本文整理汇总了C++中GetErrorStr函数的典型用法代码示例。如果您正苦于以下问题:C++ GetErrorStr函数的具体用法?C++ GetErrorStr怎么用?C++ GetErrorStr使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了GetErrorStr函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: CopyACLs
int CopyACLs(const char *src, const char *dst)
{
acl_t acls;
struct stat statbuf;
int ret;
acls = acl_get_file(src, ACL_TYPE_ACCESS);
if (!acls)
{
if (errno == ENOTSUP)
{
return true;
}
else
{
Log(LOG_LEVEL_ERR, "Can't copy ACLs from '%s'. (acl_get_file: %s)", src, GetErrorStr());
return false;
}
}
ret = acl_set_file(dst, ACL_TYPE_ACCESS, acls);
acl_free(acls);
if (ret != 0)
{
if (errno == ENOTSUP)
{
return true;
}
else
{
Log(LOG_LEVEL_ERR, "Can't copy ACLs to '%s'. (acl_set_file: %s)", dst, GetErrorStr());
return false;
}
}
if (stat(src, &statbuf) != 0)
{
Log(LOG_LEVEL_ERR, "Can't copy ACLs from '%s'. (stat: %s)", src, GetErrorStr());
return false;
}
if (!S_ISDIR(statbuf.st_mode))
{
return true;
}
// For directory, copy default ACL too.
acls = acl_get_file(src, ACL_TYPE_DEFAULT);
if (!acls)
{
Log(LOG_LEVEL_ERR, "Can't copy ACLs from '%s'. (acl_get_file: %s)", src, GetErrorStr());
return false;
}
ret = acl_set_file(dst, ACL_TYPE_DEFAULT, acls);
acl_free(acls);
if (ret != 0)
{
Log(LOG_LEVEL_ERR, "Can't copy ACLs to '%s'. (acl_set_file: %s)", dst, GetErrorStr());
return false;
}
return true;
}
示例2: CheckDefaultClearACL
int CheckDefaultClearACL(EvalContext *ctx, const char *file_path, Attributes a, const Promise *pp, PromiseResult *result)
{
acl_t acl_existing;
acl_t acl_empty;
acl_entry_t ace_dummy;
int retv;
int retval = false;
acl_existing = NULL;
acl_empty = NULL;
if ((acl_existing = acl_get_file(file_path, ACL_TYPE_DEFAULT)) == NULL)
{
Log(LOG_LEVEL_ERR, "Unable to read default acl for '%s'. (acl_get_file: %s)", file_path, GetErrorStr());
return false;
}
retv = acl_get_entry(acl_existing, ACL_FIRST_ENTRY, &ace_dummy);
switch (retv)
{
case -1:
Log(LOG_LEVEL_VERBOSE, "Couldn't retrieve ACE for '%s'. (acl_get_entry: %s)", file_path, GetErrorStr());
retval = false;
break;
case 0: // no entries, as desired
cfPS(ctx, LOG_LEVEL_VERBOSE, PROMISE_RESULT_NOOP, pp, a, "Default ACL on '%s' needs no modification.", file_path);
retval = true;
break;
case 1: // entries exist, set empty ACL
if ((acl_empty = acl_init(0)) == NULL)
{
Log(LOG_LEVEL_ERR, "Could not reinitialize ACL for '%s'. (acl_init: %s)", file_path, GetErrorStr());
retval = false;
break;
}
switch (a.transaction.action)
{
case cfa_warn:
cfPS(ctx, LOG_LEVEL_ERR, PROMISE_RESULT_WARN, pp, a, "Default ACL on '%s' needs to be cleared", file_path);
*result = PromiseResultUpdate(*result, PROMISE_RESULT_WARN);
break;
case cfa_fix:
if (!DONTDO)
{
if (acl_set_file(file_path, ACL_TYPE_DEFAULT, acl_empty) != 0)
{
Log(LOG_LEVEL_ERR, "Could not reset ACL for %s", file_path);
retval = false;
break;
}
}
cfPS(ctx, LOG_LEVEL_INFO, PROMISE_RESULT_CHANGE, pp, a, "Default ACL on '%s' successfully cleared", file_path);
*result = PromiseResultUpdate(*result, PROMISE_RESULT_CHANGE);
