File Dependency Tracing

trace_v3 utilizes several eBPF programs hooked onto system call entry tracepoints to report event information to the userspace-side application so that a command's read and write dependencies can be determined.

Instructions

cargo build -r
sudo ./install.sh # installs to /usr/local/bin as setuid
trace_v3 install # to install the ebpf programs and maps

Note

io_uring is not handled

Name		Name	Last commit message	Last commit date
Latest commit History 131 Commits
.github/workflows		.github/workflows
src		src
tests		tests
.gitignore		.gitignore
Cargo.lock		Cargo.lock
Cargo.toml		Cargo.toml
Makefile		Makefile
README.md		README.md
build.rs		build.rs
clean.sh		clean.sh
install.sh		install.sh
open1000.cpp		open1000.cpp
other_p.sh		other_p.sh
runAll.sh		runAll.sh
trace_v2.py		trace_v2.py

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

File Dependency Tracing

Instructions

Note

About

Uh oh!

Releases

Packages

Uh oh!

Uh oh!

Contributors 2

Uh oh!

Languages

binpash/trace_v3

Folders and files

Latest commit

History

Repository files navigation

File Dependency Tracing

Instructions

Note

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Uh oh!

Contributors 2

Uh oh!

Languages

Packages