[Libcg-devel] [RFC] [PATCH 7/7] Add a exec event to the event handler.

Ken'ichi Ohmichi Tue, 26 May 2009 01:13:20 -0700

Hi,

A process name is changed when execve(2), so a new rule based on
process name should be applied when execve(2) happens.
Then this patch adds an EXEC event to the event handler.


TODO:
=====
* The cgroup directory, which is specified by `cgexec` command, is
  ignored because this patch adds an EXEC event to the event handler.
  This problem should be fixed.


Thanks
Ken'ichi Ohmichi
 
Signed-off-by: Ken'ichi Ohmichi <[email protected]>
---
diff --git a/src/daemon/cgrulesengd.c b/src/daemon/cgrulesengd.c
index e85f3d5..0a984c7 100644
--- a/src/daemon/cgrulesengd.c
+++ b/src/daemon/cgrulesengd.c
@@ -276,6 +276,9 @@ int cgre_process_event(const struct proc_event *ev, const 
int type)
                        return 0;
                pid = ev->event_data.fork.child_pid;
                break;
+       case PROC_EVENT_EXEC:
+               pid = ev->event_data.exec.process_pid;
+               break;
        default:
                break;
        }
@@ -293,25 +296,25 @@ int cgre_process_event(const struct proc_event *ev, const 
int type)
        case PROC_EVENT_UID:
                log_uid = ev->event_data.id.e.euid;
                log_gid = egid;
-               ret = cgre_change_cgroup_uid_gid(
-                                       ev->event_data.id.e.euid,
-                                       egid, pid);
+               euid = ev->event_data.id.e.euid;
                break;
        case PROC_EVENT_GID:
                log_uid = euid;
                log_gid = ev->event_data.id.e.egid;
-               ret = cgre_change_cgroup_uid_gid(euid,
-                                       ev->event_data.id.e.egid, pid);
+               egid = ev->event_data.id.e.egid;
                break;
        case PROC_EVENT_FORK:
                log_uid = euid;
                log_gid = egid;
-               ret = cgre_change_cgroup_uid_gid(euid, egid, pid);
+               break;
+       case PROC_EVENT_EXEC:
+               log_uid = euid;
+               log_gid = egid;
                break;
        default:
                break;
        }
-
+       ret = cgre_change_cgroup_uid_gid(euid, egid, pid);
        if (ret) {
                if ((ret != ECGOTHER) || (errno != ESRCH)) {
                        flog(LOG_WARNING, "Cgroup change for PID: %d, UID: %d,",
@@ -363,6 +366,12 @@ int cgre_handle_msg(struct cn_msg *cn_hdr)
        case PROC_EVENT_FORK:
                ret = cgre_process_event(ev, PROC_EVENT_FORK);
                break;
+       case PROC_EVENT_EXEC:
+               flog(LOG_DEBUG, "EXEC Event: PID = %d, tGID = %d",
+                               ev->event_data.exec.process_pid,
+                               ev->event_data.exec.process_tgid);
+               ret = cgre_process_event(ev, PROC_EVENT_EXEC);
+               break;
        default:
                break;
        }

------------------------------------------------------------------------------
Register Now for Creativity and Technology (CaT), June 3rd, NYC. CaT
is a gathering of tech-side developers & brand creativity professionals. Meet
the minds behind Google Creative Lab, Visual Complexity, Processing, & 
iPhoneDevCamp asthey present alongside digital heavyweights like Barbarian
Group, R/GA, & Big Spaceship. http://www.creativitycat.com 
_______________________________________________
Libcg-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/libcg-devel

[Libcg-devel] [RFC] [PATCH 7/7] Add a exec event to the event handler.

Reply via email to