retval = true;
break;
default:
ProgrammingError("CFEngine: internal error: illegal file action");
retval = false;
}
break;
default:
retval = false;
}
acl_free(acl_empty);
acl_free(acl_existing);
return retval;
}
示例3: ACLEquals
static int ACLEquals(acl_t first, acl_t second)
{
acl_entry_t ace_first;
acl_entry_t ace_second;
acl_permset_t perms_first;
acl_permset_t perms_second;
int first_cnt;
int second_cnt;
int more_aces;
int retv_perms;
if ((first_cnt = ACECount(first)) == -1)
{
Log(LOG_LEVEL_VERBOSE, "Couldn't count ACEs");
return -1;
}
if ((second_cnt = ACECount(second)) == -1)
{
Log(LOG_LEVEL_VERBOSE, "Couldn't count ACEs");
return -1;
}
if (first_cnt != second_cnt)
{
return 1;
}
if (first_cnt == 0)
{
return 0;
}
// check that every ace of first acl exist in second acl
more_aces = acl_get_entry(first, ACL_FIRST_ENTRY, &ace_first);
if (more_aces != 1) // first must contain at least one entry
{
Log(LOG_LEVEL_ERR, "Unable to read ACE. (acl_get_entry: %s)", GetErrorStr());
return -1;
}
while (more_aces)
{
/* no ace in second match entity-type and id of first */
if ((ace_second = FindACE(second, ace_first)) == NULL)
{
return 1;
}
/* permissions must also match */
if (acl_get_permset(ace_first, &perms_first) != 0)
{
Log(LOG_LEVEL_ERR, "Unable to read permissions. (acl_get_permset: %s)", GetErrorStr());
return -1;
}
if (acl_get_permset(ace_second, &perms_second) != 0)
{
Log(LOG_LEVEL_ERR, "Unable to read permissions. (acl_get_permset: %s)", GetErrorStr());
return -1;
}
retv_perms = PermsetEquals(perms_first, perms_second);
if (retv_perms == -1)
{
return -1;
}
else if (retv_perms == 1) // permissions differ
{
return 1;
}
more_aces = acl_get_entry(first, ACL_NEXT_ENTRY, &ace_first);
}
return 0;
}
示例4: TransformGidsToGroups
static void TransformGidsToGroups(StringSet **list)
{
StringSet *new_list = StringSetNew();
StringSetIterator i = StringSetIteratorInit(*list);
const char *data;
for (data = StringSetIteratorNext(&i); data; data = StringSetIteratorNext(&i))
{
if (strlen(data) != strspn(data, "0123456789"))
{
// Cannot possibly be a gid.
StringSetAdd(new_list, xstrdup(data));
continue;
}
// In groups vs gids, groups take precedence. So check if it exists.
errno = 0;
struct group *group_info = getgrnam(data);
if (!group_info)
{
switch (errno)
{
case 0:
case ENOENT:
case EBADF:
case ESRCH:
case EWOULDBLOCK:
case EPERM:
// POSIX is apparently ambiguous here. All values mean "not found".
errno = 0;
group_info = getgrgid(atoi(data));
if (!group_info)
{
switch (errno)
{
case 0:
case ENOENT:
case EBADF:
case ESRCH:
case EWOULDBLOCK:
case EPERM:
// POSIX is apparently ambiguous here. All values mean "not found".
//
// Neither group nor gid is found. This will lead to an error later, but we don't
// handle that here.
break;
default:
Log(LOG_LEVEL_ERR, "Error while checking group name '%s'. (getgrgid: '%s')", data, GetErrorStr());
StringSetDestroy(new_list);
return;
}
}
else
{
// Replace gid with group name.
