diff -Nru gptrace-0.1.4/create-translations.sh gptrace-0.4.2/create-translations.sh --- gptrace-0.1.4/create-translations.sh 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/create-translations.sh 2014-09-06 18:09:57.000000000 +0000 @@ -2,7 +2,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it @@ -41,7 +41,7 @@ cat > "${POT_FILE}" << EOF # gpTrace # Trace the activities of an external application. -# Copyright (C) 2014 Fabio Castelli (Muflone) +# Copyright (C) 2014 Fabio Castelli (Muflone) # This file is distributed under the same license as the gpTrace package. # X translation for gpTrace. # diff -Nru gptrace-0.1.4/debian/changelog gptrace-0.4.2/debian/changelog --- gptrace-0.1.4/debian/changelog 2014-08-28 16:44:46.000000000 +0000 +++ gptrace-0.4.2/debian/changelog 2014-09-20 13:42:32.000000000 +0000 @@ -1,3 +1,9 @@ +gptrace (0.4.2-1~ppa+trusty0) trusty; urgency=low + + * New upstream release. + + -- Thanh Tung Nguyen Sat, 20 Sep 2014 15:42:31 +0100 + gptrace (0.1.4-1~ppa+trusty0) trusty; urgency=low * New upstream release. diff -Nru gptrace-0.1.4/debian/control gptrace-0.4.2/debian/control --- gptrace-0.1.4/debian/control 2014-08-28 16:58:11.000000000 +0000 +++ gptrace-0.4.2/debian/control 2014-09-20 13:46:54.000000000 +0000 @@ -13,7 +13,6 @@ Architecture: all Depends: ${python:Depends}, ${misc:Depends}, gir1.2-gtk-3.0, python-gi, python-ptrace, python-xdg -XB-Python-Version: ${python:Versions} Description: Trace the activities of an external application gpTrace is a free GTK+ application to trace the activities of an external process. diff -Nru gptrace-0.1.4/doc/changelog gptrace-0.4.2/doc/changelog --- gptrace-0.1.4/doc/changelog 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/doc/changelog 2014-09-06 18:09:57.000000000 +0000 @@ -1,33 +1,72 @@ +gptrace 0.4.2 + + * New Bulgarian translation by sahwar + + -- Fabio Castelli Sat, 06 Sep 2014 18:43:15 +0200 + +gptrace 0.4.1 + + * Interface cleanup + + -- Fabio Castelli Sun, 24 Aug 2014 21:08:12 +0200 + +gptrace 0.4.0 + + * Added Processes page + + -- Fabio Castelli Sun, 24 Aug 2014 01:23:27 +0200 + +gptrace 0.3.0 + + * Added Files page + + -- Fabio Castelli Sun, 17 Aug 2014 01:07:07 +0200 + +gptrace 0.2.0 + + * Added Counts page + * Added settings to show only called syscalls in Counts page + + -- Fabio Castelli Sat, 16 Aug 2014 15:58:04 +0200 + +gptrace 0.1.4 + + * Code cleanup + * Added create-translations.sh to rebuild translations files + * Updated translations + + -- Fabio Castelli Sat, 09 Aug 2014 20:47:14 +0200 + gptrace 0.1.3 * Added GtkBuilderLoader class * Moved all the Gtk widget references and moved to the GtkBuilderLoader * Updated project homepage URL - -- Fabio Castelli Sat, 21 Jun 2014 21:52:26 +0200 + -- Fabio Castelli Sat, 21 Jun 2014 21:52:26 +0200 * Added ignore/unignore menu items to add/remove a syscall from the list of the syscalls to intercept - -- Fabio Castelli Sun, 22 Jun 2014 00:31:17 +0200 + -- Fabio Castelli Sun, 22 Jun 2014 00:31:17 +0200 gptrace 0.1.2 * Added filtering menu to hide or show only the selected syscall - -- Fabio Castelli Mon, 2 Jun 2014 20:42:12 +0200 + -- Fabio Castelli Mon, 2 Jun 2014 20:42:12 +0200 gptrace 0.1.1 * Replaced the GtkButtonFileChooser with a GtkEntry and a GtkButton - -- Fabio Castelli Mon, 2 Jun 2014 19:27:17 +0200 + -- Fabio Castelli Mon, 2 Jun 2014 19:27:17 +0200 gptrace 0.1.0 * First public release - -- Fabio Castelli Sun, 4 Maj 2014 15:59:31 +0200 + -- Fabio Castelli Sun, 4 Maj 2014 15:59:31 +0200 gptrace 0.0.6 @@ -36,14 +75,14 @@ * Added menu item to clear the result list immediately * Added option item to automatically clear the results on tracing startup - -- Fabio Castelli Thu, 1 Maj 2014 21:04:48 +0200 + -- Fabio Castelli Thu, 1 Maj 2014 21:04:48 +0200 gptrace 0.0.5 * Added format column * Added option menu to set column visibility - -- Fabio Castelli Mon, 28 Apr 2014 