From 5d244e33672d0dd29a10c40c923c1decd645a1f7 Mon Sep 17 00:00:00 2001
From: We-unite <3205135446@qq.com>
Date: Mon, 29 Jul 2024 16:12:27 +0800
Subject: bug of fds unfixed

---
 src/deal.go     | 5 ++---
 src/organize.go | 1 +
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/deal.go b/src/deal.go
index 56f6d1d..aaac8c5 100644
--- a/src/deal.go
+++ b/src/deal.go
@@ -4,7 +4,6 @@ import (
 	"fmt"
 	"sync"
 	"syscall"
-	"time"
 
 	"go.mongodb.org/mongo-driver/bson"
 )
@@ -62,7 +61,7 @@ func deal() {
 		case EXECVE:
 			dealExecve(cooked)
 		case PIDEXIT:
-			go deletePid(cooked)
+			deletePid(cooked)
 		case FILEOPEN:
 			fileOpen(cooked)
 		case FILEWRITE:
@@ -74,7 +73,7 @@ func deal() {
 }
 
 func deletePid(cooked Event) {
-	time.Sleep(1 * time.Second)
+	// time.Sleep(1 * time.Second)
 	mongoMutex.Lock()
 	// 先从老爹那里销户
 	pidCol.UpdateOne(bson.M{"pid": cooked.ppid}, bson.M{
diff --git a/src/organize.go b/src/organize.go
index f5c9992..d7a1df1 100644
--- a/src/organize.go
+++ b/src/organize.go
@@ -47,6 +47,7 @@ func orgnaze() {
 			break
 		}
 		rawEvent = raw.(libaudit.RawAuditMessage)
+		fmt.Printf("type=%v msg=%s\n", rawEvent.Type, rawEvent.Data)
 
 		switch rawEvent.Type {
 		case auparse.AUDIT_SYSCALL:
-- 
cgit v1.2.3-70-g09d2