2014-12-18 18:50:47 +00:00
|
|
|
/*
|
|
|
|
|
* Copyright (c) 2014, Facebook, Inc.
|
|
|
|
|
* All rights reserved.
|
|
|
|
|
*
|
|
|
|
|
* This source code is licensed under the BSD-style license found in the
|
|
|
|
|
* LICENSE file in the root directory of this source tree. An additional grant
|
|
|
|
|
* of patent rights can be found in the PATENTS file in the same directory.
|
|
|
|
|
*
|
|
|
|
|
*/
|
2014-08-02 18:28:38 +00:00
|
|
|
|
2014-09-10 01:54:53 +00:00
|
|
|
#pragma once
|
2014-08-02 18:28:38 +00:00
|
|
|
|
2014-08-13 04:30:30 +00:00
|
|
|
#include <map>
|
2014-08-02 18:28:38 +00:00
|
|
|
#include <string>
|
|
|
|
|
#include <vector>
|
|
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
#include <boost/filesystem/path.hpp>
|
2014-08-13 04:30:30 +00:00
|
|
|
#include <boost/property_tree/ptree.hpp>
|
|
|
|
|
|
2014-12-03 23:31:09 +00:00
|
|
|
#include <osquery/status.h>
|
2014-08-02 18:28:38 +00:00
|
|
|
|
2014-08-15 07:25:30 +00:00
|
|
|
namespace osquery {
|
2014-08-02 18:28:38 +00:00
|
|
|
|
2014-09-16 07:28:23 +00:00
|
|
|
/**
|
|
|
|
|
* @brief Read a file from disk.
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-09-16 07:28:23 +00:00
|
|
|
* @param path the path of the file that you would like to read
|
|
|
|
|
* @param content a reference to a string which will be populated with the
|
|
|
|
|
* contents of the path indicated by the path parameter
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-10-06 21:23:26 +00:00
|
|
|
* @return an instance of Status, indicating the success or failure
|
2014-09-16 07:28:23 +00:00
|
|
|
* of the operation.
|
2014-09-15 19:47:00 +00:00
|
|
|
*/
|
2014-11-03 20:08:46 +00:00
|
|
|
Status readFile(const boost::filesystem::path& path, std::string& content);
|
2014-08-02 18:28:38 +00:00
|
|
|
|
2014-10-30 22:03:05 +00:00
|
|
|
/**
|
|
|
|
|
* @brief Write text to disk.
|
|
|
|
|
*
|
|
|
|
|
* @param path the path of the file that you would like to write
|
|
|
|
|
* @param content the text that should be written exactly to disk
|
|
|
|
|
* @param permissions the filesystem permissions to request when opening
|
|
|
|
|
* @param force_permissions always chmod the path after opening
|
|
|
|
|
*
|
|
|
|
|
* @return an instance of Status, indicating the success or failure
|
|
|
|
|
* of the operation.
|
|
|
|
|
*/
|
2014-11-03 20:08:46 +00:00
|
|
|
Status writeTextFile(const boost::filesystem::path& path,
|
|
|
|
|
const std::string& content,
|
|
|
|
|
int permissions = 0660,
|
|
|
|
|
bool force_permissions = false);
|
2014-10-30 22:03:05 +00:00
|
|
|
|
2014-11-03 20:08:46 +00:00
|
|
|
Status isWritable(const boost::filesystem::path& path);
|
|
|
|
|
Status isReadable(const boost::filesystem::path& path);
|
2014-10-27 01:39:03 +00:00
|
|
|
|
2014-09-16 07:28:23 +00:00
|
|
|
/**
|
|
|
|
|
* @brief A helper to check if a path exists on disk or not.
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-11-07 22:18:02 +00:00
|
|
|
* @param path the path on disk which you would like to check the existence of
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-10-06 21:23:26 +00:00
|
|
|
* @return an instance of Status, indicating the success or failure
|
|
|
|
|
* of the operation. Specifically, the code of the Status instance
|
2014-09-16 07:28:23 +00:00
|
|
|
* will be -1 if no input was supplied, assuming the caller is not aware of how
|
|
|
|
|
* to check path-getter results. The code will be 0 if the path does not exist
|
|
|
|
|
* on disk and 1 if the path does exist on disk.
|
2014-09-15 19:47:00 +00:00
|
|
|
*/
|
2014-11-03 20:08:46 +00:00
|
|
|
Status pathExists(const boost::filesystem::path& path);
|
2014-09-09 17:56:48 +00:00
|
|
|
|
2014-09-16 07:28:23 +00:00
|
|
|
/**
|
|
|
|
|
* @brief List all of the files in a specific directory, non-recursively.
