Skip to content

Commit

Permalink
tetragon: make resolving uid to username work with a processapi struct
Browse files Browse the repository at this point in the history 
[Upstream main 6229174 ]

Working with processapi object is better, so change
userinfo.MsgToExecveAccountUnix() to use processapi.MsgExecveEventUnix
as an argument.

Signed-off-by: Djalal Harouni <tixxdz@gmail.com>
  • Loading branch information
@tixxdz
tixxdz committed Jul 24, 2024
1 parent 1aa9e05 commit 40d0473
Show file tree
Hide file tree
Showing 3 changed files with 5 additions and 6 deletions.
2 changes: 1 addition & 1 deletion pkg/sensors/exec/exec.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,7 @@ func handleExecve(r *bytes.Reader) ([]observer.Event, error) {
msgUnix.Unix.Process = nopMsgProcess()
}
if err == nil && !empty {
err = userinfo.MsgToExecveAccountUnix(msgUnix)
err = userinfo.MsgToExecveAccountUnix(msgUnix.Unix)
if err != nil {
logger.GetLogger().WithFields(logrus.Fields{
"process.pid": msgUnix.Unix.Process.PID,
Expand Down
2 changes: 1 addition & 1 deletion pkg/sensors/exec/procevents/proc_reader.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -281,7 +281,7 @@ func pushExecveEvents(p procs) {
m.Unix.Process.Filename = filename
m.Unix.Process.Args = args

err := userinfo.MsgToExecveAccountUnix(&m)
err := userinfo.MsgToExecveAccountUnix(m.Unix)
if err != nil {
logger.GetLogger().WithFields(logrus.Fields{
"process.pid": p.pid,
Expand Down
7 changes: 3 additions & 4 deletions pkg/sensors/exec/userinfo/userinfo.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import (
"errors"

"github.com/cilium/tetragon/pkg/api/processapi"
"github.com/cilium/tetragon/pkg/grpc/exec"
"github.com/cilium/tetragon/pkg/metrics/errormetrics"
"github.com/cilium/tetragon/pkg/option"
"github.com/cilium/tetragon/pkg/reader/namespace"
Expand All @@ -34,11 +33,11 @@ func getAccountUnix(uid uint32, ns *processapi.MsgNamespaces) (string, error) {
return "", ErrNotInHostNs
}

func MsgToExecveAccountUnix(m *exec.MsgExecveEventUnix) error {
func MsgToExecveAccountUnix(unix *processapi.MsgExecveEventUnix) error {
if option.Config.UsernameMetadata == int(option.USERNAME_METADATA_UNIX) {
username, err := getAccountUnix(m.Unix.Process.UID, &m.Unix.Msg.Namespaces)
username, err := getAccountUnix(unix.Process.UID, &unix.Msg.Namespaces)
if err == nil {
m.Unix.Process.User.Name = username
unix.Process.User.Name = username
return nil
}

Expand Down

0 comments on commit 40d0473

Please sign in to comment.