Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
Here's the problem:
I have a file on a server, which needs to have a certain set of permissions, say 644. From time to time some process changes the permissions to 600, and I don't know which. How do I catch it in the act?
For this sort of problems and other similar ones, I am looking for a set of system libraries (I think) which I can insert in front of the normal ones, which do pretty much the same as the normal libraries, except that they in some way log the calls made along with timestamp and the name of the perpetrator. Are there any tools - libraries, whatever - that provide this?
First of all you need to identify by which program this is being changed. To do that you could use SElinux, some linux distribution (if not all) have it's setting in the /etc/selinux where you can define rules for what's allowed. Violations for the rules will be denied, but also failed attempts will be logged (so this both gets rid of the symptoms as well as point to the cause).
For more information about SElinux I'd suggest you ask on Unix/Linux exchange.
Next step if it's your own program would probably be to run it under gdb and put a conditional breakpoint at the chmod function. You also have functionality in gdb just to do a printout from the breakpoint and continue which would allow the program to run almost normally, but get printouts for every file that is chmoded.
This is the kind of thing auditing was designed to do.
See How can I audit all chmod and chgrp commands? for an example that probably qualifies as a duplicate of your question.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 5 years ago.
Improve this question
Can you give me a simplest method to check the Internet availability using a C program in Linux?
I have implemented a program to run the system command 'traceroute' in C. Before this I have to check whether the Internet connection is available or not. So can you suggest a method?
Short answer: no. Neither C nor C++ has direct knowledge of networking, or any built-in networking functions.
Depending on what 3rd-party libraries you are using, there may be something you can use, but that depends on the library, it isn't directly part of C.
I can imagine there are libraries out there that might try to ping some internal/external address, perform a name lookup, etc. But if you're on an isolated network, not having the ability to ping, lookup, or cross a firewall to get to a certain location may be perfectly valid, and doesn't indicate a networking problem.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 6 years ago.
Improve this question
Background / Context: I am developing a Linux NAS Server (Like FreeNAS or Rockstor) using Golang, the particular features will be a JSON-REST API so that you can interact with LVM2, shares, packages, etc.
Question: With respect to security, performance, and development time, what are the advantages / disadvantages / best practices of implmenting spawned processes or using a native library for certain features for a program?
Example: For my particular use case, the NAS management system will be using LVM2 to manage volumes. However you can use the CLI to manipulate volumes or you can attempt to use the LVM2 native C API and merge it with Golangs cgo package.
EDIT: Rephrased my question / information.
There are two things that may make using exec in the different variants a nogo: security and speed.
Security: If you shell out with system() or friends, you must be absolutely certain that you don't include any strings in the command that may do funny stuff with your command line. It's the same basic problem as SQL code injection, just at a much lower and even more disastrous layer (obligatory XKCD, just replace "'); DROP TABLE Students;--" with valid sh code along the lines of '"; echo "pwnd', well, you get the idea).
Speed: When you shell out to an existing program, you create a new process, and that may be the performance hit you cannot tolerate. It's perfectly ok if the task for which you shell out takes more than a few milliseconds (process creation is somewhere in the range of a millisecond on linux), but if you want more than a thousand calls per second, you definitely need to avoid this overhead.
If these two points are taken care of or proven to be non-issues, then it's perfectly ok to shell out to other processes.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
Just for self education I decided to implement "hello world" distributed file system. The simplest one. And decide to read about theory under this subject.
But... when I asking google about this it shows answers like "how to configure hdfs" or "how to set distributed fs on windows" what is not what I interested in...
Could someone please point me on some good articles or books on this subject.
Thanks a lot!
Well, if you really decided to implement such a file system, you must start with distributed systems. I recommend reading the Tanenbaum reference book http://www.distributed-systems.net/index.php?id=distributed-systems-principles-and-paradigms
Careful, the subject is really complex and distributed systems are all but simple to implement.
If you want to have a look to some already implemented distributed file systems, you may have a look to GFS/GFS2 (from RedHat). You may also have a look to ocfs2 from oracle.
You may also have a look to gluster https://fr.wikipedia.org/wiki/GlusterFS
You may also be able to find some white papers on the google file system (when it was still a university work).
The main problem of such distributed system is the failure detection (detect when a node crashes while writing on the file system => need to make sure there are no corruptions). There are multiple strategy, one may be to implement a journal which is protected by a distributed lock.
Another great (classical) problem is the 'split brain' problem, when the cluster is split in two groups because of a network failure (imagine a switch that is broken). Both groups 'think' that the other one is dead (they cannot communicate with it) but there is no way to make sure that the distant group is not writing data causing the data to diverge.
Hope you find what you want with all this.
Edit:
Now GFS is deprecated, redhat is using and developing 'Ceph'
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
I've got a project where I want to do some stuff that would be trivial in bash but where I want/need a binary with has zero external dependencies. So, has anyone written a self contained lib (i.e. not a wrapper around system()) that lets you do bash like stuff from inside C?
Off hand, the things I expect to need are: cp, rm, wget, tftp, ar, tar, guzip and maybe dpkg but I think I can side step that one.
To answer the comments: I'm looking for something along the lines of a statically linked busy-box but where I don't need a shell file as a program for it and where things I don't use automatically don't even get linked in.
You need busybox.
I fully agree with Busybox. Additionally, if you get the source code for dpkg, you'll find a small library inside that gives you access to most of its functionality.
You have a lot of custom requirements, and as you say, you don't want "things I don't use don't even get[ting] linked in", so you're going to have to do a lot of hand-hacking.
If you compile all the external dependencies into object files, you should be able to link them in to your own tool (assuming no namespace conflicts; a big assumption, but not too bad if you're careful), you should be able to do it if you just excise their main() functions.
In fact, for the dependencies, you can probably even just rename their main(), and have the tool available to you as if you were calling it from the command-line yourself, by packing their argc/argv, though this would likely have some overhead, rather than calling the individual functions yourself.
The aforementioned busybox already offers all the features you require (even tar and wget) except for dpkg, and since there's already a lib for that, I'd say you're well on your way.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 7 years ago.
Improve this question
We use a home-grown Registration System for our software but I'd like to update it fixing a number of things including adding the ability to remotely activate/deactivate it (to facilitate Saas).
Feel free to suggest any good (in your opinion) VB6- compatible option. I can check out whether it meets our other criteria below.
Required Features:
Activate multiple programs (Ok if it generates a separate code for each one)
Works with VB6 and VB.net. A VB6-compatible DLL should be fine.
Still supported (nice to have but not absolutely required
Compatible with Windows 2000 through 7.
Nice-to-have features (but not required)
* Work without internet access
* Works through a firewall (this may be a tough one)
Any suggestions?
Check out ActiveX control: http://www.aztechsoft.com/timelock.htm
A little old school, but you should be able to wrap it in a .NET container using Interop.
I found a list of Licensing systems. I'll go through each one to evaluate them:
http://software-licensing.qarchive.org/