Re: [Haifux] lecture topic suggestion - strace and the anatomy of a C application
On Mon, Jul 29, 2002 at 01:02:47AM +0300, guy keren wrote: looking hard for a new topic for a lecture, i came to think about strace. a lecrture about it will cover the anatomy of a C application on linux, as seen via strace, and the use of strace for debugging purposes and problem solving, for programmers and sys admins alike. in fact, i already demonstrated strace once in a lecture (long ago) - this one (if it takes place) will go deeper into strace's magic ;) if i get 2-3 'yei' sayers, i'll prepare it to follow the current last lecture (auto-tools? or the 3 years celebration? or what ever is now the current last) Sure, sounds like fun. You can also showcase strace's younger sibling, sctrace ;) -- http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01242/pgp0.pgp Description: PGP signature
Re: [Haifux] Never say Yuck about yacc
On Mon, Jul 15, 2002 at 05:10:55PM +0200, Eli Billauer wrote: Hello all, After playing around a bit with the Perl-byacc thing, there are a few notes that might come handy to whoever wants to do something useful with it. (Am I still the only one who does homework between lectures?) Oh, I do lots of homewor, just not necessarily related to any past or present lecture's material ;) If you want to dive deeper into compiler theory, I've got a copy of the dragon book here you're welcome to borrow. -- http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01236/pgp0.pgp Description: PGP signature
[Haifux] ANN: syscalltrack v0.72 bald hare released
From: Muli Ben-Yehuda [EMAIL PROTECTED]
To: sct-hackers
Cc:
Bcc:
Subject: [Haifux] ANN: syscalltrack v0.72 bald hare released
Reply-To:
syscalltrack-0.72, the 8th _alpha_ release of the Linux kernel system
call tracker, is now available. syscalltrack supports versions 2.4.x
of the Linux kernel on the i386 and UML platforms. The current release
contains support for tracking many new system calls (including
fork(2), exit(1), read(3) and write(4)), and various bug fixes and
code cleanups. See details below.
* What is syscalltrack?
syscalltrack is made of a pair of Linux kernel modules and supporting
user space environment which allow interception, logging and possibly
taking action upon system calls that match user defined
criteria. (syscalltrack can be thought of as a hypher-sophisticated,
system wide strace).
* Where can I get it?
Information on syscalltrack is available on the project's homepage:
http://syscalltrack.sourceforge.net, and in the project's file
release.
You can download the source directly from:
http://west.dl.sourceforge.net/sourceforge/syscalltrack/syscalltrack-0.72.tar.gz
or any of the other sourceforge mirrors.
* Call for developers:
The syscalltrack project is looking for developers, both for kernel
space and user space. If you want to join in on the fun, get in touch
with us on the syscalltrack-hackers mailing list
(http://lists.sourceforge.net/lists/listinfo/syscalltrack-hackers).
* License and NO Warrany
syscalltrack is Free Software, licensed under the GNU General Public
License (GPL) version 2. The 'sct_ctrl_lib' library is licensed under
the GNU Lesser General Public License (LGPL).
syscalltrack is in _alpha_ stages and comes with NO warranty.
If it breaks something, you get to keep all of the pieces.
You have been warned (TM).
Happy hacking and tracking!
===
Major new features for 0.72 (mostly a bug fix and new syscalls release)
---
* Many new system calls supported, including but not limited to
exit(1), fork(2), read(3) and write(4).
* Fixed bug when evaluating a buffer node and a bug with pattern
matching on a buffer node.
* Fixed bug when matching for a constant [filter_expression {1}] to
return true, as it should, instead of false, as it did.
* Fixed several in-kernel memory leaks and erronous kernel string
handling.
===
Major new features for 0.71 (mostly a bug fix and cleanup release)
--
* add a 'get rule count' and 'get rules' API to to the
sct_ctrl_lib. 'get rule count' will return the number of currently
registered rules, 'get rules' will return to user space from the
kernel a linked list of the before and after rules for each system
call.
