fanotify用例

原创

已于 2024-05-21 17:49:31 修改 · 604 阅读

2 ·

CC 4.0 BY-SA版权

文章标签：

#网络

于 2023-02-07 14:27:41 首次发布

文章展示了使用C++和Golang通过fanotifyAPI来监控文件系统事件的代码示例，包括文件打开权限和可写文件关闭事件的处理。在C++示例中，程序读取fanotify事件并响应，而在Golang版本中，程序同样监听事件并获取进程信息。

c++

golang

c++

下列程序能够监控单文件和目录

NegativeMjark/fanotify: A simple fanotify example for watching events on a filesystem. (github.com)

另外一个

#define _GNU_SOURCE /* Needed to get O_LARGEFILE definition */ #include <errno.h>

#include <fcntl.h>

#include <limits.h>

#include <poll.h>

#include <stdio.h>

#include <stdlib.h>

#include <sys/fanotify.h>

#include <unistd.h>

/* Read all available fanotify events from the file descriptor 'fd'. */

static void
handle_events(int fd) {
  const struct fanotify_event_metadata * metadata;
  struct fanotify_event_metadata buf[200];
  ssize_t len;
  char path[PATH_MAX];
  ssize_t path_len;
  char procfd_path[PATH_MAX];
  struct fanotify_response response;

  /* Loop while events can be read from fanotify file descriptor. */

  for (;;) {

    /* Read some events. */

    len = read(fd, buf, sizeof(buf));
    if (len == -1 && errno != EAGAIN) {
      perror("read");
      exit(EXIT_FAILURE);
    }

    /* Check if end of available data reached. */

    if (len <= 0)
      break;

    /* Point to the first event in the buffer. */

    metadata = buf;

    /* Loop over all events in the buffer. */

    while (FAN_EVENT_OK(metadata, len)) {

      /* Check that run-time and compile-time structures match. */

      if