void MonProcessesGatherData(double *cf_this) { Item *userList = NULL; int numProcUsers = 0; int numRootProcs = 0; int numOtherProcs = 0; if (!GatherProcessUsers(&userList, &numProcUsers, &numRootProcs, &numOtherProcs)) { return; } cf_this[ob_users] += numProcUsers; cf_this[ob_rootprocs] += numRootProcs; cf_this[ob_otherprocs] += numOtherProcs; char vbuff[CF_MAXVARSIZE]; xsnprintf(vbuff, sizeof(vbuff), "%s/cf_users", GetStateDir()); MapName(vbuff); RawSaveItemList(userList, vbuff, NewLineMode_Unix); DeleteItemList(userList); Log(LOG_LEVEL_VERBOSE, "(Users,root,other) = (%d,%d,%d)", (int) cf_this[ob_users], (int) cf_this[ob_rootprocs], (int) cf_this[ob_otherprocs]); }
static void tests_setup(void) { xsnprintf(CFWORKDIR, CF_BUFSIZE, "/tmp/mon_processes_test.XXXXXX"); mkdtemp(CFWORKDIR); char buf[CF_BUFSIZE]; xsnprintf(buf, CF_BUFSIZE, "%s", GetStateDir()); mkdir(buf, 0755); }
/** * @return True if the file STATEDIR/am_policy_hub exists */ bool GetAmPolicyHub(void) { char path[CF_BUFSIZE] = { 0 }; snprintf(path, sizeof(path), "%s/am_policy_hub", GetStateDir()); MapName(path); struct stat sb; return stat(path, &sb) == 0; }
static void Nova_DumpSlots(void) { #define MAX_KEY_FILE_SIZE 16384 /* usually around 4000, cannot grow much */ char filename[CF_BUFSIZE]; int i; snprintf(filename, CF_BUFSIZE - 1, "%s%cts_key", GetStateDir(), FILE_SEPARATOR); char file_contents_new[MAX_KEY_FILE_SIZE] = {0}; for (i = 0; i < CF_OBSERVABLES; i++) { char line[CF_MAXVARSIZE]; if (NovaHasSlot(i)) { snprintf(line, sizeof(line), "%d,%s,%s,%s,%.3lf,%.3lf,%d\n", i, NULLStringToEmpty((char*)NovaGetSlotName(i)), NULLStringToEmpty((char*)NovaGetSlotDescription(i)), NULLStringToEmpty((char*)NovaGetSlotUnits(i)), NovaGetSlotExpectedMinimum(i), NovaGetSlotExpectedMaximum(i), NovaIsSlotConsolidable(i) ? 1 : 0); } else { snprintf(line, sizeof(line), "%d,spare,unused\n", i); } strlcat(file_contents_new, line, sizeof(file_contents_new)); } bool contents_changed = true; Writer *w = FileRead(filename, MAX_KEY_FILE_SIZE, NULL); if (w) { if(strcmp(StringWriterData(w), file_contents_new) == 0) { contents_changed = false; } WriterClose(w); } if(contents_changed) { Log(LOG_LEVEL_VERBOSE, "Updating %s with new slot information", filename); if(!FileWriteOver(filename, file_contents_new)) { Log(LOG_LEVEL_ERR, "Nova_DumpSlots: Could not write file '%s'. (FileWriteOver: %s)", filename, GetErrorStr()); } } chmod(filename, 0600); }
static void SaveTCPEntropyData(Item *list, int i, char *inout) { Item *ip; FILE *fp; char filename[CF_BUFSIZE]; Log(LOG_LEVEL_VERBOSE, "TCP Save '%s'", TCPNAMES[i]); if (list == NULL) { Log(LOG_LEVEL_VERBOSE, "No %s-%s events", TCPNAMES[i], inout); return; } if (strncmp(inout, "in", 2) == 0) { snprintf(filename, CF_BUFSIZE, "%s%ccf_incoming.%s", GetStateDir(), FILE_SEPARATOR, TCPNAMES[i]); } else { snprintf(filename, CF_BUFSIZE, "%s%ccf_outgoing.%s", GetStateDir(), FILE_SEPARATOR, TCPNAMES[i]); } Log(LOG_LEVEL_VERBOSE, "TCP Save '%s'", filename); if ((fp = fopen(filename, "w")) == NULL) { Log(LOG_LEVEL_ERR, "Couldn't save TCP entropy to '%s' (fopen: %s)", filename, GetErrorStr()); return; } for (ip = list; ip != NULL; ip = ip->next) { fprintf(fp, "%d %s\n", ip->counter, ip->name); } fclose(fp); }