* Support for constants when specifying matching rules, for example,
O_RDONLY, O_EXCL and friends for open(2).
* Support for octal/hex numbers in filter expressions.
* Support for specifying and printing multiplex syscall ids as
syscall:func, for example 102:5 for accept(2).
* Assorted internal cleanups, code refactoring, bug fixes and memory
leaks plugged, too many to list here. Documentation and header file
updates. See the ChangeLog for the gory details.
===
Major new features for 0.7
--
* Support for dynamic-cast of 'struct' syscall parameters when filtering
based on them, and for logging. See the relevant section in
doc/sct_config_manual.html for how to use this feature. Mostly useful now
for checking struct parameters in socket calls, so now its possible
to check if a client prorgam tries to connect to a given port or IP address,
etc.
* Support for 'fail syscall' actions - allows you to specify that a matching
syscall invocation will prematurely return a given error code (or '0')
before the system call is actually performed. Handle with care, as failing
the wrong syscall invocations might render your system unuseable. Good
usage example: TODO
* Support for convenience-macros in rule config files. Currently supported
macros include:
- ipaddr(127.0.0.1) - translates an IP address to an unsigned long
in network byte-order.
- htons(7) - host to network byte-order for 'short' numbers.
- usernametoid(root) - translates user name to UID.
- groupnametoid(wheel) - translates group name to GID.
* Experimental Device-driver control support - the syscalltrack kernel module
can now be controlled via a device-file interface - specify -c device_file
when running 'sct_config' to use it. The interface is currently
functionaly-equivalent to the existing 'sysctl' interface - but it will be
enhanced in the future to support logging via a device-file
Re: [Haifux] Summary for the Presentation [was Re: Perl Lex+Yacc Example.]
On Fri, Jun 21, 2002 at 01:16:16PM +0300, Shlomi Fish wrote: You can find an on-going summary here: http://vipe.technion.ac.il/~shlomif/lecture/Sys-Call-Track/Lex-Yacc/summary.txt Just one really glaring typo: it's 'syscalltrack', not 'Sys Call Track' or 'Sys-Call-Track' or any other variation. As for the upcoming syscalltrack ( this is how it's written) developers meeting, here is the tentative agenda with very tentative times. If anyone wants to talk about anything else or hear about any other subject, let me know. - syscalltrack demonstration in the wild. (15 minutes, Muli) - technical discussions (30 minutes each) - the old device file design and the new device file design, with explanations of linux special device files. (Muli). - shlomif's demonstration of lex yacc (Shlomif) - redesign of gen_syscalls.pl (30 minutes, everyone, brainstorming) - the future of syscalltrack - features and requisites for a 1.0 release. (15 minutes, Muli). - the far future. (15 minutes, Muli). -- http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01167/pgp0.pgp Description: PGP signature
Re: [Haifux] Summary for the Presentation [was Re: Perl Lex+Yacc Example.]
