LibSysCTr 0.2 review

Download
by rbytes.net on

LibSysCTr is a utility library that can be used to intercept system call functions on a Linux system

License: LGPL (GNU Lesser General Public License)
File size: 317K
Developer: Davide Libenzi
0 stars award from rbytes.net

LibSysCTr is a utility library that can be used to intercept system call functions on a Linux system. Process monitoring and sandboxing are just two of the potential usages of LibSysCTr.

Internally the LibSysCTr library uses the ptrace(2) functionalities by monitoring and reporting events to the library caller.

The LibSysCTr is callback driven, that means that the user initializes the library with systr_init_library(), registers the system calls he wants to monitor with systr_trace_syscall(), and calls systr_run() to start receiving events in the form of callback invocation.

For each intercepted system call, two calls to the registered callback function are performed. One during the system call entry, before the system call iteself will be executed by the kernel, and one after the kernel has processed the system call (right before returning the userspace).

Utility functions are supplied to, retrieve information about the process, get/set the system call parameters, and read/write the monitored process address space.

The LibSysCTr library follows all threads and processes spawned by the traced task, by giving the caller the complete control over the whole monitored process hierarchy.

Installation:

The `configure' shell script attempts to guess correct values for various system-dependent variables used during compilation. It uses those values to create a `Makefile' in each directory of the package.

It may also create one or more `.h' files containing system-dependent definitions. Finally, it creates a shell script `config.status' that you can run in the future to recreate the current configuration, and a file `config.log' containing compiler output (useful mainly for debugging `configure').

It can also use an optional file (typically called `config.cache' and enabled with `--cache-file=config.cache' or simply `-C') that saves the results of its tests to speed up reconfiguring. (Caching is disabled by default to prevent problems with accidental use of stale cache files.)

If you need to do unusual things to compile the package, please try to figure out how `configure' could check whether to do them, and mail diffs or instructions to the address given in the `README' so they can be considered for the next release.

If you are using the cache, and at some point `config.cache' contains results you don't want to keep, you may remove or edit it.

The file `configure.ac' (or `configure.in') is used to create `configure' by a program called `autoconf'. You only need `configure.ac' if you want to change it or regenerate `configure' using a newer version of `autoconf'.

The simplest way to compile this package is:

1. `cd' to the directory containing the package's source code and type `./configure' to configure the package for your system.

If you're using `csh' on an old version of System V, you might need to type `sh ./configure' instead to prevent `csh' from trying to execute `configure' itself.

Running `configure' takes awhile. While running, it prints some messages telling which features it is checking for.

2. Type `make' to compile the package.

3. Optionally, type `make check' to run any self-tests that come with the package.

4. Type `make install' to install the programs and any data files and documentation.

5. You can remove the program binaries and object files from the source code directory by typing `make clean'. To also remove the files that `configure' created (so you can compile the package for a different kind of computer), type `make distclean'.

There is also a `make maintainer-clean' target, but that is intended mainly for the package's developers. If you use it, you may have to get all sorts of other programs in order to regenerate files that came with the distribution.

LibSysCTr 0.2 search tags