StringSetAdd(new_list, xstrdup(group_info->gr_name));
}
break;
default:
Log(LOG_LEVEL_ERR, "Error while checking group name '%s'. (getgrnam: '%s')", data, GetErrorStr());
StringSetDestroy(new_list);
return;
}
}
else
{
StringSetAdd(new_list, xstrdup(data));
}
}
StringSet *old_list = *list;
*list = new_list;
StringSetDestroy(old_list);
}
示例5: CheckPosixLinuxACEs
static int CheckPosixLinuxACEs(EvalContext *ctx, Rlist *aces, AclMethod method, const char *file_path, acl_type_t acl_type, Attributes a,
const Promise *pp, PromiseResult *result)
{
acl_t acl_existing;
acl_t acl_new;
acl_t acl_tmp;
acl_entry_t ace_parsed;
acl_entry_t ace_current;
acl_permset_t perms;
char *cf_ace;
int retv;
int has_mask;
Rlist *rp;
char *acl_type_str;
acl_new = NULL;
acl_existing = NULL;
acl_tmp = NULL;
has_mask = false;
acl_type_str = acl_type == ACL_TYPE_ACCESS ? "Access" : "Default";
// read existing acl
if ((acl_existing = acl_get_file(file_path, acl_type)) == NULL)
{
Log(LOG_LEVEL_VERBOSE, "No ACL for '%s' could be read. (acl_get_file: %s)", file_path, GetErrorStr());
return false;
}
// allocate memory for temp ace (it needs to reside in a temp acl)
if ((acl_tmp = acl_init(1)) == NULL)
{
Log(LOG_LEVEL_ERR, "New ACL could not be allocated (acl_init: %s)", GetErrorStr());
acl_free((void *) acl_existing);
return false;
}
if (acl_create_entry(&acl_tmp, &ace_parsed) != 0)
{
Log(LOG_LEVEL_ERR, "New ACL could not be allocated (acl_create_entry: %s)", GetErrorStr());
acl_free((void *) acl_existing);
acl_free((void *) acl_tmp);
return false;
}
// copy existing aces if we are appending
if (method == ACL_METHOD_APPEND)
{
if ((acl_new = acl_dup(acl_existing)) == NULL)
{
Log(LOG_LEVEL_ERR, "Error copying existing ACL (acl_dup: %s)", GetErrorStr());
acl_free((void *) acl_existing);
acl_free((void *) acl_tmp);
return false;
}
}
else // overwrite existing acl
{
if ((acl_new = acl_init(5)) == NULL) // TODO: Always OK with 5 here ?
{
Log(LOG_LEVEL_ERR, "New ACL could not be allocated (acl_init: %s)", GetErrorStr());
acl_free((void *) acl_existing);
acl_free((void *) acl_tmp);
return false;
}
}
for (rp = aces; rp != NULL; rp = rp->next)
{
cf_ace = RlistScalarValue(rp);
if (!ParseEntityPosixLinux(&cf_ace, ace_parsed, &has_mask))
{
Log(LOG_LEVEL_ERR, "Error parsing entity in 'cf_ace'.");
acl_free((void *) acl_existing);
acl_free((void *) acl_tmp);
acl_free((void *) acl_new);
return false;
}
// check if an ACE with this entity-type and id already exist in the Posix Linux ACL
ace_current = FindACE(acl_new, ace_parsed);
// create new entry in ACL if it did not exist
if (ace_current == NULL)
{
if (acl_create_entry(&acl_new, &ace_current) != 0)
{
Log(LOG_LEVEL_ERR, "Failed to allocate ace (acl_create_entry: %s)", GetErrorStr());
acl_free((void *) acl_existing);
acl_free((void *) acl_tmp);
acl_free((void *) acl_new);
return false;
}
//.........这里部分代码省略.........