On Fri, Jun 21, 2002 at 03:29:04PM +0300, guy keren wrote: On Fri, 21 Jun 2002, Muli Ben-Yehuda wrote: As for the upcoming syscalltrack ( this is how it's written) developers meeting, here is the tentative agenda with very tentative times. If anyone wants to talk about anything else orhear about any other subject, let me know. all in all - you plan for a 135 minutes meeting - assuming a 5-10 minute break in the middle, that's around 2.5+ hours. so it'll be 18:30 - 21:10 or so? I want it to be fluid, that's why I said it's a very tentative schedule. I want the audience to dictate what's interesting to them and what isn't, and the lectures to grow or shrink accordingly. But I guess that 18:30 - 21:00 with short breaks in the middle ought to do. btw, regarding gen_syscalls.pl - i could give a few minutes of explanations about how it works, and what i think we should do with it. i sugest we concentrate on how to design it, regardless of language, so we'll be focused, and not delve into language fights. Fine with me. Just make sure to review its current implementation first, Orna and Shlomi cleaned it up considerably since the last release. - syscalltrack demonstration in the wild. (15 minutes, Muli) 10 minutes would be enough - it was already demonstrated a while back, in the syscalltrack lecture. Fine. - technical discussions (30 minutes each) - the old device file design and the new device file design, with explanations of linux special device files. (Muli). - shlomif's demonstration of lex yacc (Shlomif) - redesign of gen_syscalls.pl (30 minutes, everyone, brainstorming) - the future of syscalltrack - features and requisites for a 1.0 release. (15 minutes, Muli). - the far future. (15 minutes, Muli). these 2 could take 15 minutes together - unless a discussion (read: argumentative fights) will develope ;) Fine. -- http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01169/pgp0.pgp Description: PGP signature
[Haifux] handing out CDs at MS events
Salutations, clubbers. Occasionally, MS throws an event at the computer science faculty. Whenever such an event occurs, I am filled with temptation to expose people to a better way of living, and give them free of charge linux cds. This time, I'm preparing in advance. There's an MS event at the 19th of June, computer science faculty. It's introduction to .NET, or some such. Does anyone know where we could duplicate a reasonable ammount of linux cds, cheaply or at no cost? (100 cds should suffice, I would think). I intend to hand them out and explain about linux to the public, at least until MS security throws me out. Viva La Revolution! -- Highday 19 Forelithe 7466 http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01113/pgp0.pgp Description: PGP signature
Re: [Haifux] Re: Sys-Call-Track Developers Meeting
On Sun, Jun 09, 2002 at 05:36:34PM +0300, Shlomi Fish wrote: On Wed, 5 Jun 2002, Shlomi Fish wrote: I'd like to hold an SCT hackerfest on Monday, June 17, partly so I'll have some extra time to finish the third installment of my Perl for Perl Newbies lectures. (a large part of it is already written but there's some still left, and I'd like to completely replace a part). Does anybody has an objection that we will do that instead of a lecture per-ce? (none of which is scheduled for that date) Unfortunately, I realized that I have a test in the course Internet - Architecture and Protocols at that day and time. I see too options: make the meeting without me or postpone it by a week. I will support both verdicts. Postponing it by one week is fine with me. Who is planning to come, though? -- Mersday 18 Forelithe 7466 http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01104/pgp0.pgp Description: PGP signature
Re: [Haifux] Re: Sys-Call-Track Developers Meeting
On Sun, Jun 09, 2002 at 09:23:17PM +0300, guy keren wrote: On Sun, 9 Jun 2002, Muli Ben-Yehuda wrote: Unfortunately, I realized that I have a test in the course Internet - Architecture and Protocols at that day and time. I see too options: make the meeting without me or postpone it by a week. I will support both verdicts. Postponing it by one week is fine with me. Who is planning to come, though? the question is - what exactly are we going to do in that meeting? 'a syscalltrack hack fest' is too vague. i dont' realy see what content we could pour into this title. Stop being so negative, choo. I can give a short lecture, compromised of: 1. What is syscalltrack 2. How to use it 3. How to write code for it 4. What's next on the agenda (syscalltrack, past present and future) shlomif has talked about giving a lex yacc demonstration in perl. I'm sure you could give a short talk on struct type casting implementation, or the sct_rules library implementation, or any other subject you feel like talking about. People could suggest features, experiment with syscalltrack (I hereby volunteer my poor laptop for said demonstration) and just in general have fun. Monday, the 24th of June. See y'all there! -- Mersday 18 Forelithe 7466 http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01107/pgp0.pgp Description: PGP signature
