-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On Wed, Jul 19, 2017 at 10:42:36PM -0700, Andrew Morgan wrote: > Hey Marek, > > Just wanted to quickly point out that the next report is coming out > soon. Just wanted to finish up the C++ daemon beforehand. It can already > track untrusted folders and their subfolders, as well as mark any new > folders or files that are created or moved inside of them. > > I'm currently trying to work out a bug where inotify_watch calls will > fail around the 8000th folder that's created or moved in. I'm assuming > this probably has to do with a limit coded somewhere so I'm looking out > for that. > > I also packaged qvm-file-trust as a python module. Installation goes > great, but I get some errors after trying to run the installed script: > > https://gist.github.com/anonymous/c51749ce9f951e4b53fd4da9ed5a925b > > qvm_file_trust.py is placed in /rw/usrlocal/bin/qvm_file_trust.py > qvm-file-trust is placed in /usr/local/qvm-file-trust but is unable to > find the correct module > Just moving qvm-file-trust to /rw/usrlocal/bin/ makes it work, so seems > like it's looking relatively for files...
1. You should place setup.py one level up - outside of "qubesfiletrust" directory - so it could find such a package relative to setup.py location 2. You don't need qvm_file_trust.py in "scripts" - I guess this is a workaround for point 1. 3. (unrelated) You've committed to git qubesfiletrust.egg-info, which is generated by setup.py. > Also did a test with moving in an enormous folder, daemon took up 16% > CPU for a second in htop then right back to 0%, so seems pretty well > optimized for now. inotify finds all the files and folders in way until > a few hundred milli-seconds, so we may need to scale our period for > calling qvm-file-trust with a list of files down a bit (unless python > can take in 10K+ full filepaths as arguments). As Jean-Philippe already said, better split to multiple calls. - -- Best Regards, Marek Marczykowski-Górecki Invisible Things Lab A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing? -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQEcBAEBCAAGBQJZcQYmAAoJENuP0xzK19cs7qcH/iptsMhTd/H0U3ODaDjsRlRK ZwC5EvF83TRZC1SuOPC2fMCpqU0lw5nSqFl40h+p1ETx0ipqghwLqHh/qHU0ytQ8 SeCqSb4JXrRFAGpnAInxuv4y+ul2e6irjHfjOq9SI1nB9YFH4itupe/FbVTjWeGp 6dCkNvwvUcaaCZrA6R64L63d3HRihomDnl5uyDXIcLFfgKqLK6NkPBJfbBsV63CE mohDmh2sO/SpVpq7UdKJk4tpmwZ9WC18v5uKtLkNcNOvveX+ZJyDx6Xu6l/6hFg8 M1/xDsLf0AdNhnBTG6F8968LYpzgwl43orgkD91ZVvc8eNK3gz8lQWnFJnuJ9J0= =vNYV -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/20170720193605.GI1095%40mail-itl. For more options, visit https://groups.google.com/d/optout.
