API tools faq
paste
Advertisement
Mr_hEx

python cdeo for file system events

Mr_hEx
Jun 28th, 2023 (edited)
122
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.96 KB | None | 0 0
raw download clone embed print report
  1. #!/usr/bin/env python3
  2. import os
  3. import selectors
  4. import ctypes
  5. from ctypes.util import find_library
  6.  
  7. IN_CREATE = 0x00000100
  8. IN_DELETE = 0x00000200
  9. IN_MOVED_FROM = 0x00000040
  10. IN_MOVED_TO = 0x00000080
  11. IN_MODIFY = 0x00000002
  12.  
  13. event_mask_dict = {
  14. IN_CREATE: "CREATE",
  15. IN_DELETE: "DELETE",
  16. IN_MOVED_FROM: "MOVED_FROM",
  17. IN_MOVED_TO: "MOVED_TO",
  18. IN_MODIFY: "MODIFY",
  19. }
  20.  
  21. # if not working lock for "libc.so.6"
  22. # if don't find it
  23. # use this command
  24. # CMD: ldd --verbose $(which python) | grep libc
  25. # if you don't have python try with bash
  26. # if you find libc.so.6
  27. # change c to full path of libc.so.6
  28. # libc = ctypes.CDLL(find_library("/lib/x86_64-linux-gnu/libc.so.6"))
  29.  
  30. libc = ctypes.CDLL(find_library("c"))
  31.  
  32. class InotifyEvent(ctypes.Structure):
  33. _fields_ = [
  34. ('wd', ctypes.c_int),
  35. ('mask', ctypes.c_uint32),
  36. ('cookie', ctypes.c_uint32),
  37. ('len', ctypes.c_uint32)
  38. ]
  39.  
  40. def init_inotify():
  41. inotify_init = libc.inotify_init1
  42. inotify_init.argtypes = [ctypes.c_int]
  43. inotify_init.restype = ctypes.c_int
  44. return inotify_init(0)
  45.  
  46. def add_watch(inotify_fd, path, mask):
  47. inotify_add_watch = libc.inotify_add_watch
  48. inotify_add_watch.argtypes = [ctypes.c_int, ctypes.c_char_p, ctypes.c_uint32]
  49. inotify_add_watch.restype = ctypes.c_int
  50. return inotify_add_watch(inotify_fd, path.encode(), mask)
  51.  
  52. def watch_directories(paths_to_watch):
  53. event_mask = IN_CREATE | IN_DELETE | IN_MOVED_FROM | IN_MOVED_TO | IN_MODIFY
  54. inotify_fd = init_inotify()
  55.  
  56. for path in paths_to_watch:
  57. if os.path.exists(path):
  58. wd = add_watch(inotify_fd, path, event_mask)
  59.  
  60. sel = selectors.DefaultSelector()
  61. sel.register(inotify_fd, selectors.EVENT_READ)
  62.  
  63. print("Watching for file system events in the specified directories\n")
  64.  
  65. while True:
  66. for key, mask in sel.select():
  67. event_buf = os.read(inotify_fd, ctypes.sizeof(InotifyEvent) + 4096)
  68. event = InotifyEvent.from_buffer_copy(event_buf)
  69. try:
  70. event_name = event_buf[ctypes.sizeof(InotifyEvent):].decode().rstrip('\0')
  71. if str(os.path.join(paths_to_watch[event.wd - 1], event_name)) != "/dev/tty" :
  72. print(f"Path: {os.path.join(paths_to_watch[event.wd - 1], event_name)}, Event mask: {event_mask_dict[event.mask]}")
  73. except:
  74. event_name = "NULL"
  75. try:
  76. if str(os.path.join(paths_to_watch[event.wd - 1], event_name)) != "/dev/tty" :
  77. print(f"Path: {os.path.join(paths_to_watch[event.wd - 1], event_name)}, Event mask: {event_mask_dict[event.mask]}")
  78. except:
  79. print("NULL !! => check your code !!")
  80.  
  81. if __name__ == '__main__':
  82. paths_to_watch = ["/root", "/bin", "/etc", "/lib", "/lib32", "/lib64", "/libx32", "/opt", "/tmp", "/var", "/usr", "/sys","/dev","/boot"]
  83. watch_directories(paths_to_watch)
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!