void MonNetworkSnifferGatherData(void) { int i; char vbuff[CF_BUFSIZE]; const char* const statedir = GetStateDir(); for (i = 0; i < CF_NETATTR; i++) { struct stat statbuf; double entropy; time_t now = time(NULL); Log(LOG_LEVEL_DEBUG, "save incoming '%s'", TCPNAMES[i]); snprintf(vbuff, CF_MAXVARSIZE, "%s%ccf_incoming.%s", statedir, FILE_SEPARATOR, TCPNAMES[i]); if (stat(vbuff, &statbuf) != -1) { if (ItemListSize(NETIN_DIST[i]) < statbuf.st_size && now < statbuf.st_mtime + 40 * 60) { Log(LOG_LEVEL_VERBOSE, "New state %s is smaller, retaining old for 40 mins longer", TCPNAMES[i]); DeleteItemList(NETIN_DIST[i]); NETIN_DIST[i] = NULL; continue; } } SaveTCPEntropyData(NETIN_DIST[i], i, "in"); entropy = MonEntropyCalculate(NETIN_DIST[i]); MonEntropyClassesSet(TCPNAMES[i], "in", entropy); DeleteItemList(NETIN_DIST[i]); NETIN_DIST[i] = NULL; } for (i = 0; i < CF_NETATTR; i++) { struct stat statbuf; double entropy; time_t now = time(NULL); Log(LOG_LEVEL_DEBUG, "save outgoing '%s'", TCPNAMES[i]); snprintf(vbuff, CF_MAXVARSIZE, "%s%ccf_outgoing.%s", statedir, FILE_SEPARATOR, TCPNAMES[i]); if (stat(vbuff, &statbuf) != -1) { if (ItemListSize(NETOUT_DIST[i]) < statbuf.st_size && now < statbuf.st_mtime + 40 * 60) { Log(LOG_LEVEL_VERBOSE, "New state '%s' is smaller, retaining old for 40 mins longer", TCPNAMES[i]); DeleteItemList(NETOUT_DIST[i]); NETOUT_DIST[i] = NULL; continue; } } SaveTCPEntropyData(NETOUT_DIST[i], i, "out"); entropy = MonEntropyCalculate(NETOUT_DIST[i]); MonEntropyClassesSet(TCPNAMES[i], "out", entropy); DeleteItemList(NETOUT_DIST[i]); NETOUT_DIST[i] = NULL; } }
/* Buffer should be at least CF_MAXVARSIZE large */ const char *GetSoftwarePatchesFilename(char *buffer) { snprintf(buffer, CF_MAXVARSIZE, "%s/%s", GetStateDir(), SOFTWARE_PATCHES_CACHE); MapName(buffer); return buffer; }
int LoadProcessTable() { FILE *prp; char pscomm[CF_MAXLINKSIZE]; Item *rootprocs = NULL; Item *otherprocs = NULL; if (PROCESSTABLE) { Log(LOG_LEVEL_VERBOSE, "Reusing cached process table"); return true; } LoadPlatformExtraTable(); CheckPsLineLimitations(); const char *psopts = GetProcessOptions(); snprintf(pscomm, CF_MAXLINKSIZE, "%s %s", VPSCOMM[VPSHARDCLASS], psopts); Log(LOG_LEVEL_VERBOSE, "Observe process table with %s", pscomm); if ((prp = cf_popen(pscomm, "r", false)) == NULL) { Log(LOG_LEVEL_ERR, "Couldn't open the process list with command '%s'. (popen: %s)", pscomm, GetErrorStr()); return false; } size_t vbuff_size = CF_BUFSIZE; char *vbuff = xmalloc(vbuff_size); # ifdef HAVE_GETZONEID char *names[CF_PROCCOLS]; int start[CF_PROCCOLS]; int end[CF_PROCCOLS]; Seq *pidlist = SeqNew(1, NULL); Seq *rootpidlist = SeqNew(1, NULL); bool global_zone = IsGlobalZone(); if (global_zone) { int res = ZLoadProcesstable(pidlist, rootpidlist); if (res == false) { Log(LOG_LEVEL_ERR, "Unable to load solaris zone process table."); return false; } } # endif ARG_UNUSED bool header = true; /* used only if HAVE_GETZONEID */ for (;;) { ssize_t res = CfReadLine(&vbuff, &vbuff_size, prp); if (res == -1) { if (!feof(prp)) { Log(LOG_LEVEL_ERR, "Unable to read process list with command '%s'. (fread: %s)", pscomm, GetErrorStr()); cf_pclose(prp); free(vbuff); return false; } else { break; } } Chop(vbuff, vbuff_size); # ifdef HAVE_GETZONEID if (global_zone) { if (header) { /* this is the banner so get the column header names for later use*/ GetProcessColumnNames(vbuff, &names[0], start, end); } else { int gpid = ExtractPid(vbuff, names, end); if (!IsGlobalProcess(gpid, pidlist, rootpidlist)) { continue; } } } # endif AppendItem(&PROCESSTABLE, vbuff, ""); header = false; } cf_pclose(prp); /* Now save the data */ const char* const statedir = GetStateDir(); snprintf(vbuff, CF_MAXVARSIZE, "%s%ccf_procs", statedir, FILE_SEPARATOR); RawSaveItemList(PROCESSTABLE, vbuff, NewLineMode_Unix); # ifdef HAVE_GETZONEID if (global_zone) /* pidlist and rootpidlist are empty if we're not in the global zone */ { Item *ip = PROCESSTABLE; while (ip != NULL) { ZCopyProcessList(&rootprocs, ip, rootpidlist, names, end); ip = ip->next; } ReverseItemList(rootprocs); ip = PROCESSTABLE; while (ip != NULL) { ZCopyProcessList(&otherprocs, ip, pidlist, names, end); ip = ip->next; } ReverseItemList(otherprocs); } else # endif { CopyList(&rootprocs, PROCESSTABLE); CopyList(&otherprocs, PROCESSTABLE); while (DeleteItemNotContaining(&rootprocs, "root")) { } while (DeleteItemContaining(&otherprocs, "root")) { } } if (otherprocs) { PrependItem(&rootprocs, otherprocs->name, NULL); } snprintf(vbuff, CF_MAXVARSIZE, "%s%ccf_rootprocs", statedir, FILE_SEPARATOR); RawSaveItemList(rootprocs, vbuff, NewLineMode_Unix); DeleteItemList(rootprocs); snprintf(vbuff, CF_MAXVARSIZE, "%s%ccf_otherprocs", statedir, FILE_SEPARATOR); RawSaveItemList(otherprocs, vbuff, NewLineMode_Unix); DeleteItemList(otherprocs); free(vbuff); return true; }
void GenericAgentInitialize(EvalContext *ctx, GenericAgentConfig *config) { int force = false; struct stat statbuf, sb; char vbuff[CF_BUFSIZE]; char ebuff[CF_EXPANDSIZE]; #ifdef __MINGW32__ InitializeWindows(); #endif DetermineCfenginePort(); EvalContextClassPutHard(ctx, "any", "source=agent"); GenericAgentAddEditionClasses(ctx); /* Define trusted directories */ const char *workdir = GetWorkDir(); if (!workdir) { FatalError(ctx, "Error determining working directory"); } OpenLog(LOG_USER); SetSyslogFacility(LOG_USER); Log(LOG_LEVEL_VERBOSE, "Work directory is %s", workdir); snprintf(vbuff, CF_BUFSIZE, "%s%cupdate.conf", GetInputDir(), FILE_SEPARATOR); MakeParentDirectory(vbuff, force); snprintf(vbuff, CF_BUFSIZE, "%s%cbin%ccf-agent -D