01:58:04 +0200 + -- Fabio Castelli Mon, 28 Apr 2014 01:58:04 +0200 gptrace 0.0.4 @@ -51,7 +90,7 @@ * Main window closing speed-up by hiding it immediately * Moved the debugger options from SyscallTracer to MainWindow - -- Fabio Castelli Sun, 27 Apr 2014 00:03:33 +0200 + -- Fabio Castelli Sun, 27 Apr 2014 00:03:33 +0200 gptrace 0.0.3 @@ -60,17 +99,17 @@ related * Added forked process support - -- Fabio Castelli Sat, 26 Apr 2014 19:47:05 +0200 + -- Fabio Castelli Sat, 26 Apr 2014 19:47:05 +0200 gptrace 0.0.2 * Added a list for syscalls to intercept * Added PID and IP (Instruction Pointer) column in the results list - -- Fabio Castelli Mon, 21 Apr 2014 20:18:14 +0200 + -- Fabio Castelli Mon, 21 Apr 2014 20:18:14 +0200 gptrace 0.0.1 * Initial release - -- Fabio Castelli Sun, 13 Apr 2014 00:21:55 +0100 + -- Fabio Castelli Sun, 13 Apr 2014 00:21:55 +0100 diff -Nru gptrace-0.1.4/doc/copyright gptrace-0.4.2/doc/copyright --- gptrace-0.1.4/doc/copyright 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/doc/copyright 2014-09-06 18:09:57.000000000 +0000 @@ -1,4 +1,4 @@ -Copyright 2014 Fabio Castelli +Copyright 2014 Fabio Castelli License: GPL-2+ GNU GENERAL PUBLIC LICENSE diff -Nru gptrace-0.1.4/doc/translators gptrace-0.4.2/doc/translators --- gptrace-0.1.4/doc/translators 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/doc/translators 2014-09-06 18:09:57.000000000 +0000 @@ -1,2 +1,3 @@ -English: Fabio Castelli -Italian: Fabio Castelli +English: Fabio Castelli +Italian: Fabio Castelli +Bulgarian: sahwar diff -Nru gptrace-0.1.4/.gitignore gptrace-0.4.2/.gitignore --- gptrace-0.1.4/.gitignore 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/.gitignore 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,8 @@ +/locale/ +*.pyc +*.glade~ +/build/ +/root/ +__pycache__ +/tmp/ +ui/*.h diff -Nru gptrace-0.1.4/gptrace/app.py gptrace-0.4.2/gptrace/app.py --- gptrace-0.1.4/gptrace/app.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/app.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/gptrace/constants.py gptrace-0.4.2/gptrace/constants.py --- gptrace-0.1.4/gptrace/constants.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/constants.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it @@ -25,12 +25,12 @@ # Application constants APP_NAME = 'gpTrace' -APP_VERSION = '0.1.4' +APP_VERSION = '0.4.2' APP_DESCRIPTION = 'Trace the activities of an external application.' APP_ID = 'gptrace.muflone.com' APP_URL = 'http://www.muflone.com/gptrace/' APP_AUTHOR = 'Fabio Castelli' -APP_AUTHOR_EMAIL = 'webreg@vbsimple.net' +APP_AUTHOR_EMAIL = 'muflone@vbsimple.net' APP_COPYRIGHT = 'Copyright 2014 %s' % APP_AUTHOR # Other constants DOMAIN_NAME = 'gptrace' diff -Nru gptrace-0.1.4/gptrace/daemon_thread.py gptrace-0.4.2/gptrace/daemon_thread.py --- gptrace-0.1.4/gptrace/daemon_thread.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/daemon_thread.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,8 +1,8 @@ ## -# Project: CPUCompare -# Description: A GTK+ application to make comparisons between CPU models -# Author: Fabio Castelli -# Copyright: 2013 Fabio Castelli +# Project: gpTrace +# Description: Trace the activities of an external application +# Author: Fabio Castelli (Muflone) +# Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the Free diff -Nru gptrace-0.1.4/gptrace/event_tracer.py gptrace-0.4.2/gptrace/event_tracer.py --- gptrace-0.1.4/gptrace/event_tracer.py 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/gptrace/event_tracer.py 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,105 @@ +## +# Project: gpTrace +# Description: Trace the activities of an external application +# Author: Fabio Castelli (Muflone) +# Copyright: 2014 Fabio Castelli +# License: GPL-2+ +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA +## + +from grp import getgrgid +from pwd import getpwuid + +from