Changeset 367 for trunk/include

Timestamp:

Oct 30, 2011, 9:18:31 AM (13 years ago)

Author:

katerina

Message:

Modifications for ticket #265 (inotify support). Needs testing.

Location:

trunk/include

Files:

• samhain.h (modified) (2 diffs)
• sh_files.h (modified) (1 diff)
• sh_inotify.h (modified) (1 diff)

trunk/include/samhain.h

@@ -200 +200 @@
 #define CLEAR_SH_FFLAG_SUIDCHK(a)   ((a) &= ~SH_FFLAG_SUIDCHK)
 
+/* Flags for inotify
+ */
+#define SH_INOTIFY_USE      (1<<0)
+#define SH_INOTIFY_DOSCAN   (1<<1)
+#define SH_INOTIFY_NEEDINIT (1<<2)
+
 
 /**************************************************
@@ -282 +288 @@
   int    audit;
   unsigned long aud_mask;
-  int    hidefile;                 /* TRUE if file not reveled in log */
+  int    hidefile;                 /* TRUE if file not shown in log   */
+  int    inotify;                  /* Flags for inotify               */
 } sh_sh_flag;
 

trunk/include/sh_files.h

@@ -221 +221 @@
 int sh_files_redef_allignore(const char * str);
 
+ShFileType sh_files_filecheck (int class, unsigned long check_mask,
+                               char * dirName, 
+                               char * infileName,
+                               int * reported, 
+                               int rsrcflag);
+
+int sh_files_search_file(char * name, int * class, unsigned long *check_mask, int * reported);
+void sh_files_set_file_reported(char * name);
+void sh_files_clear_file_reported(char * name);
 
 #endif

trunk/include/sh_inotify.h

@@ -19 +19 @@
 } sh_watches;
 
-#define SH_INOTIFY_INITIALIZER { { 0 }, { 0 }, { NULL}, 0, 0 }
+/* #define SH_INOTIFY_INITIALIZER { { 0 }, { 0 }, { NULL}, 0, 0 } */
+
+#define SH_INOTIFY_INITIALIZER { NULL, NULL, 0, 0 }
 
 int sh_inotify_wait_for_change(char * filename, sh_watches * watches, 
                                int  * errnum,   int waitsec);
 
-int sh_inotify_add_watch(char * filename, sh_watches * watches, int  * errnum);
+int sh_inotify_rm_watch (sh_watches * watches, sh_watches * save, int wd);
 
+int sh_inotify_add_watch(char * filename, sh_watches * watches, int  * errnum,
+                         int class, unsigned long check_mask);
+
+int sh_inotify_add_watch_later(char * filename, sh_watches * watches, int  * errnum,
+                               int class, unsigned long check_mask);
+
+char * sh_inotify_pop_dormant(sh_watches * watches, int * class, unsigned long * check_mask);
+
+void sh_inotify_purge_dormant(sh_watches * watches);
 void sh_inotify_remove(sh_watches * watches);
+void sh_inotify_init(sh_watches * watches);
+
+char * sh_inotify_search_item(sh_watches * watches, int watch, 
+                              int * class, unsigned long * check_mask);
+ssize_t sh_inotify_read(char * buffer, size_t count);
+int sh_inotify_recheck_watches (sh_watches * watches, sh_watches * save);
 
 #define SH_INOTIFY_ERROR(a) (a != 0)