Documentation
¶
Index ¶
- Constants
- Variables
- func BuildPoliciesFromEvents(eventsToChoose []events.ID) []*policy.Policy
- func DiscoverChildProcesses(pid int) ([]int, error)
- func ExecCmdBgWithSudoAndCtx(ctx context.Context, command string) (int, chan error, error)
- func ExecPinnedCmdWithTimeout(command string, timeout time.Duration) (int, error)
- func IsSudoCmdAvailableForThisUser() bool
- func NewPolicies(polsFilesID []PolicyFileWithID) []*policy.Policy
- func ParseCmd(fullCmd string) (string, []string, error)
- func PinProccessToCPU(id ...int) error
- func SetTestLogger(t *testing.T, l logger.Level) (loggerOutput <-chan []byte, restoreLogger func())
- func SudoKillProcess(pid int, force bool) error
- func TestLogs(t *testing.T, logsToSearch []string, logsChan <-chan []byte, ...) <-chan bool
- type PolicyFileWithID
- type RunningTracee
- type TraceeStatus
Constants ¶
const ( SIGTERM = "-15" SIGKILL = "-9" )
const CPUForTests = 0 // CPU to pin test processes to
const (
TraceeDefaultStartupTimeout = 5 * time.Second
)
Variables ¶
var ( TraceeBinary = "../../dist/tracee" TraceeHostname = "localhost" TraceePort = 3366 )
Functions ¶
func BuildPoliciesFromEvents ¶ added in v0.22.0
BuildPoliciesFromEvents create a Policies instance with a single policy, which chooses the given events without filters or scopes
func DiscoverChildProcesses ¶
DiscoverChildProcesses discovers all child processes of a given PID.
func ExecCmdBgWithSudoAndCtx ¶
ExecCmdBgWithSudoAndCtx executes a command with sudo in the background, and returns the PID of the process and a channel to wait for the command to exit (Check RunningTracee object about how to use this). The function will return an error if the command execution fails
func ExecPinnedCmdWithTimeout ¶
ExecPinnedCmdWithTimeout executes a cmd with a timeout and returns the PID of the process.
func IsSudoCmdAvailableForThisUser ¶
func IsSudoCmdAvailableForThisUser() bool
IsSudoCmdAvailableForThisUser checks if the sudo command is available for the current user.
func NewPolicies ¶ added in v0.22.0
func NewPolicies(polsFilesID []PolicyFileWithID) []*policy.Policy
NewPolicies creates a slice of policies setting the ID of each policy to the given ID.
func PinProccessToCPU ¶
PinProccessToCPU pins the current process to a specific CPU
func SetTestLogger ¶ added in v0.22.0
SetTestLogger create a logger which prints the logs to the returned channel. This function is meant to be used by tests to check logs, and by that test the flow of Tracee from outside.
func SudoKillProcess ¶
SudoKillProcess kills a process with sudo.
func TestLogs ¶ added in v0.22.0
func TestLogs( t *testing.T, logsToSearch []string, logsChan <-chan []byte, done <-chan struct{}, ) <-chan bool
TestLogs searches for the given logs and test when input channel closes if all logs were received. It also returns a channel with the result of the test - whether all logs were found.
Types ¶
type PolicyFileWithID ¶ added in v0.22.0
type PolicyFileWithID struct {
PolicyFile v1beta1.PolicyFile
Id int
}
type RunningTracee ¶
type RunningTracee struct {
// contains filtered or unexported fields
}
RunningTracee is a wrapper for a running tracee process as a regular process.
func NewRunningTracee ¶
func NewRunningTracee(givenCtx context.Context, cmdLine string) *RunningTracee
NewRunningTracee creates a new RunningTracee instance.
func (*RunningTracee) IsReady ¶
func (r *RunningTracee) IsReady() bool
IsReady checks if the tracee process is ready.
func (*RunningTracee) Start ¶
func (r *RunningTracee) Start(timeout time.Duration) (<-chan TraceeStatus, error)
Start starts the tracee process.
type TraceeStatus ¶
type TraceeStatus int
const ( TraceeStarted TraceeStatus = iota TraceeFailed TraceeTimedout TraceeAlreadyRunning )
Source Files