示例6: GetPasswordHash
static bool GetPasswordHash(const char *puser, const struct passwd *passwd_info, const char **result)
{
// Silence warning.
(void)puser;
#ifdef HAVE_GETSPNAM
// If the hash is very short, it's probably a stub. Try getting the shadow password instead.
if (strlen(passwd_info->pw_passwd) <= 4)
{
Log(LOG_LEVEL_VERBOSE, "Getting user '%s' password hash from shadow database.", puser);
struct spwd *spwd_info;
errno = 0;
spwd_info = getspnam(puser);
if (!spwd_info)
{
if (errno)
{
Log(LOG_LEVEL_ERR, "Could not get information from user shadow database. (getspnam: '%s')", GetErrorStr());
return false;
}
else
{
Log(LOG_LEVEL_ERR, "Could not find user when checking password.");
return false;
}
}
else if (spwd_info)
{
*result = spwd_info->sp_pwdp;
return true;
}
}
#endif // HAVE_GETSPNAM
Log(LOG_LEVEL_VERBOSE, "Getting user '%s' password hash from passwd database.", puser);
*result = passwd_info->pw_passwd;
return true;
}
示例7: ChangePasswordHashUsingLckpwdf
static bool ChangePasswordHashUsingLckpwdf(const char *puser, const char *password)
{
bool result = false;
struct stat statbuf;
const char *passwd_file = "/etc/shadow";
if (stat(passwd_file, &statbuf) == -1)
{
passwd_file = "/etc/passwd";
}
Log(LOG_LEVEL_VERBOSE, "Changing password hash for user '%s' by editing '%s'.", puser, passwd_file);
if (lckpwdf() != 0)
{
Log(LOG_LEVEL_ERR, "Not able to obtain lock on password database.");
return false;
}
char backup_file[strlen(passwd_file) + strlen(".cf-backup") + 1];
snprintf(backup_file, sizeof(backup_file), "%s.cf-backup", passwd_file);
unlink(backup_file);
char edit_file[strlen(passwd_file) + strlen(".cf-edit") + 1];
snprintf(edit_file, sizeof(edit_file), "%s.cf-edit", passwd_file);
unlink(edit_file);
if (!CopyRegularFileDisk(passwd_file, backup_file))
{
Log(LOG_LEVEL_ERR, "Could not back up existing password database '%s' to '%s'.", passwd_file, backup_file);
goto unlock_passwd;
}
FILE *passwd_fd = fopen(passwd_file, "r");
if (!passwd_fd)
{
Log(LOG_LEVEL_ERR, "Could not open password database '%s'. (fopen: '%s')", passwd_file, GetErrorStr());
goto unlock_passwd;
}
int edit_fd_int = open(edit_file, O_WRONLY | O_CREAT | O_EXCL, S_IWUSR);
if (edit_fd_int < 0)
{
if (errno == EEXIST)
{
Log(LOG_LEVEL_CRIT, "Temporary file already existed when trying to open '%s'. (open: '%s') "
"This should NEVER happen and could mean that someone is trying to break into your system!!",
edit_file, GetErrorStr());
}
else
{
Log(LOG_LEVEL_ERR, "Could not open password database temporary file '%s'. (open: '%s')", edit_file, GetErrorStr());
}
goto close_passwd_fd;
}
FILE *edit_fd = fdopen(edit_fd_int, "w");
if (!edit_fd)
{
Log(LOG_LEVEL_ERR, "Could not open password database temporary file '%s'. (fopen: '%s')", edit_file, GetErrorStr());
close(edit_fd_int);
goto close_passwd_fd;
}
while (true)
{
size_t line_size = CF_BUFSIZE;
char *line = xmalloc(line_size);
int read_result = getline(&line, &line_size, passwd_fd);
if (read_result < 0)
{
if (!feof(passwd_fd))
{
Log(LOG_LEVEL_ERR, "Error while reading password database: %s", GetErrorStr());
free(line);
goto close_both;
}
else
{
break;
}
}
else if (read_result >= sizeof(line))
{
Log(LOG_LEVEL_ERR, "Unusually long line found in password database while editing user '%s'. Not updating.",
puser);
}
// Editing the password database is risky business, so do as little parsing as possible.
