lsm-rs

Prerequisites

Install bpf-linker: cargo install bpf-linker

Build eBPF

cargo xtask build-ebpf

To perform a release build you can use the --release flag. You may also change the target architecture with the --target flag.

Build Userspace

cargo build

Run

RUST_LOG=info cargo xtask run

Example Output

{
  "LsmEvent": {
    "Data": {
      "Device": "0",
      "Group": "polkitd",
      "Inode": "5395",
      "Path": "/usr/bin/pkla-check-authorization",
      "User": "polkitd"
    },
    "Meta": {
      "SecurityHook": "security_bprm_check",
      "Type": "Exec"
    }
  }
},
{
  "LsmEvent": {
    "Data": {
      "Device": "0",
      "Group": "root",
      "Inode": "29927",
      "Path": "/usr/lib/systemd/systemd-hostnamed",
      "User": "root"
    },
    "Meta": {
      "SecurityHook": "security_bprm_check",
      "Type": "Exec"
    }
  }
},
{
  "LsmEvent": {
    "Data": {
      "Device": "0",
      "Group": "dave",
      "Inode": "47415",
      "Path": "/usr/libexec/grepconf.sh",
      "User": "dave"
    },
    "Meta": {
      "SecurityHook": "security_bprm_check",
      "Type": "Exec"
    }
  }
}

Name		Name	Last commit message	Last commit date
Latest commit History 9 Commits
.cargo		.cargo
.vscode		.vscode
lsm-rs-common		lsm-rs-common
lsm-rs-ebpf		lsm-rs-ebpf
lsm-rs		lsm-rs
xtask		xtask
Cargo.toml		Cargo.toml
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

lsm-rs

Prerequisites

Build eBPF

Build Userspace

Run

Example Output

About

Uh oh!

Releases

Packages

Uh oh!

Languages

dwindsor/lsm-rs

Folders and files

Latest commit

History

Repository files navigation

lsm-rs

Prerequisites

Build eBPF

Build Userspace

Run

Example Output

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Languages

Packages