Geyslan Gregório
Geyslan Gregório
This is only the beginning. So far this was done: - performance improvements - fix ParseOpenFlagArgument that wasn't printing O_RDONLY flag alone. - fix ParseAccessMode that wasn't printing F_OK flag...
This is a sequence of the effort already started by https://github.com/aquasecurity/tracee/pull/4200. As this was getting huge, the continuation will come after.
After all refactor done, I pretend to split it in different files. I also have an idea to try to reduce ParseArgs() logic, but gonna play with it only after...
@yanivagman rebased with a new fix.
/fast-forward
I was able to reproduce it: 1. `rm dist/signatures/builtin.so` 2. `sudo dist/tracee -o none` ``` {"level":"warn","ts":1727195441.2103937,"msg":"libbpf: prog 'trace_load_elf_phdrs': failed to create kprobe '+0x0' perf event: Invalid argument"} ``` @oshaked1 are...
> I could solve it by acquiring the capability in the `refresh` method instead of relying on the callers to acquire it. Do you think that would be a good...
> I'm sorry @geyslan, I'm not sure I got what you mean. Could you rephrase? Acquiring caps in between caps calls. But I believe you already answered with: > which...
@rscampos would you mind picking this?
@rscampos I'm pushing it, ok?