// Just enough to get the hash in there.
char *field_start = NULL;
char *field_end = NULL;
field_start = strchr(line, ':');
if (field_start)
{
field_end = strchr(field_start + 1, ':');
}
if (!field_start || !field_end)
{
Log(LOG_LEVEL_ERR, "Unexpected format found in password database while editing user '%s'. Not updating.",
puser);
//.........这里部分代码省略.........
示例8: LoadProcessTable
int LoadProcessTable(Item **procdata)
{
FILE *prp;
char pscomm[CF_MAXLINKSIZE];
Item *rootprocs = NULL;
Item *otherprocs = NULL;
if (PROCESSTABLE)
{
Log(LOG_LEVEL_VERBOSE, "Reusing cached process table");
return true;
}
CheckPsLineLimitations();
const char *psopts = GetProcessOptions();
snprintf(pscomm, CF_MAXLINKSIZE, "%s %s", VPSCOMM[VPSHARDCLASS], psopts);
Log(LOG_LEVEL_VERBOSE, "Observe process table with %s", pscomm);
if ((prp = cf_popen(pscomm, "r", false)) == NULL)
{
Log(LOG_LEVEL_ERR, "Couldn't open the process list with command '%s'. (popen: %s)", pscomm, GetErrorStr());
return false;
}
size_t vbuff_size = CF_BUFSIZE;
char *vbuff = xmalloc(vbuff_size);
# ifdef HAVE_GETZONEID
char *names[CF_PROCCOLS];
int start[CF_PROCCOLS];
int end[CF_PROCCOLS];
Seq *pidlist = SeqNew(1, NULL);
Seq *rootpidlist = SeqNew(1, NULL);
bool global_zone = IsGlobalZone();
if (global_zone)
{
int res = ZLoadProcesstable(pidlist, rootpidlist);
if (res == false)
{
Log(LOG_LEVEL_ERR, "Unable to load solaris zone process table.");
return false;
}
}
# endif
for (;;)
{
ssize_t res = CfReadLine(&vbuff, &vbuff_size, prp);
if (res == -1)
{
if (!feof(prp))
{
Log(LOG_LEVEL_ERR, "Unable to read process list with command '%s'. (fread: %s)", pscomm, GetErrorStr());
cf_pclose(prp);
free(vbuff);
return false;
}
else
{
break;
}
}
Chop(vbuff, vbuff_size);
# ifdef HAVE_GETZONEID
if (global_zone)
{
if (strstr(vbuff, "PID") != NULL)
{ /* this is the banner so get the column header names for later use*/
GetProcessColumnNames(vbuff, &names[0], start, end);
}
else
{
int gpid = ExtractPid(vbuff, names, end);
if (!IsGlobalProcess(gpid, pidlist, rootpidlist))
{
continue;
}
}
}
# endif
AppendItem(procdata, vbuff, "");
}
cf_pclose(prp);
/* Now save the data */
snprintf(vbuff, CF_MAXVARSIZE, "%s/state/cf_procs", CFWORKDIR);
//.........这里部分代码省略.........
示例9: TransformGidsToGroups
static void TransformGidsToGroups(StringSet **list)
{
StringSet *new_list = StringSetNew();
StringSetIterator i = StringSetIteratorInit(*list);
const char *data;
for (data = StringSetIteratorNext(&i); data; data = StringSetIteratorNext(&i))
{
if (strlen(data) != strspn(data, "0123456789"))
{
// Cannot possibly be a gid.
