Exemple #1
0
 private File createFileVertex(String path) {
   File fileVertex = new File();
   java.io.File file = new java.io.File(path);
   fileVertex.addAnnotation("filename", file.getName());
   fileVertex.addAnnotation("path", path);
   long filesize = file.length();
   long lastmodified = file.lastModified();
   fileVertex.addAnnotation("size", Long.toString(filesize));
   String lastmodified_readable =
       new java.text.SimpleDateFormat(simpleDatePattern).format(new java.util.Date(lastmodified));
   fileVertex.addAnnotation("lastmodified_unix", Long.toString(lastmodified));
   fileVertex.addAnnotation("lastmodified_simple", lastmodified_readable);
   return fileVertex;
 }
Exemple #2
0
 /**
  * Rename event triggered by FUSE.
  *
  * @param pid PID of the triggering process.
  * @param iotime IO time of the operation.
  * @param pathfrom The source path.
  * @param pathto The destination path.
  * @param link An integer used to indicate whether the target was a link or not.
  * @param done An intiger used to indicate whether this event was triggered before or after the
  *     rename operation.
  */
 public void rename(int pid, int iotime, String pathfrom, String pathto, int link, int done) {
   checkProgramTree(Integer.toString(pid));
   pathfrom = sanitizePath(pathfrom);
   pathto = sanitizePath(pathto);
   long now = System.currentTimeMillis();
   // 'done' is used to indicate whether this is a pre-rename or a post-rename
   // call. In pre-rename, a Used edge is created from the process to the old
   // file. In post-rename, a WasGeneratedBy edge is created from the process
   // to the new file and a WasDerivedEdge created between the two file
   // artifacts.
   if (done == 0) {
     // Create file artifact depending on whether this is a link or not.
     // Link artifacts are created differently to avoid recursion that may
     // cause FUSE to crash.
     File fileVertex = (link == 1) ? createLinkVertex(pathfrom) : createFileVertex(pathfrom);
     putVertex(fileVertex);
     // Put the file artifact in the localCache to be removed on post-rename.
     localCache.put(pathfrom, fileVertex);
     Used edge = new Used((Program) localCache.get(Integer.toString(pid)), fileVertex);
     edge.addAnnotation("endtime", Long.toString(now));
     putEdge(edge);
   } else {
     // Create file artifact depending on whether this is a link or not.
     // Link artifacts are created differently to avoid recursion that may
     // cause FUSE to crash.
     File fileVertex = (link == 1 ? createLinkVertex(pathto) : createFileVertex(pathto));
     putVertex(fileVertex);
     WasGeneratedBy writeEdge =
         new WasGeneratedBy(fileVertex, (Program) localCache.get(Integer.toString(pid)));
     writeEdge.addAnnotation("endtime", Long.toString(now));
     putEdge(writeEdge);
     WasDerivedFrom renameEdge =
         new WasDerivedFrom(fileVertex, (File) localCache.remove(pathfrom));
     renameEdge.addAnnotation("iotime", Integer.toString(iotime));
     renameEdge.addAnnotation("endtime", Long.toString(now));
     renameEdge.addAnnotation("operation", "rename");
     putEdge(renameEdge);
     if (links.containsKey(pathfrom)) {
       // If the rename is on a link then update the link name.
       String linkedLocation = links.get(pathfrom);
       links.remove(pathfrom);
       links.put(pathto, linkedLocation);
     }
   }
 }
Exemple #3
0
 /**
  * Link event triggered by FUSE.
  *
  * @param pid PID of the triggering process.
  * @param originalFilePath The original file path.
  * @param linkPath Path to link to.
  */
 public void link(int pid, String originalFilePath, String linkPath) {
   checkProgramTree(Integer.toString(pid));
   originalFilePath = sanitizePath(originalFilePath);
   linkPath = sanitizePath(linkPath);
   long now = System.currentTimeMillis();
   File link = createLinkVertex(linkPath);
   putVertex(link);
   File original = createFileVertex(originalFilePath);
   putVertex(original);
   WasDerivedFrom linkEdge = new WasDerivedFrom(original, link);
   linkEdge.addAnnotation("operation", "link");
   linkEdge.addAnnotation("endtime", Long.toString(now));
   putEdge(linkEdge);
   // Add the link to the links map.
   links.put(linkPath, originalFilePath);
 }
Exemple #4
0
 /**
  * ReadLink event triggered by FUSE.
  *
  * @param pid PID of the triggering process.
  * @param iotime IO time of the operation.
  * @param path Path indicating target file.
  */
 public void readlink(int pid, int iotime, String path) {
   checkProgramTree(Integer.toString(pid));
   path = sanitizePath(path);
   // Create the file artifact and populate the annotations with file information.
   long now = System.currentTimeMillis();
   File linkFile = createLinkVertex(path);
   putVertex(linkFile);
   Used edge = new Used((Program) localCache.get(Integer.toString(pid)), linkFile);
   edge.addAnnotation("endtime", Long.toString(now));
   edge.addAnnotation("operation", "readlink");
   putEdge(edge);
   // If the given path represents a link, then perform the same operation on the
   // artifact to which the link points.
   if (links.containsKey(path)) {
     read(pid, iotime, links.get(path), 0);
   }
 }
Exemple #5
0
 /**
  * Read event triggered by FUSE.
  *
  * @param pid PID of the triggering process.
  * @param iotime IO time of the operation.
  * @param path Path indicating target file.
  * @param link An integer used to indicate whether the target was a link or not.
  */
 public void read(int pid, int iotime, String path, int link) {
   checkProgramTree(Integer.toString(pid));
   path = sanitizePath(path);
   long now = System.currentTimeMillis();
   // Create file artifact depending on whether this is a link or not.
   // Link artifacts are created differently to avoid recursion that may
   // cause FUSE to crash.
   File fileVertex = (link == 1) ? createLinkVertex(path) : createFileVertex(path);
   putVertex(fileVertex);
   Used edge = new Used((Program) localCache.get(Integer.toString(pid)), fileVertex);
   edge.addAnnotation("iotime", Integer.toString(iotime));
   edge.addAnnotation("endtime", Long.toString(now));
   putEdge(edge);
   // If the given path represents a link, then perform the same operation on the
   // artifact to which the link points.
   if (link == 1 && links.containsKey(path)) {
     read(pid, iotime, links.get(path), 0);
   }
 }
Exemple #6
0
  @Override
  public boolean launch(String arguments) {
    if (arguments == null) {
      return false;
    }