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-09-16 07:28:23 +00:00
|
|
|
* @param path the path which you would like to list.
|
|
|
|
|
* @param results a non-const reference to a vector which will be populated
|
|
|
|
|
* with the directory listing of the path param, assuming that all operations
|
|
|
|
|
* completed successfully.
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-10-06 21:23:26 +00:00
|
|
|
* @return an instance of Status, indicating the success or failure
|
2014-09-16 07:28:23 +00:00
|
|
|
* of the operation.
|
2014-09-15 19:47:00 +00:00
|
|
|
*/
|
2014-11-03 20:08:46 +00:00
|
|
|
Status listFilesInDirectory(const boost::filesystem::path& path,
|
2014-10-07 18:20:47 +00:00
|
|
|
std::vector<std::string>& results);
|
2014-08-14 23:27:20 +00:00
|
|
|
|
2014-10-06 21:23:26 +00:00
|
|
|
/**
|
|
|
|
|
* @brief Get directory portion of a path.
|
|
|
|
|
*
|
|
|
|
|
* @param path The input path, either a filename or directory.
|
|
|
|
|
* @param dirpath a non-const reference to a resultant directory portion.
|
|
|
|
|
*
|
|
|
|
|
* @return If the input path was a directory this will indicate failure. One
|
|
|
|
|
* should use `isDirectory` before.
|
|
|
|
|
*/
|
2014-11-03 20:08:46 +00:00
|
|
|
Status getDirectory(const boost::filesystem::path& path,
|
|
|
|
|
boost::filesystem::path& dirpath);
|
2014-10-06 21:23:26 +00:00
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @brief Check if an input path is a directory.
|
|
|
|
|
*
|
|
|
|
|
* @param path The input path, either a filename or directory.
|
|
|
|
|
*
|
|
|
|
|
* @return If the input path was a directory.
|
|
|
|
|
*/
|
2014-11-03 20:08:46 +00:00
|
|
|
Status isDirectory(const boost::filesystem::path& path);
|
2014-10-06 21:23:26 +00:00
|
|
|
|
2014-10-01 02:59:52 +00:00
|
|
|
/**
|
|
|
|
|
* @brief Parse the users out of a tomcat user config from disk
|
|
|
|
|
*
|
|
|
|
|
* @param path A string which represents the path of the tomcat user config
|
|
|
|
|
* @param a vector of pairs which represent all of the users which were found
|
|
|
|
|
* in the supplied file. pair.first is the username and pair.second is the
|
|
|
|
|
* password.
|
|
|
|
|
*
|
2014-10-06 21:23:26 +00:00
|
|
|
* @return an instance of Status, indicating the success or failure
|
2014-10-01 02:59:52 +00:00
|
|
|
* of the operation
|
|
|
|
|
*/
|
2014-10-06 21:23:26 +00:00
|
|
|
Status parseTomcatUserConfigFromDisk(
|
2014-11-03 20:08:46 +00:00
|
|
|
const boost::filesystem::path& path,
|
2014-10-01 02:59:52 +00:00
|
|
|
std::vector<std::pair<std::string, std::string> >& credentials);
|
|
|
|
|
|
2014-10-01 02:49:38 +00:00
|
|
|
/**
|
2014-10-01 02:54:44 +00:00
|
|
|
* @brief Parse the users out of a tomcat user config
|
2014-10-01 02:49:38 +00:00
|
|
|
*
|
|
|
|
|
* @param content A string which represents the content of the file to parse
|
2014-10-01 02:54:44 +00:00
|
|
|
* @param a vector of pairs which represent all of the users which were found
|
|
|
|
|
* in the supplied file. pair.first is the username and pair.second is the
|
|
|
|
|
* password.