StringSetAdd(new_list, xstrdup(data));
continue;
}
// In groups vs gids, groups take precedence. So check if it exists.
struct group *group_info = GetGrEntry(data, &EqualGroupName);
if (!group_info)
{
if (errno == 0)
{
group_info = GetGrEntry(data, &EqualGid);
if (!group_info)
{
if (errno != 0)
{
Log(LOG_LEVEL_ERR, "Error while checking group name '%s': %s", data, GetErrorStr());
StringSetDestroy(new_list);
return;
}
// Neither group nor gid is found. This will lead to an error later, but we don't
// handle that here.
}
else
{
// Replace gid with group name.
StringSetAdd(new_list, xstrdup(group_info->gr_name));
}
}
else
{
Log(LOG_LEVEL_ERR, "Error while checking group name '%s': '%s'", data, GetErrorStr());
StringSetDestroy(new_list);
return;
}
}
else
{
StringSetAdd(new_list, xstrdup(data));
}
}
StringSet *old_list = *list;
*list = new_list;
StringSetDestroy(old_list);
}
示例10: MissingInputFile
static bool MissingInputFile(const char *input_file)
{
struct stat sb;
if (stat(input_file, &sb) == -1)
{
Log(LOG_LEVEL_ERR, "There is no readable input file at '%s'. (stat: %s)", input_file, GetErrorStr());
return true;
}
return false;
}
示例11: ZLoadProcesstable
/* Load processes using zone-aware ps
* to obtain solaris list of global
* process ids for root and non-root
* users to lookup later */
int ZLoadProcesstable(Seq *pidlist, Seq *rootpidlist)
{
char *names[CF_PROCCOLS];
int start[CF_PROCCOLS];
int end[CF_PROCCOLS];
int index = 0;
const char *pscmd = "/usr/bin/ps -Aleo zone,user,pid";
FILE *psf = cf_popen(pscmd, "r", false);
if (psf == NULL)
{
Log(LOG_LEVEL_ERR, "ZLoadProcesstable: Couldn't open the process list with command %s.", pscmd);
return false;
}
size_t pbuff_size = CF_BUFSIZE;
char *pbuff = xmalloc(pbuff_size);
while (true)
{
ssize_t res = CfReadLine(&pbuff, &pbuff_size, psf);
if (res == -1)
{
if (!feof(psf))
{
Log(LOG_LEVEL_ERR, "IsGlobalProcess(char **, int): Unable to read process list with command '%s'. (fread: %s)", pscmd, GetErrorStr());
cf_pclose(psf);
free(pbuff);
return false;
}
else
{
break;
}
}
Chop(pbuff, pbuff_size);
if (strstr(pbuff, "PID")) /* This line is the header. */
{
GetProcessColumnNames(pbuff, &names[0], start, end);
}
else
{
int pid = ExtractPid(pbuff, &names[0], end);
size_t zone_offset = strspn(pbuff, " ");
size_t zone_end_offset = strcspn(pbuff + zone_offset, " ") + zone_offset;
size_t user_offset = strspn(pbuff + zone_end_offset, " ") + zone_end_offset;
size_t user_end_offset = strcspn(pbuff + user_offset, " ") + user_offset;
bool is_global = (zone_end_offset - zone_offset == 6
&& strncmp(pbuff + zone_offset, "global", 6) == 0);
bool is_root = (user_end_offset - user_offset == 4
&& strncmp(pbuff + user_offset, "root", 4) == 0);
if (is_global && is_root)
{
SeqAppend(rootpidlist, (void*)(intptr_t)pid);
}
else if (is_global && !is_root)
{
SeqAppend(pidlist, (void*)(intptr_t)pid);
}
}
}
cf_pclose(psf);
free(pbuff);
return true;
}
示例12: GenericAgentInitialize
//.........这里部分代码省略.........
