32 lines
558 B
Bash
Executable file
32 lines
558 B
Bash
Executable file
#!/bin/sh
|
|
set -e
|
|
set -x
|
|
|
|
logfile=/tmp/bouncer.$$
|
|
trap "rm -f $logfile" EXIT
|
|
|
|
if [ S"$1" = S"" ]; then
|
|
>&2 echo "bouncer: syntax error: BOUNCER_WHITELIST=... bouncer <command>"
|
|
exit 1
|
|
fi
|
|
|
|
strace -eopen,chdir -o $logfile -f "$@"
|
|
|
|
awk -f- -F '[ "()]+' $logfile <<"EOF"
|
|
|
|
BEGIN {
|
|
split(ENVIRON["BOUNCER_WHITELIST"], whitelist_array, " +");
|
|
for (i in whitelist_array)
|
|
whitelist[whitelist_array[i]] = 1;
|
|
}
|
|
|
|
$2 == "chdir" {
|
|
print "pid ", $1, " chdir: ", $3;
|
|
}
|
|
|
|
($2 == "open") && ($5 !~ /O_CREAT/) && ($7 != -1) {
|
|
print "pid ", $1, " open: ", $3, $7;
|
|
}
|
|
|
|
EOF
|
|
|