From aa291a7ac3db226ae1f645cb03670c17a8a1397e Mon Sep 17 00:00:00 2001
From: Kyle Quest <kcq.public@gmail.com>
Date: Fri, 28 Feb 2020 13:27:54 -0800
Subject: [PATCH] cleanup and pid filtering

---
 internal/app/sensor/artifacts.go      | 41 ++++++++++++++++++++
 internal/app/sensor/data_processor.go |  1 +
 pkg/util/fsutil/fsutil.go             | 54 ++++++++++++++++-----------
 3 files changed, 75 insertions(+), 21 deletions(-)

diff --git a/internal/app/sensor/artifacts.go b/internal/app/sensor/artifacts.go
index bcbd11d16e..cbcbfc67ea 100755
--- a/internal/app/sensor/artifacts.go
+++ b/internal/app/sensor/artifacts.go
@@ -31,6 +31,8 @@ import (
 )
 
 const (
+	pidFileSuffix          = ".pid"
+	varRunDir              = "/var/run/"
 	ngxBinName             = "/nginx"
 	ngxSubDir              = "/nginx/"
 	ngxCommonTemp          = "/var/lib/nginx"
@@ -297,9 +299,25 @@ func (p *artifactStore) saveArtifacts() {
 	}
 	log.Debugf("saveArtifacts - merged newPerms(%v): %+v", len(newPerms), newPerms)
 
+	dstRootPath := fmt.Sprintf("%s/files", p.storeLocation)
+	log.Debugf("saveArtifacts - prep file artifacts root dir - %v", dstRootPath)
+	err := os.MkdirAll(dstRootPath, 0777)
+	errutil.FailOn(err)
+
 	//TODO: use exludePaths to filter discovered files
 	log.Debugf("saveArtifacts - copy files (%v)", len(p.fileMap))
 	for srcFileName := range p.fileMap {
+		//filter out pid files (todo: have a flag to enable/disable these capabilities)
+		if isKnownPidFilePath(srcFileName) {
+			log.Debugf("saveArtifacts - copy files - skipping known pid file (%v)", srcFileName)
+			continue
+		}
+
+		if hasPidFileSuffix(srcFileName) {
+			log.Debugf("saveArtifacts - copy files - skipping a pid file (%v)", srcFileName)
+			continue
+		}
+
 		dstFilePath := fmt.Sprintf("%s/files%s", p.storeLocation, srcFileName)
 		log.Debug("saveArtifacts - saving file data => ", dstFilePath)
 		//err := cpFile(fileName, filePath)
@@ -717,6 +735,29 @@ func isRbGemSpecFile(filePath string) bool {
 	return false
 }
 
+var pidFilePathSuffixes = []string{
+	"/tmp/nginx.pid",
+	"/tmp/pids/server.pid",
+}
+
+func isKnownPidFilePath(filePath string) bool {
+	for _, suffix := range pidFilePathSuffixes {
+		if strings.HasSuffix(filePath, suffix) {
+			return true
+		}
+	}
+
+	return false
+}
+
+func hasPidFileSuffix(filePath string) bool {
+	if strings.HasSuffix(filePath, pidFileSuffix) {
+		return true
+	}
+
+	return false
+}
+
 func isNgxArtifact(filePath string) bool {
 	if strings.Contains(filePath, ngxSubDir) || strings.HasSuffix(filePath, ngxBinName) {
 		return true
diff --git a/internal/app/sensor/data_processor.go b/internal/app/sensor/data_processor.go
index a3fe48a0ca..935db07a46 100755
--- a/internal/app/sensor/data_processor.go
+++ b/internal/app/sensor/data_processor.go
@@ -113,6 +113,7 @@ func findSymlinks(files []string, mp string) map[string]*report.ArtifactProps {
 			}
 		}
 
+		//todo: skip "/proc/..." references
 		evalLinkRef, err := filepath.EvalSymlinks(absLinkRef)
 		if err != nil {
 			log.Warnf("findSymlinks.checkPathSymlinks - error evaluating symlink (%v) -> %v => %v", err, symlinkFileName, absLinkRef)
diff --git a/pkg/util/fsutil/fsutil.go b/pkg/util/fsutil/fsutil.go
index 97944d27ff..9ed87c7b42 100755
--- a/pkg/util/fsutil/fsutil.go
+++ b/pkg/util/fsutil/fsutil.go
@@ -216,12 +216,14 @@ func CopySymlinkFile(clone bool, src, dst string, makeDir bool) error {
 
 		if sysStat, ok := srcInfo.Sys().(*syscall.Stat_t); ok {
 			ssi := SysStatInfo(sysStat)
-			if err := UpdateSymlinkTimes(dst, ssi.Atime, ssi.Mtime); err != nil {
-				log.Warnf("CopySymlinkFile(%v,%v) - UpdateSymlinkTimes error", src, dst)
-			}
+			if ssi.Ok {
+				if err := UpdateSymlinkTimes(dst, ssi.Atime, ssi.Mtime); err != nil {
+					log.Warnf("CopySymlinkFile(%v,%v) - UpdateSymlinkTimes error", src, dst)
+				}
 