gptrace.functions import _ + +from ptrace.debugger.process_event import NewProcessEvent, ProcessExecution, ProcessExit +from ptrace.debugger.child import ChildError +from ptrace.debugger.ptrace_signal import ProcessSignal +from ptrace.os_tools import RUNNING_LINUX + +if RUNNING_LINUX: + from ptrace.linux_proc import readProcessCmdline, readProcessLink, openProc + +UID = 'uid' +GID = 'gid' +EUID = 'euid' +EGID = 'egid' + +class EventTracer(object): + def __init__(self, callback): + """Handle events requests by firing up the callback each time a new + information must be shown""" + self.event_callback = callback + + def handle_event(self, event): + """Handle external events like new process execution or child close""" + if isinstance(event, NewProcessEvent): + # Under Linux the new process phase first fork a new process with the same + # command line of the starting process then changes its command line + # Therefore here I skip the NewProcessEvent event and after I add a new + # process during the ProcessExecution event + status = None + elif isinstance(event, ProcessExecution): + status = _('Process execution') + elif isinstance(event, ProcessExit): + status = _('Process exit') + elif isinstance(event, ProcessSignal): + status = _('Process signal: %s') % event + elif isinstance(event, ChildError): + status = None + print event + else: + status = _('Event: %s') % event + + if status: + pid = event.process.pid + if RUNNING_LINUX and isinstance(event, ProcessExecution): + self.event_callback(pid, _('Command line'), + ' '.join(readProcessCmdline(event.process.pid))) + self.event_callback(pid, _('Current working directory'), + readProcessLink(event.process.pid, 'cwd')) + # If the process has a parent PID include it in the details + if event.process.parent: + self.event_callback(pid, _('Parent PID'), str(event.process.parent.pid)) + # Add process details + details = self._get_process_status_details(event.process.pid) + if details.has_key(UID): + self.event_callback(pid, _('User ID'), details[UID].pw_uid) + self.event_callback(pid, _('User name'), details[UID].pw_name) + self.event_callback(pid, _('User real name'), details[UID].pw_gecos) + if details.has_key(EUID): + self.event_callback(pid, _('Effective user ID'), details[EUID].pw_uid) + self.event_callback(pid, _('Effective user name'), details[EUID].pw_name) + self.event_callback(pid, _('Effective user real name'), details[EUID].pw_gecos) + if details.has_key(GID): + self.event_callback(pid, _('Group ID'), details[GID].gr_gid) + self.event_callback(pid, _('Group name'), details[GID].gr_name) + if details.has_key(EGID): + self.event_callback(pid, _('Effective group ID'), details[EGID].gr_gid) + self.event_callback(pid, _('Effective group name'), details[EGID].gr_name) + self.event_callback(pid, information=_('Status'), value=status) + + def _get_process_status_details(self, pid): + """Get details from process status""" + dict_result = {} + status_file = openProc('%s/status' % pid) + for line in status_file: + if line.startswith('Uid:'): + dict_result[UID] = getpwuid(int(line[5:].split('\t')[0])) + dict_result[EUID] = getpwuid(int(line[5:].split('\t')[1])) + elif line.startswith('Gid:'): + dict_result[GID] = getgrgid(int(line[5:].split('\t')[0])) + dict_result[EGID] = getgrgid(int(line[5:].split('\t')[1])) + status_file.close() + return dict_result diff -Nru gptrace-0.1.4/gptrace/functions.py gptrace-0.4.2/gptrace/functions.py --- gptrace-0.1.4/gptrace/functions.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/functions.