aboutsummaryrefslogtreecommitdiffstats
path: root/src/godo.go
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/godo.go6
1 files changed, 3 insertions, 3 deletions
diff --git a/src/godo.go b/src/godo.go
index 77e677c..923ef85 100644
--- a/src/godo.go
+++ b/src/godo.go
@@ -44,14 +44,14 @@ func main() {
44 var auditCmd *exec.Cmd 44 var auditCmd *exec.Cmd
45 45
46 pidSyscall := []string{"execve"} 46 pidSyscall := []string{"execve"}
47 // 设置监听规则 47 // // 设置监听规则
48 for i := 0; i < len(pidSyscall); i++ { 48 for i := 0; i < len(pidSyscall); i++ {
49 auditCmd = exec.Command("auditctl", "-a", "exit,always", "-F", "arch=b64", "-S", pidSyscall[i]) 49 auditCmd = exec.Command("auditctl", "-a", "exit,always", "-F", "arch=b64", "-S", pidSyscall[i])
50 auditCmd.Run() 50 auditCmd.Run()
51 } 51 }
52 52
53 // 监听文件的消息 53 // 监听文件的消息
54 fileSyscall := []string{"open", "write", "close"} 54 fileSyscall := []string{"open", "close", "write"}
55 // fileSyscall := []string{"open", "write", "creat", "unlink", "opendir", "mkdir", "rmdir", "chmod", "fchmod", "chown", "fchown", "lchown", "flock"} 55 // fileSyscall := []string{"open", "write", "creat", "unlink", "opendir", "mkdir", "rmdir", "chmod", "fchmod", "chown", "fchown", "lchown", "flock"}
56 for i := 0; i < len(fileSyscall); i++ { 56 for i := 0; i < len(fileSyscall); i++ {
57 auditCmd = exec.Command("auditctl", "-a", "exit,always", "-F", "arch=b64", "-S", fileSyscall[i]) 57 auditCmd = exec.Command("auditctl", "-a", "exit,always", "-F", "arch=b64", "-S", fileSyscall[i])
@@ -106,7 +106,7 @@ func procWatch() error {
106 } 106 }
107 defer ns.Close() 107 defer ns.Close()
108 for { 108 for {
109 res, err := ns.Receive() 109 res, err := ns.Receive(20)
110 if err != nil { 110 if err != nil {
111 fmt.Printf("Error recv: %v\n", err) 111 fmt.Printf("Error recv: %v\n", err)
112 continue 112 continue