    try {
      localHostAddress = InetAddress.getLocalHost().getHostAddress();
      localHostName = InetAddress.getLocalHost().getHostName();
    } catch (Exception ex) {
      localHostAddress = null;
      localHostName = null;
      Logger.getLogger(LinuxFUSE.class.getName()).log(Level.WARNING, null, ex);
    }

    try {
      BufferedReader confReader = new BufferedReader(new FileReader("/etc/fuse.conf"));
      String line;
      boolean found = false;
      while ((line = confReader.readLine()) != null) {
        // Check if the line "user_allow_other" exists in the config file.
        if (line.trim().equalsIgnoreCase("user_allow_other")) {
          found = true;
          break;
        }
      }
      if (!found) {
        // File /etc/fuse.conf not configured correctly.
        return false;
      }
    } catch (Exception ex) {
      // File /etc/fuse.conf does not exist or is configured incorrectly.
      Logger.getLogger(LinuxFUSE.class.getName()).log(Level.WARNING, null, ex);
      return false;
    }

    try {
      // The argument to this reporter is the mount point for FUSE.
      mountPoint = arguments;
      localCache = Collections.synchronizedMap(new HashMap<String, AbstractVertex>());
      links = Collections.synchronizedMap(new HashMap<String, String>());

      // Create a new directory as the mount point for FUSE.
      java.io.File mount = new java.io.File(mountPoint);
      if (mount.exists()) {
        return false;
      } else {
        int exitValue = Runtime.getRuntime().exec("mkdir " + mountPoint).waitFor();
        if (exitValue != 0) {
          return false;
        }
      }

      mountPath = (new java.io.File(mountPoint)).getAbsolutePath();
      myPID = ManagementFactory.getRuntimeMXBean().getName().split("@")[0].trim();

      // Load the native library.
      System.loadLibrary("LinuxFUSE");

      // Get the system boot time from the proc filesystem.
      boottime = 0;
      try {
        BufferedReader boottimeReader = new BufferedReader(new FileReader("/proc/stat"));
        String line;
        while ((line = boottimeReader.readLine()) != null) {
          StringTokenizer st = new StringTokenizer(line);
          if (st.nextToken().equals("btime")) {
            boottime = Long.parseLong(st.nextToken()) * 1000;
            break;
          } else {
            continue;
          }
        }
        boottimeReader.close();
      } catch (Exception exception) {
        Logger.getLogger(LinuxFUSE.class.getName()).log(Level.SEVERE, null, exception);
      }

      // Create an initial root vertex which will be used as the root of the
      // process tree.
      Program rootVertex = new Program();
      rootVertex.addAnnotation("pidname", "System");
      rootVertex.addAnnotation("pid", "0");
      rootVertex.addAnnotation("ppid", "0");
      String stime_readable =
          new java.text.SimpleDateFormat(simpleDatePattern).format(new java.util.Date(boottime));
      String stime = Long.toString(boottime);
      rootVertex.addAnnotation("boottime_unix", stime);
      rootVertex.addAnnotation("boottime_simple", stime_readable);
      localCache.put("0", rootVertex);
      putVertex(rootVertex);

      String path = "/proc";
      String currentProgram;
      java.io.File folder = new java.io.File(path);
      java.io.File[] listOfFiles = folder.listFiles();