from_cfexecd", workdir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(vbuff, force); snprintf(vbuff, CF_BUFSIZE, "%s%coutputs%cspooled_reports", workdir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(vbuff, force); snprintf(vbuff, CF_BUFSIZE, "%s%clastseen%cintermittencies", workdir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(vbuff, force); snprintf(vbuff, CF_BUFSIZE, "%s%creports%cvarious", workdir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(vbuff, force); snprintf(vbuff, CF_BUFSIZE, "%s%c.", GetLogDir(), FILE_SEPARATOR); MakeParentDirectory(vbuff, force); snprintf(vbuff, CF_BUFSIZE, "%s%c.", GetPidDir(), FILE_SEPARATOR); MakeParentDirectory(vbuff, force); snprintf(vbuff, CF_BUFSIZE, "%s%c.", GetStateDir(), FILE_SEPARATOR); MakeParentDirectory(vbuff, force); MakeParentDirectory(GetLogDir(), force); snprintf(vbuff, CF_BUFSIZE, "%s", GetInputDir()); if (stat(vbuff, &sb) == -1) { FatalError(ctx, " No access to WORKSPACE/inputs dir"); } /* ensure WORKSPACE/inputs directory has all user bits set (u+rwx) */ if ((sb.st_mode & 0700) != 0700) { chmod(vbuff, sb.st_mode | 0700); } snprintf(vbuff, CF_BUFSIZE, "%s%coutputs", workdir, FILE_SEPARATOR); if (stat(vbuff, &sb) == -1) { FatalError(ctx, " No access to WORKSPACE/outputs dir"); } /* ensure WORKSPACE/outputs directory has all user bits set (u+rwx) */ if ((sb.st_mode & 0700) != 0700) { chmod(vbuff, sb.st_mode | 0700); } const char* const statedir = GetStateDir(); snprintf(ebuff, sizeof(ebuff), "%s%ccf_procs", statedir, FILE_SEPARATOR); MakeParentDirectory(ebuff, force); if (stat(ebuff, &statbuf) == -1) { CreateEmptyFile(ebuff); } snprintf(ebuff, sizeof(ebuff), "%s%ccf_rootprocs", statedir, FILE_SEPARATOR); if (stat(ebuff, &statbuf) == -1) { CreateEmptyFile(ebuff); } snprintf(ebuff, sizeof(ebuff), "%s%ccf_otherprocs", statedir, FILE_SEPARATOR); if (stat(ebuff, &statbuf) == -1) { CreateEmptyFile(ebuff); } snprintf(ebuff, sizeof(ebuff), "%s%cprevious_state%c", statedir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(ebuff, force); snprintf(ebuff, sizeof(ebuff), "%s%cdiff%c", statedir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(ebuff, force); snprintf(ebuff, sizeof(ebuff), "%s%cuntracked%c", statedir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(ebuff, force); snprintf(ebuff, sizeof(ebuff), "%s%cpromise_log%c", statedir, FILE_SEPARATOR, FILE_SEPARATOR); MakeParentDirectory(ebuff, force); OpenNetwork(); CryptoInitialize(); CheckWorkingDirectories(ctx); /* Initialize keys and networking. cf-key, doesn't need keys. In fact it must function properly even without them, so that it generates them! */ if (config->agent_type != AGENT_TYPE_KEYGEN) { LoadSecretKeys(); char *bootstrapped_policy_server = ReadPolicyServerFile(workdir); PolicyHubUpdateKeys(bootstrapped_policy_server); free(bootstrapped_policy_server); } size_t cwd_size = PATH_MAX; while (true) { char cwd[cwd_size]; if (!getcwd(cwd, cwd_size)) { if (errno == ERANGE) { cwd_size *= 2; continue; } else { Log(LOG_LEVEL_WARNING, "Could