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it @@ -28,22 +28,6 @@ from gptrace.constants import * -def show_message_dialog_yesno(winParent, message, title, default_response): - """Show a GtkMessageDialog with yes and no buttons""" - dialog = Gtk.MessageDialog( - parent=winParent, - flags=Gtk.DialogFlags.MODAL, - type=Gtk.MessageType.QUESTION, - buttons=Gtk.ButtonsType.YES_NO, - message_format=message - ) - dialog.set_title(title) - if default_response: - dialog.set_default_response(default_response) - response = dialog.run() - dialog.destroy() - return response - def show_dialog_fileopen(parent, title): """Show a FileChooserDialog with open and cancel buttons""" dialog = Gtk.FileChooserDialog( @@ -99,13 +83,17 @@ """Get a translated message from GTK+ 3 domain""" return gettext_with_domain('gtk30', context and '%s\x04%s' % (context, message) or message) + +def show_popup_menu(menu): + """Show a popup menu at the current position""" + return menu.popup(None, None, None, 0, 0, Gtk.get_current_event_time()) __all__ = [ - 'show_message_dialog_yesno', 'show_dialog_fileopen', 'readlines', 'process_events', 'find_button_from_gtktreeviewcolumn', '_', - 'GTK30_' + 'GTK30_', + 'show_popup_menu' ] diff -Nru gptrace-0.1.4/gptrace/gtkbuilder_loader.py gptrace-0.4.2/gptrace/gtkbuilder_loader.py --- gptrace-0.1.4/gptrace/gtkbuilder_loader.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/gtkbuilder_loader.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/gptrace/__init__.py gptrace-0.4.2/gptrace/__init__.py --- gptrace-0.1.4/gptrace/__init__.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/__init__.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/gptrace/models/activities.py gptrace-0.4.2/gptrace/models/activities.py --- gptrace-0.1.4/gptrace/models/activities.py 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/activities.py 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,58 @@ +## +# Project: gpTrace +# Description: Trace the activities of an external application +# Author: Fabio Castelli (Muflone) +# Copyright: 2014 Fabio Castelli +# License: GPL-2+ +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA +## + +from gi.repository import Gtk + +from .base import ModelBase + +class ModelActivities(ModelBase): + COL_TIMESTAMP = 0 + COL_TIME = 1 + COL_SYSCALL = 2 + COL_FORMAT = 3 + COL_PID = 3 + COL_IP = 4 + + def __init__(self, model): + super(self.__class__, self).__init__(model) + + def get_timestamp(self, treepath): + """Get the timestamp of a row""" + return self.get_model_data(treepath, self.COL_TIMESTAMP) + + def get_time(self, treepath): + """Get the relative time of a row""" + return self.get_model_data(treepath, self.COL_TIME) + + def get_syscall(self, treepath): + """Get the syscall of a row""" + return self.get_model_data(treepath, self.COL_SYSCALL) + + def get_format(self, treepath): + """Get the format of a row""" + return self.get_model_data(treepath, self.COL_FORMAT) + + def get_pid(self, treepath): + """Get the PID of a row""" + return self.get_model_data(treepath, self.COL_PID) + + def get_ip(self, treepath): + """Get the instruction pointer of a row""" + return self.get_model_data(treepath, self.COL_IP) diff -Nru gptrace-0.1.4/gptrace/models/base.py gptrace-0.4.2/gptrace/models/base.py --- gptrace-0.1.4/gptrace/models/base.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/base.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it @@ -47,7 +47,10 @@ def add(self, items): """Add a new treerow to the model""" - self.model.append(items) + if isinstance(self.model, Gtk.ListStore): + self.model.append(items) + else: + self.model.append(None, items) return False def remove(self, treeiter): @@ -65,3 +68,7 @@ def __iter__(self): """Iter over the model rows""" return iter(self.model) + + def add_node(self, parent, items): + """Add a new child treerow to the model""" + return self.model.append(parent, items) diff -Nru gptrace-0.1.4/gptrace/models/counts.py gptrace-0.4.2/gptrace/models/counts.py --- gptrace-0.1.4/gptrace/models/counts.py 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/counts.py 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,63 @@ +## +# Project: gpTrace +# Description: Trace the activities of an external application +# Author: Fabio Castelli (Muflone) +# Copyright: 2014 Fabio Castelli +# License: GPL-2+ +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA +## + +from gi.repository import Gtk + +from .base import ModelBase + +class ModelCounts(ModelBase): + COL_SYSCALL = 0 + COL_COUNT = 1 + COL_VISIBILITY = 2 + + def __init__(self, model): + super(self.