[Haifux] syscalltrack logos
I forgot to mention, check out the syscalltrack logos at http://syscalltrack.sourceforge.net/logo.html, and vote for your favorite logo! [new logo added, sherlock2.jpg] All logos were made by Lital Natan. Kudos! -- Mersday 18 Forelithe 7466 http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01108/pgp0.pgp Description: PGP signature
[Haifux] ANN: syscalltrack v0.71 boxing iguana released
syscalltrack-0.71, the 7th _alpha_ release of the linux kernel system call tracker, is available. syscalltrack supports both version 2.4.x of the linux kernel. The current release contains some major enhancements, and various bug fixes and code cleanups. See details below. * What is syscalltrack? syscalltrack is a linux kernel module and supporting user space environment which allow interception, logging and possibly taking action upon system calls that match user defined criteria (syscalltrack can be thought of as a sophisticated, system wide strace). * Where can I get it? Information on syscalltrack is available on the project's homepage: http://syscalltrack.sourceforge.net, and in the project's file release. You can download the source directly from: http://prdownloads.sourceforge.net/syscalltrack/syscalltrack-0.71.tar.gz * Call for developers: The syscalltrack project is looking for developers, both for kernel space and user space. If you want to join in on the fun, get in touch with us on the syscalltrack-hackers mailing list (http://lists.sourceforge.net/lists/listinfo/syscalltrack-hackers). * License and NO Warrany syscalltrack is Free Software, licensed under the GNU General Public License (GPL) version 2. The 'sct_ctrl_lib' library is licensed under the GNU Lesser General Public License (LGPL). syscalltrack is in _alpha_ stages and comes with NO warranty. If it breaks something, you get to keep all of the pieces. You have been warned (TM). Happy hacking and tracking! === Major new features for 0.71 (mostly a bug fix and cleanup release) -- * add a 'get rule count' and 'get rules' API to to the sct_ctrl_lib. 'get rule count' will return the number of currently registered rules, 'get rules' will return to user space from the kernel a linked list of the before and after rules for each system call. * Support for constants when specifying matching rules, for example, O_RDONLY, O_EXCL and friends for open(2). * Support for octal/hex numbers in filter expressions. * Support for specifying and printing multiplex syscall ids as syscall:func, for example 102:5 for accept(2). * Assorted internal cleanups, code refactoring, bug fixes and memory leaks plugged, too many to list here. Documentation and header file updates. See the ChangeLog for the gory details. === Major new features for 0.7 -- * Support for dynamic-cast of 'struct' syscall parameters when filtering based on them, and for logging. See the relevant section in doc/sct_config_manual.html for how to use this feature. Mostly useful now for checking struct parameters in socket calls, so now its possible to check if a client prorgam tries to connect to a given port or IP address, etc. * Support for 'fail syscall' actions - allows you to specify that a matching syscall invocation will prematurely return a given error code (or '0') before the system call is actually performed. Handle with care, as failing the wrong syscall invocations might render your system unuseable. Good usage example: TODO * Support for convenience-macros in rule config files. Currently supported macros include: - ipaddr(127.0.0.1) - translates an IP address to an unsigned long in network byte-order. - htons(7) - host to network byte-order for 'short' numbers. - usernametoid(root) - translates user name to UID. - groupnametoid(wheel) - translates group name to GID. * Experimental Device-driver control support - the syscalltrack kernel module can now be controlled via a device-file interface - specify -c device_file when running 'sct_config' to use it. The interface is currently functionaly-equivalent to the existing 'sysctl' interface - but it will be enhanced in the future to support logging via a device-file interface, getting rule list via the device-file interface, etc. * Support for 'log_format' definition per rule, to override the global 'log_format'. * Initial correctness-testing script added. Currently only runs 2 tests - will become more functional on the next release. * Support for new system calls - waitpid, close and creat. major bug fixes for version 0.7: * Fixes for white-space parsing in 'sct_config'. * Fix small memory leak when deserializing 'log' actions * Fix bug in the kernel module that would leave dangling function pointers in case a user cleared only the 'before' function pointer. This bug wasn't triggered, since sct_config always erased _all_ rules, causing this code path to remain yet unused. -- Mersday 11 Forelithe 7466 http://vipe.technion.ac.il/~mulix/ http://syscalltrack.sf.net/ msg01094/pgp0.pgp Description: PGP signature
