int create_db() { int i = 0; /* Create store data */ syscheck.fp = OSHash_Create(); if (!syscheck.fp) { ErrorExit("%s: Unable to create syscheck database." ". Exiting.", ARGV0); } if (!OSHash_setSize(syscheck.fp, 2048)) { merror(LIST_ERROR, ARGV0); return (0); } if ((syscheck.dir == NULL) || (syscheck.dir[0] == NULL)) { merror("%s: No directories to check.", ARGV0); return (-1); } merror("%s: INFO: Starting syscheck database (pre-scan).", ARGV0); /* Read all available directories */ __counter = 0; do { if (read_dir(syscheck.dir[i], syscheck.opts[i], syscheck.filerestrict[i]) == 0) { #ifdef WIN32 if (syscheck.opts[i] & CHECK_REALTIME) { realtime_adddir(syscheck.dir[i]); } #endif } i++; } while (syscheck.dir[i] != NULL); #if defined (INOTIFY_ENABLED) || defined (WIN32) if (syscheck.realtime && (syscheck.realtime->fd >= 0)) { verbose("%s: INFO: Real time file monitoring started.", ARGV0); } #endif merror("%s: INFO: Finished creating syscheck database (pre-scan " "completed).", ARGV0); return (0); }
/** int Accumulator_Init() * Starts the Accumulator module. */ int Accumulate_Init() { struct timeval tp; /* Creating store data */ acm_store = OSHash_Create(); if(!acm_store) { merror(LIST_ERROR, ARGV0); return(0); } if(!OSHash_setSize(acm_store, 2048)) { merror(LIST_ERROR, ARGV0); return(0); } /* Default Expiry */ gettimeofday(&tp, NULL); acm_purge_ts = tp.tv_sec; debug1("%s: DEBUG: Accumulator Init completed.", ARGV0); return(1); }
/** int FTS_Init() * Starts the FTS module. */ int FTS_Init() { int fts_list_size; char _line[OS_FLSIZE + 1]; _line[OS_FLSIZE] = '\0'; fts_list = OSList_Create(); if(!fts_list) { merror(LIST_ERROR, ARGV0); return(0); } /* Creating store data */ fts_store = OSHash_Create(); if(!fts_store) { merror(LIST_ERROR, ARGV0); return(0); } if(!OSHash_setSize(fts_store, 2048)) { merror(LIST_ERROR, ARGV0); return(0); } /* Getting default list size */ fts_list_size = getDefine_Int("analysisd", "fts_list_size", 12,512); /* Getting minimum string size */ fts_minsize_for_str = getDefine_Int("analysisd", "fts_min_size_for_str", 6, 128); if(!OSList_SetMaxSize(fts_list, fts_list_size)) { merror(LIST_SIZE_ERROR, ARGV0); return(0); } /* creating fts list */ fp_list = fopen(FTS_QUEUE, "r+"); if(!fp_list) { /* Create the file if we cant open it */ fp_list = fopen(FTS_QUEUE, "w+"); if(fp_list) fclose(fp_list); chmod(FTS_QUEUE, 0777); fp_list = fopen(FTS_QUEUE, "r+"); if(!fp_list) { merror(FOPEN_ERROR, ARGV0, FTS_QUEUE); return(0); } } /* Adding content from the files to memory */ fseek(fp_list, 0, SEEK_SET); while(fgets(_line, OS_FLSIZE , fp_list) != NULL) { char *tmp_s; /* Removing new lines */ tmp_s = strchr(_line, '\n'); if(tmp_s) { *tmp_s = '\0'; } os_strdup(_line, tmp_s); if(OSHash_Add(fts_store, tmp_s, tmp_s) <= 0) { free(tmp_s); merror(LIST_ADD_ERROR, ARGV0); } } /* Creating ignore list */ fp_ignore = fopen(IG_QUEUE, "r+"); if(!fp_ignore) { /* Create the file if we cant open it */ fp_ignore = fopen(IG_QUEUE, "w+"); if(fp_ignore) fclose(fp_ignore); chmod(IG_QUEUE, 0777); fp_ignore = fopen(IG_QUEUE, "r+"); if(!fp_ignore) { merror(FOPEN_ERROR, ARGV0, IG_QUEUE); return(0); } } debug1("%s: DEBUG: FTSInit completed.", ARGV0); return(1); }