1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Internals — Autodep documentation</title>
<link rel="stylesheet" href="_static/default.css" type="text/css" />
<link rel="stylesheet" href="_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: '',
VERSION: '0.1',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="_static/jquery.js"></script>
<script type="text/javascript" src="_static/underscore.js"></script>
<script type="text/javascript" src="_static/doctools.js"></script>
<link rel="top" title="Autodep documentation" href="index.html" />
<link rel="next" title="API" href="api.html" />
<link rel="prev" title="Introduction" href="intro.html" />
</head>
<body>
<div class="related">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
accesskey="I">index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="api.html" title="API"
accesskey="N">next</a> |</li>
<li class="right" >
<a href="intro.html" title="Introduction"
accesskey="P">previous</a> |</li>
<li><a href="index.html">Autodep</a> »</li>
</ul>
</div>
<div class="document">
<div class="documentwrapper">
<div class="bodywrapper">
<div class="body">
<div class="section" id="internals">
<h1>Internals<a class="headerlink" href="#internals" title="Permalink to this headline">¶</a></h1>
<div class="section" id="how-it-works">
<h2>How it works?<a class="headerlink" href="#how-it-works" title="Permalink to this headline">¶</a></h2>
<div class="section" id="scheme">
<h3>Scheme<a class="headerlink" href="#scheme" title="Permalink to this headline">¶</a></h3>
<img alt="_images/autodep_arch48.png" src="_images/autodep_arch48.png" />
</div>
<div class="section" id="format-of-network-messages">
<h3>Format of network messages<a class="headerlink" href="#format-of-network-messages" title="Permalink to this headline">¶</a></h3>
<ol class="arabic">
<li><p class="first">Format of messages to file access registrar:</p>
<div class="highlight-python"><pre><time of event: sec since 1970>
<event type: open, read, write>
<name of file>
<building stage: stagename or unknown>
<result:OK,ERR/errno,ASKING,DENIED></pre>
</div>
</li>
<li><p class="first">Format of answer for ASKING packet from registrar:</p>
<div class="highlight-python"><pre><ALLOW | DENY></pre>
</div>
</li>
</ol>
<p><em>Notes:</em></p>
<ul class="simple">
<li>All sockets are SOCK_SEQPACKET</li>
<li>All fields are delimited with character with code 0</li>
</ul>
</div>
</div>
<div class="section" id="how-hooklib-approach-works">
<h2>How Hooklib approach works?<a class="headerlink" href="#how-hooklib-approach-works" title="Permalink to this headline">¶</a></h2>
<p>The main idea of Hooklib approach is to load a dynamic library-hooker
<strong>before</strong> any other library(including the C runtime, libc.so).
So, the functions, such as open, read and write, executed from this library
instead of libc.so.</p>
<p>Hooklib module modifies Linux’s dynamic linker behavior changing LD_PRELOAD
environment variable(see
<a class="reference external" href="http://linux.die.net/man/8/ld-linux">man 8 ld-linux</a> for details).
Module protects LD_PRELOAD variable from further changes by program.</p>
<p>When hooklib module loads, it connects to file access registrar via Unix domain
sockets. If program forks or creates a new thread, another copy of library
loads.</p>
<p>When program do open(...), read(...), write(...), library send an information
about a call to registrar. Registar can block or allow an event. If registrer
allows an event then the original function is called. Else error
“file not found” is returned.</p>
</div>
<div class="section" id="how-fusefs-approach-works">
<h2>How Fusefs approach works?<a class="headerlink" href="#how-fusefs-approach-works" title="Permalink to this headline">¶</a></h2>
<p>The main idea if Fusefs approach is to create a loggable filesystem in userspace
and chroot a program into it.</p>
<p>Before program is launched registrar prepare mounts. It usually do:</p>
<ol class="arabic simple">
<li>mount -o bind / /mnt/rootfs/</li>
<li>mount /dev/, /dev/pts, /dev/shm, /proc/, /sys/ same way</li>
<li>mount /lib64/, /lib32/, /var/tmp/portage/ same way to increase performance at
cost of accuracy</li>
<li>launch fuse over /mnt/rootfs/</li>
</ol>
<p>Fuse module blocks all external access to /mnt/rootfs while program runs.</p>
<p>Fuse module also asks the registrar about event allowness.</p>
<p><em>Notes:</em></p>
<ul class="simple">
<li>Checking for allowness takes a much time</li>
</ul>
</div>
<div class="section" id="futher-analysis-of-file-access-events">
<h2>Futher analysis of file access events<a class="headerlink" href="#futher-analysis-of-file-access-events" title="Permalink to this headline">¶</a></h2>
<p>After file access analyser recieves list of events it maps it on a list of
packages.</p>
<p>Then analyser builds a list of dependencies for packages installed and compares
with the list it got from registrar. Analyser believes that packages from system
profile are implicit dependencies of any package in system.</p>
<p>If dependency from registrar is unexpected simple heuristics used to cut
unuseful packages.</p>
<div class="section" id="rules-of-heuristics">
<h3>Rules of heuristics<a class="headerlink" href="#rules-of-heuristics" title="Permalink to this headline">¶</a></h3>
<ol class="arabic simple">
<li><em>Package is not useful if all files are .desktop or .xml or .m4</em>.
Aclocal util tries to read all .m4 files in /usr/share/aclocal directory.
Files ending on .desktop and .xml often readed on postrm phase.</li>
</ol>
</div>
</div>
</div>
</div>
</div>
</div>
<div class="sphinxsidebar">
<div class="sphinxsidebarwrapper">
<h3><a href="index.html">Table Of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">Internals</a><ul>
<li><a class="reference internal" href="#how-it-works">How it works?</a><ul>
<li><a class="reference internal" href="#scheme">Scheme</a></li>
<li><a class="reference internal" href="#format-of-network-messages">Format of network messages</a></li>
</ul>
</li>
<li><a class="reference internal" href="#how-hooklib-approach-works">How Hooklib approach works?</a></li>
<li><a class="reference internal" href="#how-fusefs-approach-works">How Fusefs approach works?</a></li>
<li><a class="reference internal" href="#futher-analysis-of-file-access-events">Futher analysis of file access events</a><ul>
<li><a class="reference internal" href="#rules-of-heuristics">Rules of heuristics</a></li>
</ul>
</li>
</ul>
</li>
</ul>
<h4>Previous topic</h4>
<p class="topless"><a href="intro.html"
title="previous chapter">Introduction</a></p>
<h4>Next topic</h4>
<p class="topless"><a href="api.html"
title="next chapter">API</a></p>
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="_sources/architecture.txt"
rel="nofollow">Show Source</a></li>
</ul>
<div id="searchbox" style="display: none">
<h3>Quick search</h3>
<form class="search" action="search.html" method="get">
<input type="text" name="q" size="18" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<div class="clearer"></div>
</div>
<div class="related">
<h3>Navigation</h3>
<ul>
<li class="right" style="margin-right: 10px">
<a href="genindex.html" title="General Index"
>index</a></li>
<li class="right" >
<a href="py-modindex.html" title="Python Module Index"
>modules</a> |</li>
<li class="right" >
<a href="api.html" title="API"
>next</a> |</li>
<li class="right" >
<a href="intro.html" title="Introduction"
>previous</a> |</li>
<li><a href="index.html">Autodep</a> »</li>
</ul>
</div>
<div class="footer">
© Copyright 2011, Alexander Bersenev.
Last updated on Jul 25, 2011.
Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.0.7.
</div>
</body>
</html>
|
GitWeb