__class__, self).__init__(model) + # Store the ListStore rows in a dictionary for faster access + self.dictSyscalls = {} + + def add(self, items): + """Add a new row in the model""" + super(self.__class__, self).add(items) + self.dictSyscalls[items[self.COL_SYSCALL]] = self.model[self.count() - 1] + + def get_syscall(self, treepath): + """Get the syscall of a row""" + return self.get_model_data(treepath, self.COL_SYSCALL) + + def get_count(self, treepath): + """Get the count of a row""" + return self.get_model_data(treepath, self.COL_COUNT) + + def get_visibility(self, treepath): + """Get the visibility of a row""" + return self.get_model_data(treepath, self.COL_VISIBILITY) + + def increment_count(self, syscall): + """Increment the count by 1 for the requested syscall""" + model_row = self.dictSyscalls[syscall] + self.set_model_data(model_row, self.COL_COUNT, + self.get_model_data(model_row, self.COL_COUNT) + 1) + self.set_model_data(model_row, self.COL_VISIBILITY, True) + + def clear_values(self): + """Set the count of all items to zero""" + for model_row in self.dictSyscalls.values(): + self.set_model_data(model_row, self.COL_COUNT, 0) + self.set_model_data(model_row, self.COL_VISIBILITY, False) diff -Nru gptrace-0.1.4/gptrace/models/files.py gptrace-0.4.2/gptrace/models/files.py --- gptrace-0.1.4/gptrace/models/files.py 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/files.py 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,65 @@ +## +# Project: gpTrace +# Description: Trace the activities of an external application +# Author: Fabio Castelli (Muflone) +# Copyright: 2014 Fabio Castelli +# License: GPL-2+ +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA +## + +from gi.repository import Gtk + +from .base import ModelBase + +class ModelFiles(ModelBase): + COL_PID = 0 + COL_FILEPATH = 1 + COL_EXISTING = 2 + + KEY_ITER = 'iter' + KEY_FILES = 'files' + + def __init__(self, model): + super(self.__class__, self).__init__(model) + # Store the TreeNodes in a dictionary for faster access + self.dictProcesses = {} + + def add(self, items): + """Add a new row in the model""" + if not items[self.COL_PID] in self.dictProcesses.keys(): + # Add a new row as process ID + super(self.__class__, self).add( + items=(items[self.COL_PID], None, True)) + self.dictProcesses[items[self.COL_PID]] = { + self.KEY_ITER: self.model.get_iter(self.count() - 1), + self.KEY_FILES: [] + } + # Add the items as children of the PID + subitems = [None, ] + subitems.extend(items[1:]) + pid_process = self.dictProcesses[items[self.COL_PID]] + if not items[self.COL_FILEPATH] in pid_process[self.KEY_FILES]: + # The requested filepath doesn't exist in the saved list of processes + # therefore it will be appended under the PID node + self.add_node(pid_process[self.KEY_ITER], items=subitems) + pid_process[self.KEY_FILES].append(items[self.COL_FILEPATH]) + + def get_filepath(self, treepath): + """Get the filepath of a row""" + return self.get_model_data(treepath, self.COL_FILEPATH) + + def clear(self): + """Empty the model""" + self.dictProcesses.clear() + return super(self.__class__, self).clear() diff -Nru gptrace-0.1.4/gptrace/models/__init__.py gptrace-0.4.2/gptrace/models/__init__.py --- gptrace-0.1.4/gptrace/models/__init__.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/__init__.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/gptrace/models/intercepted_syscalls.py gptrace-0.4.2/gptrace/models/intercepted_syscalls.py --- gptrace-0.1.4/gptrace/models/intercepted_syscalls.