|
2014-10-01 02:49:38 +00:00
|
|
|
*
|
2014-10-06 21:23:26 +00:00
|
|
|
* @return an instance of Status, indicating the success or failure
|
2014-10-01 02:49:38 +00:00
|
|
|
* of the operation
|
|
|
|
|
*/
|
2014-10-06 21:23:26 +00:00
|
|
|
Status parseTomcatUserConfig(
|
2014-10-01 02:49:38 +00:00
|
|
|
const std::string& content,
|
2014-10-01 02:59:52 +00:00
|
|
|
std::vector<std::pair<std::string, std::string> >& credentials);
|
2014-10-01 02:49:38 +00:00
|
|
|
|
2014-08-13 04:30:30 +00:00
|
|
|
#ifdef __APPLE__
|
2014-09-16 07:28:23 +00:00
|
|
|
/**
|
|
|
|
|
* @brief Parse a property list on disk into a property tree.
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-09-16 07:28:23 +00:00
|
|
|
* @param path the path of the propery list which you'd like to read
|
|
|
|
|
* @param tree a non-const reference to a Boost property tree, which will be
|
|
|
|
|
* populated with the results of the property list
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-10-06 21:23:26 +00:00
|
|
|
* @return an instance of Status, indicating the success or failure
|
2014-09-16 07:28:23 +00:00
|
|
|
* of the operation.
|
2014-09-15 19:47:00 +00:00
|
|
|
*/
|
2014-11-03 20:08:46 +00:00
|
|
|
Status parsePlist(const boost::filesystem::path& path,
|
|
|
|
|
boost::property_tree::ptree& tree);
|
|
|
|
|
|
2014-09-16 07:28:23 +00:00
|
|
|
/**
|
|
|
|
|
* @brief Parse property list content into a property tree.
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-09-16 07:28:23 +00:00
|
|
|
* @param fileContent a string reference to the content of a plist
|
|
|
|
|
* @param tree a non-const reference to a Boost property tree, which will be
|
|
|
|
|
* populated with the results of the property list
|
2014-09-15 19:47:00 +00:00
|
|
|
*
|
2014-10-06 21:23:26 +00:00
|
|
|
* @return an instance of Status, indicating the success or failure
|
2014-09-16 07:28:23 +00:00
|
|
|
* of the operation.
|
2014-09-15 19:47:00 +00:00
|
|
|
*/
|
2014-10-06 21:23:26 +00:00
|
|
|
Status parsePlistContent(const std::string& fileContent,
|
2014-10-07 18:20:47 +00:00
|
|
|
boost::property_tree::ptree& tree);
|
2014-08-13 04:30:30 +00:00
|
|
|
#endif
|
2014-11-19 22:53:42 +00:00
|
|
|
|
|
|
|
|
#ifdef __linux__
|
|
|
|
|
/**
|
|
|
|
|
* @brief Iterate over proc process, returns a list of pids.
|
|
|
|
|
*
|
|
|
|
|
* @param processes output list of process pids as strings (int paths in proc).
|
|
|
|
|
*
|
|
|
|
|
* @return status of iteration.
|
|
|
|
|
*/
|
|
|
|
|
Status procProcesses(std::vector<std::string>& processes);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @brief Iterate over a proc process's descriptors, return a list of fds.
|
|
|
|
|
*
|
|
|
|
|
* @param process a string pid from proc.
|
|
|
|
|
* @param descriptors output list of descriptor numbers as strings.
|
|
|
|
|
*
|
|
|
|
|
* @return status of iteration, failure if the process path did not exist.
|
|
|
|
|
*/
|
|
|
|
|
Status procDescriptors(const std::string& process,
|
|
|
|
|
std::vector<std::string>& descriptors);
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @brief Read a descriptor's virtual path.
|
|
|
|
|
*
|
|
|
|
|
* @param process a string pid from proc.
|
|
|
|
|
* @param descriptor a string descriptor number for a proc.
|
|
|
|
|
* @param result output variable with value of link.
|
|
|
|
|
*
|
|
|
|
|
* @return status of read, failure on permission error or filesystem error.
|
|
|
|
|
*/
|
|
|
|
|
Status procReadDescriptor(const std::string& process,
|
|
|
|
|
const std::string& descriptor,
|
|
|
|
|
std::string& result);
|
|
|
|
|
#endif
|
2014-08-15 07:25:30 +00:00
|
|
|
}
|
