diff --git a/daemon/log/log.go b/daemon/log/log.go index 9d3044d932..eadcb22978 100644 --- a/daemon/log/log.go +++ b/daemon/log/log.go @@ -47,7 +47,7 @@ var ( DateFormat = "2006-01-02 15:04:05" MinLevel = INFO - mutex = &sync.Mutex{} + mutex = &sync.RWMutex{} labels = map[int]string{ DEBUG: "DBG", INFO: "INF", @@ -103,11 +103,16 @@ func Raw(format string, args ...interface{}) { fmt.Fprintf(Output, format, args...) } +func SetLogLevel(newLevel int) { + mutex.RLock() + defer mutex.RUnlock() + MinLevel = newLevel +} + func Log(level int, format string, args ...interface{}) { + mutex.Lock() + defer mutex.Unlock() if level >= MinLevel { - mutex.Lock() - defer mutex.Unlock() - label := labels[level] color := colors[level] when := time.Now().UTC().Format(DateFormat) diff --git a/daemon/main.go b/daemon/main.go index c8b08d0afa..f4abb4f6d5 100644 --- a/daemon/main.go +++ b/daemon/main.go @@ -73,15 +73,15 @@ func init() { func setupLogging() { golog.SetOutput(ioutil.Discard) if debug { - log.MinLevel = log.DEBUG + log.SetLogLevel(log.DEBUG) } else if warning { - log.MinLevel = log.WARNING + log.SetLogLevel(log.WARNING) } else if important { - log.MinLevel = log.IMPORTANT + log.SetLogLevel(log.IMPORTANT) } else if errorlog { - log.MinLevel = log.ERROR + log.SetLogLevel(log.ERROR) } else { - log.MinLevel = log.INFO + log.SetLogLevel(log.INFO) } if logFile != "" { @@ -312,7 +312,7 @@ func main() { // overwrite monitor method from configuration if the user has passed // the option via command line. if procmonMethod != "" { - procmon.MonitorMethod = procmonMethod + procmon.SetMonitorMethod(procmonMethod) } procmon.Init() diff --git a/daemon/procmon/parse.go b/daemon/procmon/parse.go index 6fbda5ba09..e099036b69 100644 --- a/daemon/procmon/parse.go +++ b/daemon/procmon/parse.go @@ -62,12 +62,12 @@ func GetPIDFromINode(inode int, inodeKey string) int { return cachedPid } - if MonitorMethod == MethodAudit { + if monitorMethod == MethodAudit { if aPid, pos := getPIDFromAuditEvents(inode, inodeKey, expect); aPid != -1 { log.Debug("PID found via audit events", time.Since(start), "position", pos) return aPid } - } else if MonitorMethod == MethodFtrace && IsWatcherAvailable() { + } else if monitorMethod == MethodFtrace && IsWatcherAvailable() { forEachProcess(func(pid int, path string, args []string) bool { if inodeFound("/proc/", expect, inodeKey, inode, pid) { found = pid @@ -77,7 +77,7 @@ func GetPIDFromINode(inode int, inodeKey string) int { return false }) } - if found == -1 || MonitorMethod == MethodProc { + if found == -1 || monitorMethod == MethodProc { found = lookupPidInProc("/proc/", expect, inodeKey, inode) } log.Debug("new pid lookup took", found, time.Since(start)) @@ -136,7 +136,7 @@ func FindProcess(pid int, interceptUnknown bool) *Process { if interceptUnknown && pid < 0 { return NewProcess(0, "") } - if MonitorMethod == MethodAudit { + if monitorMethod == MethodAudit { if aevent := audit.GetEventByPid(pid); aevent != nil { audit.Lock.RLock() proc := NewProcess(pid, aevent.ProcPath) diff --git a/daemon/procmon/process.go b/daemon/procmon/process.go index 6067eedbea..3f90c2ea79 100644 --- a/daemon/procmon/process.go +++ b/daemon/procmon/process.go @@ -7,6 +7,7 @@ import ( "github.com/gustavo-iniguez-goya/opensnitch/daemon/procmon/audit" ) +// Process holds the information of a process. type Process struct { ID int Path string @@ -15,6 +16,7 @@ type Process struct { CWD string } +// NewProcess returns a new Process structure. func NewProcess(pid int, path string) *Process { return &Process{ ID: pid, @@ -24,31 +26,48 @@ func NewProcess(pid int, path string) *Process { } } +// Reload stops the current monitor method and starts it again. func Reload() { End() time.Sleep(1 * time.Second) Init() } +// SetMonitorMethod configures a new method for parsing connections. +func SetMonitorMethod(newMonitorMethod string) { + lock.Lock() + defer lock.Unlock() + + monitorMethod = newMonitorMethod +} + +// End stops the way of parsing new connections. func End() { - if MonitorMethod == MethodAudit { + lock.Lock() + defer lock.Unlock() + + if monitorMethod == MethodAudit { audit.Stop() - } else if MonitorMethod == MethodFtrace { + } else if monitorMethod == MethodFtrace { go Stop() } } +// Init starts parsing connections using the method specified. func Init() { - if MonitorMethod == MethodFtrace { + lock.Lock() + defer lock.Unlock() + + if monitorMethod == MethodFtrace { if err := Start(); err == nil { return } - } else if MonitorMethod == MethodAudit { + } else if monitorMethod == MethodAudit { if c, err := audit.Start(); err == nil { go audit.Reader(c, (chan<- audit.Event)(audit.EventChan)) return } } log.Info("Process monitor parsing /proc") - MonitorMethod = MethodProc + monitorMethod = MethodProc } diff --git a/daemon/procmon/watcher.go b/daemon/procmon/watcher.go index 733f935f6c..7af7b390b9 100644 --- a/daemon/procmon/watcher.go +++ b/daemon/procmon/watcher.go @@ -33,7 +33,7 @@ var ( watcher = ftrace.NewProbe(probeName, syscallName, subEvents) isAvailable = false - MonitorMethod = MethodProc + monitorMethod = MethodProc index = make(map[int]*procData) lock = sync.RWMutex{} diff --git a/daemon/ui/config.go b/daemon/ui/config.go index 185a20c65e..b76042d8ef 100644 --- a/daemon/ui/config.go +++ b/daemon/ui/config.go @@ -48,10 +48,10 @@ func (c *Client) loadConfiguration(rawConfig []byte) bool { clientErrorRule.Duration = rule.Duration(config.DefaultDuration) } if config.LogLevel != nil { - log.MinLevel = int(*config.LogLevel) + log.SetLogLevel(int(*config.LogLevel)) } if config.ProcMonitorMethod != "" { - procmon.MonitorMethod = config.ProcMonitorMethod + procmon.SetMonitorMethod(config.ProcMonitorMethod) } return true