      // Build the process tree using the directories under /proc/. Directories
      // which have a numeric name represent processes.
      for (int i = 0; i < listOfFiles.length; i++) {
        if (listOfFiles[i].isDirectory()) {

          currentProgram = listOfFiles[i].getName();
          try {
            Integer.parseInt(currentProgram);
            Program processVertex = createProgramVertex(currentProgram);
            String ppid = (String) processVertex.getAnnotation("ppid");
            localCache.put(currentProgram, processVertex);
            putVertex(processVertex);
            if (Integer.parseInt(ppid) >= 0) {
              if (((Program) localCache.get(ppid) != null) && (processVertex != null)) {
                WasTriggeredBy triggerEdge =
                    new WasTriggeredBy(processVertex, (Program) localCache.get(ppid));
                putEdge(triggerEdge);
              }
            }
          } catch (Exception exception) {
            continue;
          }
        }
      }

      Runnable FUSEThread =
          new Runnable() {

            public void run() {
              try {
                // Launch FUSE from the native library.
                launchFUSE(mountPoint);
              } catch (Exception exception) {
                Logger.getLogger(LinuxFUSE.class.getName()).log(Level.SEVERE, null, exception);
              }
            }
          };
      new Thread(FUSEThread, "LinuxFUSE-Thread").start();

    } catch (Exception exception) {
      Logger.getLogger(LinuxFUSE.class.getName()).log(Level.SEVERE, null, exception);
      return false;
    }

    return true;
  }
Exemple #7
0
  private Program createProgramVertex(String pid) {
    // The process vertex is created using the proc filesystem.
    Program resultVertex = new Program();
    try {
      BufferedReader procReader = new BufferedReader(new FileReader("/proc/" + pid + "/status"));
      String nameline = procReader.readLine();
      procReader.readLine();
      String tgidline = procReader.readLine();
      procReader.readLine();
      String ppidline = procReader.readLine();
      String tracerpidline = procReader.readLine();
      String uidline = procReader.readLine();
      String gidline = procReader.readLine();
      procReader.close();

      BufferedReader statReader = new BufferedReader(new FileReader("/proc/" + pid + "/stat"));
      String statline = statReader.readLine();
      statReader.close();

      BufferedReader cmdlineReader =
          new BufferedReader(new FileReader("/proc/" + pid + "/cmdline"));
      String cmdline = cmdlineReader.readLine();
      cmdlineReader.close();
      if (cmdline == null) {
        cmdline = "";
      } else {
        cmdline = cmdline.replace("\0", " ");
        cmdline = cmdline.replace("\"", "'");
      }

      String stats[] = statline.split("\\s+");
      long elapsedtime = Long.parseLong(stats[21]) * 10;
      long starttime = boottime + elapsedtime;
      String stime_readable =
          new java.text.SimpleDateFormat(simpleDatePattern).format(new java.util.Date(starttime));
      String stime = Long.toString(starttime);

      StringTokenizer st1 = new StringTokenizer(nameline);
      st1.nextToken();
      String name = st1.nextToken();

      StringTokenizer st3 = new StringTokenizer(ppidline);
      st3.nextToken();
      String ppid = st3.nextToken("").trim();

      if (ppid.equals(myPID)) {
        // Return null if this was our own child process.
        return null;
      }

      StringTokenizer st5 = new StringTokenizer(uidline);
      st5.nextToken();
      String uid = st5.nextToken().trim();

      StringTokenizer st6 = new StringTokenizer(gidline);
      st6.nextToken();
      String gid = st6.nextToken().trim();

      if (refreshHost) {
        try {
          localHostAddress = InetAddress.getLocalHost().getHostAddress();
          localHostName = InetAddress.getLocalHost().getHostName();
        } catch (Exception ex) {
          localHostAddress = null;
          localHostName = null;
          Logger.getLogger(LinuxFUSE.class.getName()).log(Level.WARNING, null, ex);
        }
      }

      resultVertex.addAnnotation("pidname", name);
      resultVertex.addAnnotation("pid", pid);
      resultVertex.addAnnotation("ppid", ppid);
      resultVertex.addAnnotation("uid", uid);
      resultVertex.addAnnotation("gid", gid);
      resultVertex.addAnnotation("starttime_unix", stime);
      resultVertex.addAnnotation("starttime_simple", stime_readable);
      resultVertex.addAnnotation("group", stats[4]);
      resultVertex.addAnnotation("sessionid", stats[5]);
      resultVertex.addAnnotation("commandline", cmdline);
      resultVertex.addAnnotation("hostname", localHostName);
      resultVertex.addAnnotation("hostaddress", localHostAddress);
    } catch (Exception exception) {
      Logger.getLogger(LinuxFUSE.class.getName()).log(Level.SEVERE, null, exception);
      return null;
    }

    try {
      BufferedReader environReader =
          new BufferedReader(new FileReader("/proc/" + pid + "/environ"));
      String environ = environReader.readLine();
      environReader.close();
      if (environ != null) {
        environ = environ.replace("\0", ", ");
        environ = environ.replace("\"", "'");
        resultVertex.addAnnotation("environment", environ);
      }
    } catch (Exception exception) {
      // Unable to access the environment variables
    }
    return resultVertex;
  }