Re: [Haifux] Error while compile progrem that use QT3
On Sat, Apr 13, 2002 at 04:54:04PM +0300, barak wrote: whan i try to compile i get linking error: [barak@linux qt-learn]$ make g++ -o make-L/usr/lib/qt3/lib -L/usr/X11R6/lib -lqt -lXext -lX11 -lm /usr/bin/ld: cannot find -lqt collect2: ld returned 1 exit status make: *** [make] Error 1 [barak@linux qt-learn]$ where is libqt located? if it's not in one of the -L'd directories aboves, add this directory with -L. libqt.so (libc6) = /usr/lib/qt2/lib/libqt.so This is a pretty good hint... -- The ill-formed Orange Fails to satisfy the eye: http://vipe.technion.ac.il/~mulix/ Segmentation fault. http://syscalltrack.sf.net/ -- Haifa Linux Club Mailing List (http://linuxclub.il.eu.org) To unsub send an empty message to [EMAIL PROTECTED]
[Haifux] Re: syscalltrack developers meeting
On Tue, Apr 09, 2002 at 03:37:54AM +0300, Shlomi Fish wrote: On Mon, 8 Apr 2002, Muli Ben-Yehuda wrote: On Mon, Apr 08, 2002 at 01:30:18PM +0300, Shlomi Fish wrote: I'm not trying to sell them. I want to have a meeting where I can finally get some questions about SCT answered face to face, and we discuss it. I suggested that I teach Lex and Yacc, using Perl as a tool to teach them, to fill some of the time and do something useful with myself. And it's a demo not a lecture. If you put it that way - sounds great! Do you want to schedule it as part of the next meeting, or as a special meeting? either way, I'm game. I'd like it to be a dedicated meeting. How many of you club members will find such a meeting interesting? Can I get a show of hands? I'd like to know if we should schedule it as a special meeting, or as one of our regular club meetings. Thanks. I'm not going to fill a two hour lecture explaining a technical tool such as Lex and Yacc. O'Reilly can fill a book about those two, but I have more exciting things to do. I just see it as an absurd thing that the SCT configurator is still not written using Lex and Yacc and that those tools can make it so much simpler and easier to understand. If you build it, they will come If you send us a patch, we'll apply it in a jiffie. OK. But my incenitive for giving a demo is also to make sure people learn Lex and Yacc and how easy it is to use them. You don't really have to read the Dragon book in order to use them. I know I grokked them, with only having an intuitive conception of it. I grok them as well, although not well enough to use them proficiently, and I did read the dragon book (syscalltrack's filter parser required it). The point is not that we dont know how to use lex yacc - the point is that we do not have the time to implement a working tool, again. We'd rather spend time improving the stability of the code (read: bug fixing) and adding new features. -- The ill-formed Orange Fails to satisfy the eye: http://vipe.technion.ac.il/~mulix/ Segmentation fault. http://syscalltrack.sf.net/ -- Haifa Linux Club Mailing List (http://linuxclub.il.eu.org) To unsub send an empty message to [EMAIL PROTECTED]
Re: [Haifux] syscalltrack developers meeting
On Mon, Apr 08, 2002 at 01:30:18PM +0300, Shlomi Fish wrote: I'm not trying to sell them. I want to have a meeting where I can finally get some questions about SCT answered face to face, and we discuss it. I suggested that I teach Lex and Yacc, using Perl as a tool to teach them, to fill some of the time and do something useful with myself. And it's a demo not a lecture. If you put it that way - sounds great! Do you want to schedule it as part of the next meeting, or as a special meeting? either way, I'm game. I'm not going to fill a two hour lecture explaining a technical tool such as Lex and Yacc. O'Reilly can fill a book about those two, but I have more exciting things to do. I just see it as an absurd thing that the SCT configurator is still not written using Lex and Yacc and that those tools can make it so much simpler and easier to understand. If you build it, they will come If you send us a patch, we'll apply it in a jiffie. -- The ill-formed Orange Fails to satisfy the eye: http://vipe.technion.ac.il/~mulix/ Segmentation fault. http://syscalltrack.sf.net/ -- Haifa Linux Club Mailing List (http://linuxclub.il.eu.org) To unsub send an empty message to [EMAIL PROTECTED]
