API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Apr 16th, 2014
53
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.94 KB | None | 0 0
raw download clone embed print report
  1. /*
  2. Technical details:
  3.  
  4. Fanotify is a system for handle file system actions, default in Linux kernel since 2.6.
  5. */
  6.  
  7. #define _GNU_SOURCE
  8. #define _ATFILE_SOURCE
  9. #include <linux/fanotify.h>
  10. #include <errno.h>
  11. #include <inttypes.h>
  12. #include <fcntl.h>
  13. #include <linux/limits.h>
  14. #include <signal.h>
  15. #include <string.h>
  16. #include <stdio.h>
  17. #include <stdlib.h>
  18. #include <unistd.h>
  19.  
  20. //#define FANOTIFY_ARGUMENTS "cdfhmnp"
  21. int fan_fd;
  22.  
  23. /* Mark a object */
  24. int mark_object(int fan_fd, const char *path, int fd, uint64_t mask, unsigned int flags)
  25. {
  26. return fanotify_mark(fan_fd, flags, mask, fd, path);
  27. }
  28.  
  29. /* Usage */
  30. int usage(char** file[])
  31. {
  32. fprintf(stdout, "Application for deny acess to your files.nUsage: %s [file]n", file[0]);
  33. }
  34.  
  35. /* Main */
  36. int main(int argc, char** argv[])
  37. {
  38. /* Check for arguments.. */
  39. if(argc != 2) // if user not give file argument
  40. {
  41. usage(argv);
  42. return 1;
  43. }
  44. /* Fanotify options */
  45. uint64_t fan_mask = FAN_OPEN | FAN_CLOSE | FAN_ACCESS | FAN_MODIFY | FAN_EVENT_ON_CHILD | FAN_ALL_PERM_EVENTS;
  46. unsigned int mark_flags = FAN_MARK_ADD, init_flags = 0;
  47. /* Other declarations */
  48. ssize_t len;
  49. char buf[4096];
  50. fd_set rfds;
  51. /* Initalize Fanotify */
  52. if(fan_mask & FAN_ALL_PERM_EVENTS)
  53. init_flags |= FAN_CLASS_CONTENT;
  54. else
  55. init_flags |= FAN_CLASS_NOTIF;
  56. fan_fd = fanotify_init(init_flags, O_RDONLY | O_LARGEFILE);
  57. if(fan_fd < 0)
  58. {
  59. goto fail;
  60. }
  61. /* Mark object/Initalize object control with Fanotify */
  62. for(; optind < argc; optind++)
  63. {
  64. if(mark_object(fan_fd, argv[optind], AT_FDCWD, fan_mask, mark_flags) != 0)
  65. {
  66. //fprintf(stderr, "Can`t set Fanotify on this file '%s'!", argv[optind]);
  67. goto fail;
  68. //return 1;
  69. }
  70. }
  71. /* Restore fan_fd variable */
  72. FD_ZERO(&rfds);
  73. FD_SET(fan_fd, &rfds);
  74. /* Loop for start another loop for check fanotify events */
  75. while((len = read(fan_fd, buf, sizeof(buf))) > 0)
  76. {
  77. /* Declarations */
  78. struct fanotify_event_metadata *metadata;
  79. struct fanotify_response response;
  80. char path[PATH_MAX];
  81. int path_len;
  82. metadata = (void *)buf;
  83.  
  84. /* New loop for check fanotify events */
  85. while(FAN_EVENT_OK(metadata, len))
  86. {
  87. /* Check if fanotify version are too old */
  88. if(metadata->vers < 2)
  89. {
  90. fprintf(stderr, "Kernel fanotify version too oldn");
  91. return 1;
  92. }
  93. /* Get path that acesser trys */
  94. if(metadata->fd >= 0)
  95. {
  96. sprintf(path, "/proc/self/fd/%d", metadata->fd);
  97. path_len = readlink(path, path, sizeof(path)-1);
  98. if(path_len < 0)
  99. goto fail;
  100. path[path_len] = '';
  101. fprintf(stdout, "%s:", path);
  102. }
  103. /* Can`t get path */
  104. else
  105. {
  106. fprintf(stdout, "?:");
  107. }
  108. if(!strcmp(path, argv[1]))
  109. {
  110. response.fd = metadata->fd;
  111. response.response = FAN_DENY;
  112. write(fan_fd, &response, sizeof(struct fanotify_response));
  113. }
  114. /* Pid of acesser */
  115. fprintf(stdout, " pid=%ld", (long)metadata->pid);
  116. /* Check actions by acesser and kill acesser */
  117. if(metadata->mask & FAN_ACCESS)
  118. {
  119. fprintf(stdout, " access");
  120. if(!strcmp(path, argv[1]))
  121. {
  122. response.fd = metadata->fd;
  123. response.response = FAN_DENY;
  124. write(fan_fd, &response, sizeof(struct fanotify_response));
  125. }
  126. }
  127. if(metadata->mask & FAN_OPEN)
  128. {
  129. fprintf(stdout, " open");
  130. if(!strcmp(path, argv[1]))
  131. {
  132. response.fd = metadata->fd;
  133. response.response = FAN_DENY;
  134. write(fan_fd, &response, sizeof(struct fanotify_response));
  135. }
  136. }
  137. if(metadata->mask & FAN_MODIFY)
  138. {
  139. fprintf(stdout, " modify");
  140. if(!strcmp(path, argv[1]))
  141. {
  142. response.fd = metadata->fd;
  143. response.response = FAN_DENY;
  144. write(fan_fd, &response, sizeof(struct fanotify_response));
  145. }
  146. }
  147. if(metadata->mask & FAN_CLOSE)
  148. {
  149. if(metadata->mask & FAN_CLOSE_WRITE)
  150. fprintf(stdout, " close(writable)");
  151. }
  152. /* Setup the output */
  153. fprintf(stdout, "n");
  154. fflush(stdout);
  155. /* Check for internal error */
  156. if(metadata->fd >= 0 && close(metadata->fd) != 0)
  157. {
  158. goto fail;
  159. }
  160. /* Next fanotify event.. */
  161. metadata = FAN_EVENT_NEXT(metadata, len);
  162. } // end of loop 2
  163. } // end of loop 1
  164.  
  165. /* Check for len error */
  166. if(len < 0)
  167. {
  168. goto fail;
  169. }
  170. /* Declare fail */
  171. fail:
  172. fprintf(stderr, "%sn", strerror(errno));
  173. return 1;
  174. /* Quit */
  175. return 0;
  176. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!