not determine current directory (getcwd: %s)", GetErrorStr()); break; } } EvalContextSetLaunchDirectory(ctx, cwd); break; } if (!MINUSF) { GenericAgentConfigSetInputFile(config, GetInputDir(), "promises.cf"); } setlinebuf(stdout); if (config->agent_specific.agent.bootstrap_policy_server) { snprintf(vbuff, CF_BUFSIZE, "%s%cfailsafe.cf", GetInputDir(), FILE_SEPARATOR); if (stat(vbuff, &statbuf) == -1) { GenericAgentConfigSetInputFile(config, GetInputDir(), "failsafe.cf"); } else { GenericAgentConfigSetInputFile(config, GetInputDir(), vbuff); } } }
/** * @brief Set the STATEDIR/am_policy_hub marker file. * @param am_policy_hub If true, create marker file. If false, delete it. * @return True if successful */ static char *AmPolicyHubFilename(void) { return StringFormat("%s%cam_policy_hub", GetStateDir(), FILE_SEPARATOR); }
static BOOL Directories_OnInitDialog(HWND hDlg, HWND hwndFocus, LPARAM lParam) { RECT rectClient; LVCOLUMN LVCol; char* token; char buf[MAX_PATH * MAX_DIRS]; int i; pDirInfo = (struct tDirInfo*) malloc(sizeof(struct tDirInfo)); if (pDirInfo == NULL) /* bummer */ { EndDialog(hDlg, -1); return FALSE; } for (i = LASTDIR - 1; i >= 0; i--) { ComboBox_InsertString(GetDlgItem(hDlg, IDC_DIR_COMBO), 0, dir_names[i]); } ComboBox_SetCurSel(GetDlgItem(hDlg, IDC_DIR_COMBO), 0); GetClientRect(GetDlgItem(hDlg, IDC_DIR_LIST), &rectClient); memset(&LVCol, 0, sizeof(LVCOLUMN)); LVCol.mask = LVCF_WIDTH; LVCol.cx = rectClient.right - rectClient.left - GetSystemMetrics(SM_CXHSCROLL); ListView_InsertColumn(GetDlgItem(hDlg, IDC_DIR_LIST), 0, &LVCol); /* Keep a temporary copy of the directory strings in pDirInfo. */ memset(pDirInfo, 0, sizeof(struct tDirInfo)); strcpy(buf, GetRomDirs()); pDirInfo->m_Paths[ROM].m_NumDirectories = 0; token = strtok(buf, ";"); while ((DirInfo_NumDir(pDirInfo, ROM) < MAX_DIRS) && token) { strcpy(DirInfo_Path(pDirInfo, ROM, DirInfo_NumDir(pDirInfo, ROM)), token); DirInfo_NumDir(pDirInfo, ROM)++; token = strtok(NULL, ";"); } pDirInfo->m_Paths[ROM].m_bModified = FALSE; strcpy(buf, GetSampleDirs()); pDirInfo->m_Paths[SAMPLE].m_NumDirectories = 0; token = strtok(buf, ";"); while ((DirInfo_NumDir(pDirInfo, SAMPLE) < MAX_DIRS) && token) { strcpy(DirInfo_Path(pDirInfo, SAMPLE, DirInfo_NumDir(pDirInfo, SAMPLE)), token); DirInfo_NumDir(pDirInfo, SAMPLE)++; token = strtok(NULL, ";"); } pDirInfo->m_Paths[SAMPLE].m_bModified = FALSE; strcpy(DirInfo_Dir(pDirInfo, CFG), GetCfgDir()); strcpy(DirInfo_Dir(pDirInfo, HI), GetHiDir()); strcpy(DirInfo_Dir(pDirInfo, IMG), GetImgDir()); strcpy(DirInfo_Dir(pDirInfo, INP), GetInpDir()); strcpy(DirInfo_Dir(pDirInfo, STATE), GetStateDir()); strcpy(DirInfo_Dir(pDirInfo, ART), GetArtDir()); strcpy(DirInfo_Dir(pDirInfo, MEMCARD), GetMemcardDir()); strcpy(DirInfo_Dir(pDirInfo, FLYER), GetFlyerDir()); strcpy(DirInfo_Dir(pDirInfo, CABINET), GetCabinetDir()); strcpy(DirInfo_Dir(pDirInfo, NVRAM), GetNvramDir()); UpdateDirectoryList(hDlg); return TRUE; }