby/object:Gem::Version
4
- version: 0.2.0
4
+ version: 0.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Uchio Kondo
@@ -15,14 +15,28 @@ dependencies:
15
15
  requirements:
16
16
  - - "~>"
17
17
  - !ruby/object:Gem::Version
18
- version: 0.11.4
18
+ version: 0.11.8
19
19
  type: :runtime
20
20
  prerelease: false
21
21
  version_requirements: !ruby/object:Gem::Requirement
22
22
  requirements:
23
23
  - - "~>"
24
24
  - !ruby/object:Gem::Version
25
- version: 0.11.4
25
+ version: 0.11.8
26
+ - !ruby/object:Gem::Dependency
27
+ name: vivarium_usdt
28
+ requirement: !ruby/object:Gem::Requirement
29
+ requirements:
30
+ - - "~>"
31
+ - !ruby/object:Gem::Version
32
+ version: 0.3.0
33
+ type: :runtime
34
+ prerelease: false
35
+ version_requirements: !ruby/object:Gem::Requirement
36
+ requirements:
37
+ - - "~>"
38
+ - !ruby/object:Gem::Version
39
+ version: 0.3.0
26
40
  - !ruby/object:Gem::Dependency
27
41
  name: ostruct
28
42
  requirement: !ruby/object:Gem::Requirement
@@ -42,21 +56,30 @@ description: Vivarium visualizes low-level events such as file open paths and re
42
56
  email:
43
57
  - udzura@udzura.jp
44
58
  executables:
59
+ - vivarium
45
60
  - vivariumd
46
61
  extensions: []
47
62
  extra_rdoc_files: []
48
63
  files:
64
+ - CONTEXT.md
49
65
  - README.md
50
66
  - Rakefile
51
67
  - examples/execve_demo.rb
52
68
  - examples/file_operation_demo.rb
53
69
  - examples/network_client_demo.rb
54
70
  - examples/privilege_event_demo.rb
71
+ - examples/raise_demo.rb
55
72
  - examples/signal_kill_demo.rb
73
+ - examples/sudo_attempt_demo.rb
74
+ - exe/vivarium
56
75
  - exe/vivariumd
76
+ - image.png
57
77
  - lib/vivarium.rb
58
- - lib/vivarium/logger.rb
78
+ - lib/vivarium/cli.rb
79
+ - lib/vivarium/correlator.rb
80
+ - lib/vivarium/tree_renderer.rb
59
81
  - lib/vivarium/version.rb
82
+ - logo-simple.png
60
83
  - sig/vivarium.rbs
61
84
  homepage: https://github.com/udzura/vivarium
62
85
  licenses: []
@@ -79,7 +102,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
79
102
  - !ruby/object:Gem::Version
80
103
  version: '0'
81
104
  requirements: []
82
- rubygems_version: 4.0.6
105
+ rubygems_version: 4.0.10
83
106
  specification_version: 4
84
107
  summary: Ruby observation and sandbox helper with RbBCC + TracePoint
85
108
  test_files: []
data/lib/vivarium/logger.rb DELETED
@@ -1,80 +0,0 @@
1
- # frozen_string_literal: true
2
-
3
- require "json"
4
-
5
- module Vivarium
6
- class Logger
7
- FORMATS = %i[human json].freeze
8
- ANSI_RED = "\e[31m"
9
- ANSI_RESET = "\e[0m"
10
-
11
- # dest: IO object or file path string
12
- # format: :human or :json
13
- # TODO: support flushing in bulk for performance
14
- def initialize(dest: $stdout, format: :human)
15
- @format = format.to_sym
16
- raise ArgumentError, "unknown format: #{@format}; choose from #{FORMATS.join(', ')}" unless FORMATS.include?(@format)
17
-
18
- if dest.is_a?(String)
19
- @io = File.open(dest, "a")
20
- @owned = true
21
- else
22
- @io = dest
23
- @owned = false
24
- end
25
- end
26
-
27
- def log(events, tp, stack)
28
- case @format
29
- when :human then log_human(events, tp, stack)
30
- when :json then log_json(events, tp, stack)
31
- end
32
- @io.flush
33
- end
34
-
35
- def info(message)
36
- @io.puts("[vivarium] #{message}")
37
- @io.flush
38
- end
39
-
40
- def close
41
- @io.close if @owned
42
- end
43
-
44
- private
45
-
46
- def log_human(events, tp, stack)
47
- @io.puts "[vivarium] #{events.size} event(s) at #{tp.defined_class}##{tp.method_id} (#{tp.event})"
48
- @io.puts " location: #{tp.path}:#{tp.lineno}"
49
- events.each do |event|
50
- severity = event.respond_to?(:severity) ? event.severity : Vivarium.event_severity(event.event_name)
51
- line = " ktime_ns=#{event.ktime_ns} pid=#{event.pid} severity=#{severity} #{event.event_name} payload=#{Vivarium.render_event_payload(event)}"
52
- @io.puts(severity == "high" ? "#{ANSI_RED}#{line}#{ANSI_RESET}" : line)
53
- end
54
- @io.puts " stack:"
55
- stack.each do |loc|
56
- @io.puts " #{loc.path}:#{loc.lineno}:in #{loc.base_label}"
57
- end
58
- end
59
-
60
- def log_json(events, tp, stack)
61
- entry = {
62
- at: "#{tp.defined_class}##{tp.method_id}",
63
- event: tp.event.to_s,
64
- path: tp.path,
65
- lineno: tp.lineno,
66
- events: events.map do |e|
67
- {
68
- ktime_ns: e.ktime_ns,
69
- pid: e.pid,
70
- severity: (e.respond_to?(:severity) ? e.severity : Vivarium.event_severity(e.event_name)),
71
- event_name: e.event_name,
72
- payload: Vivarium.render_event_payload(e)
73
- }
74
- end,
75
- stack: stack.map { |loc| "#{loc.path}:#{loc.lineno}:in #{loc.base_label}" }
76
- }
77
- @io.puts JSON.generate(entry)
78
- end
79
- end
80
- end