else
{
chmod(vbuff, sb.st_mode | 0700);
}
snprintf(ebuff, sizeof(ebuff), "%s%cstate%ccf_procs",
CFWORKDIR, FILE_SEPARATOR, FILE_SEPARATOR);
MakeParentDirectory(ebuff, force);
if (stat(ebuff, &statbuf) == -1)
{
CreateEmptyFile(ebuff);
}
snprintf(ebuff, sizeof(ebuff), "%s%cstate%ccf_rootprocs",
CFWORKDIR, FILE_SEPARATOR, FILE_SEPARATOR);
if (stat(ebuff, &statbuf) == -1)
{
CreateEmptyFile(ebuff);
}
snprintf(ebuff, sizeof(ebuff), "%s%cstate%ccf_otherprocs",
CFWORKDIR, FILE_SEPARATOR, FILE_SEPARATOR);
if (stat(ebuff, &statbuf) == -1)
{
CreateEmptyFile(ebuff);
}
snprintf(ebuff, sizeof(ebuff), "%s%cstate%cprevious_state%c",
CFWORKDIR, FILE_SEPARATOR, FILE_SEPARATOR, FILE_SEPARATOR);
MakeParentDirectory(ebuff, force);
snprintf(ebuff, sizeof(ebuff), "%s%cstate%cdiff%c",
CFWORKDIR, FILE_SEPARATOR, FILE_SEPARATOR, FILE_SEPARATOR);
MakeParentDirectory(ebuff, force);
snprintf(ebuff, sizeof(ebuff), "%s%cstate%cuntracked%c",
CFWORKDIR, FILE_SEPARATOR, FILE_SEPARATOR, FILE_SEPARATOR);
MakeParentDirectory(ebuff, force);
OpenNetwork();
CryptoInitialize();
CheckWorkingDirectories(ctx);
/* Initialize keys and networking. cf-key, doesn't need keys. In fact it
must function properly even without them, so that it generates them! */
if (config->agent_type != AGENT_TYPE_KEYGEN)
{
LoadSecretKeys();
char *bootstrapped_policy_server = ReadPolicyServerFile(CFWORKDIR);
PolicyHubUpdateKeys(bootstrapped_policy_server);
free(bootstrapped_policy_server);
cfnet_init();
}
size_t cwd_size = PATH_MAX;
while (true)
{
char cwd[cwd_size];
if (!getcwd(cwd, cwd_size))
{
if (errno == ERANGE)
{
cwd_size *= 2;
continue;
}
Log(LOG_LEVEL_WARNING, "Could not determine current directory. (getcwd: '%s')", GetErrorStr());
break;
}
EvalContextSetLaunchDirectory(ctx, cwd);
break;
}
if (!MINUSF)
{
GenericAgentConfigSetInputFile(config, GetInputDir(), "promises.cf");
}
VIFELAPSED = 1;
VEXPIREAFTER = 1;
setlinebuf(stdout);
if (config->agent_specific.agent.bootstrap_policy_server)
{
snprintf(vbuff, CF_BUFSIZE, "%s%cfailsafe.cf", GetInputDir(), FILE_SEPARATOR);
if (stat(vbuff, &statbuf) == -1)
{
GenericAgentConfigSetInputFile(config, GetInputDir(), "failsafe.cf");
}
else
{
GenericAgentConfigSetInputFile(config, GetInputDir(), vbuff);
}
}
}
示例13: WriteReleaseIdFile
/**
* @brief Writes a file with a contained release ID based on git SHA,
* or file checksum if git SHA is not available.
* @param filename the release_id file
* @param dirname the directory to checksum or get the Git hash
* @return True if successful
*/
static bool WriteReleaseIdFile(const char *filename, const char *dirname)
{
char release_id[GENERIC_AGENT_CHECKSUM_SIZE];
bool have_release_id =
GeneratePolicyReleaseID(release_id, sizeof(release_id), dirname);
if (!have_release_id)
{
return false;
}
int fd = creat(filename, 0600);
if (fd == -1)
{
Log(LOG_LEVEL_ERR, "While writing policy release ID file '%s', could not create file (creat: %s)", filename, GetErrorStr());
return false;
}
JsonElement *info = JsonObjectCreate(3);
JsonObjectAppendString(info, "releaseId", release_id);
Writer *w = FileWriter(fdopen(fd, "w"));
JsonWrite(w, info, 0);
WriterClose(w);
JsonDestroy(info);
Log(LOG_LEVEL_VERBOSE, "Saved policy release ID file '%s'", filename);
return true;
}
示例14: WritePolicyValidatedFile
/**
* @brief Writes a file with a contained timestamp to mark a policy file as validated
* @param filename the filename
* @return True if successful.