-			if err := os.Lchown(dst, int(ssi.Uid), int(ssi.Gid)); err != nil {
-				log.Warnln("CopySymlinkFile(%v,%v)- unable to change owner", src, dst)
+				if err := os.Lchown(dst, int(ssi.Uid), int(ssi.Gid)); err != nil {
+					log.Warnln("CopySymlinkFile(%v,%v)- unable to change owner", src, dst)
+				}
 			}
 		} else {
 			log.Warnf("CopySymlinkFile(%v,%v)- unable to get Stat_t", src, dst)
@@ -302,12 +304,14 @@ func cloneDirPath(src, dst string) {
 			log.Warnf("cloneDirPath() - unable to set perms (%v) - %v", dir.dst, err)
 		}
 
-		if err := UpdateFileTimes(dir.dst, dir.sys.Atime, dir.sys.Mtime); err != nil {
-			log.Warnf("cloneDirPath() - UpdateFileTimes error (%v) - %v", dir.dst, err)
-		}
+		if dir.sys.Ok {
+			if err := UpdateFileTimes(dir.dst, dir.sys.Atime, dir.sys.Mtime); err != nil {
+				log.Warnf("cloneDirPath() - UpdateFileTimes error (%v) - %v", dir.dst, err)
+			}
 
-		if err := os.Chown(dir.dst, int(dir.sys.Uid), int(dir.sys.Gid)); err != nil {
-			log.Warnln("cloneDirPath()- unable to change owner (%v) - %v", dir.dst, err)
+			if err := os.Chown(dir.dst, int(dir.sys.Uid), int(dir.sys.Gid)); err != nil {
+				log.Warnln("cloneDirPath()- unable to change owner (%v) - %v", dir.dst, err)
+			}
 		}
 	}
 }
@@ -351,8 +355,10 @@ func CopyRegularFile(clone bool, src, dst string, makeDir bool) error {
 					if err == nil {
 						if sysStat, ok := srcDirInfo.Sys().(*syscall.Stat_t); ok {
 							ssi := SysStatInfo(sysStat)
-							if err := UpdateFileTimes(dstDirPath, ssi.Atime, ssi.Mtime); err != nil {
-								log.Warnf("CopyRegularFile() - UpdateFileTimes(%v) error - %v", dstDirPath, err)
+							if ssi.Ok {
+								if err := UpdateFileTimes(dstDirPath, ssi.Atime, ssi.Mtime); err != nil {
+									log.Warnf("CopyRegularFile() - UpdateFileTimes(%v) error - %v", dstDirPath, err)
+								}
 							}
 						}
 					} else {
@@ -393,12 +399,14 @@ func CopyRegularFile(clone bool, src, dst string, makeDir bool) error {
 
 		if sysStat, ok := srcFileInfo.Sys().(*syscall.Stat_t); ok {
 			ssi := SysStatInfo(sysStat)
-			if err := UpdateFileTimes(dst, ssi.Atime, ssi.Mtime); err != nil {
-				log.Warnf("CopyRegularFile(%v,%v) - UpdateFileTimes error", src, dst)
-			}
+			if ssi.Ok {
+				if err := UpdateFileTimes(dst, ssi.Atime, ssi.Mtime); err != nil {
+					log.Warnf("CopyRegularFile(%v,%v) - UpdateFileTimes error", src, dst)
+				}
 
-			if err := d.Chown(int(ssi.Uid), int(ssi.Gid)); err != nil {
-				log.Warnln("CopyRegularFile(%v,%v)- unable to change owner", src, dst)
+				if err := d.Chown(int(ssi.Uid), int(ssi.Gid)); err != nil {
+					log.Warnln("CopyRegularFile(%v,%v)- unable to change owner", src, dst)
+				}
 			}
 		} else {
 			log.Warnf("CopyRegularFile(%v,%v)- unable to get Stat_t", src, dst)
@@ -410,8 +418,10 @@ func CopyRegularFile(clone bool, src, dst string, makeDir bool) error {
 
 		if sysStat, ok := srcFileInfo.Sys().(*syscall.Stat_t); ok {
 			ssi := SysStatInfo(sysStat)
-			if err := UpdateFileTimes(dst, ssi.Atime, ssi.Mtime); err != nil {
-				log.Warnf("CopyRegularFile(%v,%v) - UpdateFileTimes error", src, dst)
+			if ssi.Ok {
+				if err := UpdateFileTimes(dst, ssi.Atime, ssi.Mtime); err != nil {
+					log.Warnf("CopyRegularFile(%v,%v) - UpdateFileTimes error", src, dst)
+				}
 			}
 		} else {
 			log.Warnf("CopyRegularFile(%v,%v)- unable to get Stat_t", src, dst)
@@ -495,8 +505,10 @@ func copyFileObjectHandler(
 						if err == nil {
 							if sysStat, ok := srcDirInfo.Sys().(*syscall.Stat_t); ok {
 								ssi := SysStatInfo(sysStat)
-								if err := UpdateFileTimes(targetPath, ssi.Atime, ssi.Mtime); err != nil {
-									log.Warnf("copyFileObjectHandler() - UpdateFileTimes(%v) error - %v", targetPath, err)
+								if ssi.Ok {
+									if err := UpdateFileTimes(targetPath, ssi.Atime, ssi.Mtime); err != nil {
+										log.Warnf("copyFileObjectHandler() - UpdateFileTimes(%v) error - %v", targetPath, err)
+									}
 								}
 							}
 						} else {