DEMON进程+inotify自动生成系统级文件操作日志demo

<pre name="code" class="cpp"> #include<stdio.h>#include<string.h>#include<sys/stat.h>#include<sys/types.h>#include<stdlib.h>#include<unistd.h>#include<fcntl.h>#include<signal.h>#include <sys/inotify.h>#include<time.h>#if 01.  执行时  输入格式为：  ./a.out  日志文件名   要监控的文件/目录2.    只监控目录下的一级子目录，若监控目录下所有文件，可以在开一个进程，递归遍历父目录，遇到目录便将目录名传入监控函数并调用3.  若在一个守护进程中监控所有文件 则建立一个数组保存所有目录名，然后调用inotify_add_watch将目录逐个添加进去4.  代码比较乱#endifstruct messags{    uint32_t num;    char *mes;};struct messags mess[]={        {IN_ATTRIB, "  IN_ATTRIB"},           //文件属性被改变        {IN_CREATE, "  IN_CREATE"},            //文件被创建        {IN_DELETE, "  IN_DELETE"},            //文件被删除        {IN_DELETE_SELF, "  IN_DELETE_SELF"},  //文件/目录本身被删除        {IN_MODIFY, "  IN_MODIFY"},            //文件被修改        {IN_MOVE_SELF, "  IN_MOVE_SELF"},      //文件/目录 被移动        {IN_MOVED_FROM, "  IN_MOVED_FROM"},    //文件被移除        {IN_MOVED_TO, "  IN_MOVED_TO"}       //文件被移入        };char massage[1024] = {0};void sys_err(char *str){    perror(str);    exit(0);}void mytime(){    time_t t;    time(&t);    ctime_r(&t, (char *)&massage);    massage[strlen(massage)-1] = ' ';}int inot(char *log, char *filename){    struct inotify_event *event;    char fname[1024] ={0};    char buf[1024], *offset = NULL;    int fd, wd, filed, len, tmp_len, i;    filed = open(log, O_CREAT|O_WRONLY|O_APPEND, 0664);    if(filed < 0)    sys_err("open file_log");        fd = inotify_init();      if(fd < 0)        sys_err("inotify_init");    wd = inotify_add_watch(fd,filename,IN_ALL_EVENTS);  //IN_ALL_EVENTS 记录所有操作        while((len = read(fd, buf, 1024)) >= 0)    {        offset = buf;        event = (struct inotify_event *) buf;        while(((char *)event-buf) < len)        {            for(i = 0; i < 8; i++)                if(event->mask &mess[i].num)                {                                        memset(massage, 0, 1024);                    mytime();                    if(event->mask & IN_ISDIR)  //判断文件类型                    {                        if(i == 1)                        {                            sprintf(fname,"./a.out  %s/%s",filename,event->name);  //若有新目录被创建，则将新目录添加监控                            system(fname);                        }                        strcpy(massage+strlen(massage)-1, "  Direcotory  ");                      }                    else                        strcpy(massage+strlen(massage)-1, "  File  ");                    if(!strstr(event->name,"viminfo"))  //不记录viminfo的缓存文件                    {                        strcpy(massage+strlen(massage)-1,event->name) ;                         strcpy(massage+strlen(massage)-1, mess[i].mes);                        massage[strlen(massage)-1]='\n';                        if(write(filed, massage,strlen(massage)) < 0)                            sys_err("write messages");                    }                }            tmp_len = sizeof(struct inotify_event) + event->len;  //接着往下读记录            event = (struct inotify_event *)(offset + tmp_len);            offset +=tmp_len;        }    }        return 1;}void dameon(char *log, char *filename)  //守护进程入口{        umask(0);    close(0);    open("/dev/null/",O_RDWR);    dup2(0,2);    dup2(0,1);    setsid(); //脱离父进程    inot(log, filename);}int main(int argc,char *argv[]){    if(argc != 3)        {            printf("./a.out logname filename");            return 0;        }    pid_t pid;    pid = fork();    if(pid > 0)        return 0;    else if(pid == 0)        dameon(argv[1], argv[2]);    else        sys_err("fork");    return 0;}