*/
static bool WritePolicyValidatedFile(ARG_UNUSED const GenericAgentConfig *config, const char *filename)
{
if (!MakeParentDirectory(filename, true))
{
Log(LOG_LEVEL_ERR, "While writing policy validated marker file '%s', could not create directory (MakeParentDirectory: %s)", filename, GetErrorStr());
return false;
}
int fd = creat(filename, 0600);
if (fd == -1)
{
Log(LOG_LEVEL_ERR, "While writing policy validated marker file '%s', could not create file (creat: %s)", filename, GetErrorStr());
return false;
}
JsonElement *info = JsonObjectCreate(3);
JsonObjectAppendInteger(info, "timestamp", time(NULL));
Writer *w = FileWriter(fdopen(fd, "w"));
JsonWrite(w, info, 0);
WriterClose(w);
JsonDestroy(info);
Log(LOG_LEVEL_VERBOSE, "Saved policy validated marker file '%s'", filename);
return true;
}
示例15: ConsiderFile
static bool ConsiderFile(const char *nodename, const char *path, struct stat *stat)
{
int i;
const char *sp;
if (strlen(nodename) < 1)
{
Log(LOG_LEVEL_ERR, "Empty (null) filename detected in %s", path);
return true;
}
if (IsItemIn(SUSPICIOUSLIST, nodename))
{
if (stat && (S_ISREG(stat->st_mode) || S_ISLNK(stat->st_mode)))
{
Log(LOG_LEVEL_ERR, "Suspicious file %s found in %s", nodename, path);
return false;
}
}
if (strcmp(nodename, "...") == 0)
{
Log(LOG_LEVEL_VERBOSE, "Possible DFS/FS cell node detected in %s...", path);
return true;
}
for (i = 0; SKIPFILES[i] != NULL; i++)
{
if (strcmp(nodename, SKIPFILES[i]) == 0)
{
Log(LOG_LEVEL_DEBUG, "Filename '%s/%s' is classified as ignorable", path, nodename);
return false;
}
}
if ((strcmp("[", nodename) == 0) && (strcmp("/usr/bin", path) == 0))
{
#if defined(__linux__)
return true;
#endif
}
for (sp = nodename; *sp != '\0'; sp++)
{
if ((*sp > 31) && (*sp < 127))
{
break;
}
}
for (sp = nodename; *sp != '\0'; sp++) /* Check for files like ".. ." */
{
if ((*sp != '.') && (!isspace((int)*sp)))
{
return true;
}
}
if (stat == NULL)
{
Log(LOG_LEVEL_VERBOSE, "Couldn't stat '%s/%s'. (cf_lstat: %s)", path, nodename, GetErrorStr());
return true;
}
if ((stat->st_size == 0) && LogGetGlobalLevel() < LOG_LEVEL_INFO) /* No sense in warning about empty files */
{
return false;
}
Log(LOG_LEVEL_ERR, "Suspicious looking file object '%s' masquerading as hidden file in '%s'", nodename, path);
if (S_ISLNK(stat->st_mode))
{
Log(LOG_LEVEL_INFO, " %s is a symbolic link", nodename);
}
else if (S_ISDIR(stat->st_mode))
{
Log(LOG_LEVEL_INFO, " %s is a directory", nodename);
}
Log(LOG_LEVEL_VERBOSE, "[%s] has size %ld and full mode %o", nodename, (unsigned long) (stat->st_size),
(unsigned int) (stat->st_mode));
return true;
}