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/intercepted_syscalls.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/gptrace/models/processes.py gptrace-0.4.2/gptrace/models/processes.py --- gptrace-0.1.4/gptrace/models/processes.py 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/processes.py 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,71 @@ +## +# Project: gpTrace +# Description: Trace the activities of an external application +# Author: Fabio Castelli (Muflone) +# Copyright: 2014 Fabio Castelli +# License: GPL-2+ +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA +## + +from gi.repository import Gtk + +from .base import ModelBase + +class ModelProcesses(ModelBase): + COL_PID = 0 + COL_TIMESTAMP = 1 + COL_TIME = 2 + COL_INFORMATION = 3 + COL_VALUE = 4 + + def __init__(self, model): + super(self.__class__, self).__init__(model) + # Store the TreeNodes in a dictionary for faster access + self.dictProcesses = {} + + def add(self, items): + """Add a new row in the model""" + if not items[self.COL_PID] in self.dictProcesses.keys(): + # Add a new row as process ID + super(self.__class__, self).add(items=( + items[self.COL_PID], + items[self.COL_TIMESTAMP], + items[self.COL_TIME], + items[self.COL_INFORMATION], + items[self.COL_VALUE], + )) + self.dictProcesses[items[self.COL_PID]] = self.model.get_iter(self.count() - 1) + else: + # Add the items as children of the PID + self.add_node(self.dictProcesses[items[self.COL_PID]], items=items) + + def get_pid(self, treepath): + """Get the PID of a row""" + return self.get_model_data(treepath, self.COL_PID) + + def get_timestamp(self, treepath): + """Get the timestamp of a row""" + return self.get_model_data(treepath, self.COL_TIMESTAMP) + + def get_time(self, treepath): + """Get the time of a row""" + return self.get_model_data(treepath, self.COL_TIME) + + def get_information(self, treepath): + """Get the information of a row""" + return self.get_model_data(treepath, self.COL_INFORMATION) + + def get_value(self, treepath): + """Get the value of a row""" + return self.get_model_data(treepath, self.COL_VALUE) diff -Nru gptrace-0.1.4/gptrace/models/syscalls.py gptrace-0.4.2/gptrace/models/syscalls.py --- gptrace-0.1.4/gptrace/models/syscalls.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/models/syscalls.py 1970-01-01 00:00:00.000000000 +0000 @@ -1,58 +0,0 @@ -## -# Project: gpTrace -# Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) -# Copyright: 2014 Fabio Castelli -# License: GPL-2+ -# This program is free software; you can redistribute it and/or modify it -# under the terms of the GNU General Public License as published by the Free -# Software Foundation; either version 2 of the License, or (at your option) -# any later version. -# -# This program is distributed in the hope that it will be useful, but WITHOUT -# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -# more details. -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA -## - -from gi.repository import Gtk - -from .base import ModelBase - -class ModelSyscalls(ModelBase): - COL_TIMESTAMP = 0 - COL_TIME = 1 - COL_SYSCALL = 2 - COL_FORMAT = 3 - COL_PID = 3 - COL_IP = 4 - - def __init__(self, model): - super(self.__class__, self).__init__(model) - - def get_timestamp(self, treepath): - """Get the timestamp of a row""" - return self.get_model_data(treepath, self.COL_TIMESTAMP) - - def get_relative_time(self, treepath): - """Get the relative time of a row""" - return self.get_model_data(treepath, self.COL_RELATIVE_TIME) - - def get_syscall(self, treepath): - """Get the syscall of a row""" - return self.get_model_data(treepath, self.COL_SYSCALL) - - def get_format(self, treepath): - """Get the format of a row""" - return self.get_model_data(treepath, self.COL_FORMAT) - - def get_pid(self, treepath): - """Get the PID of a row""" - return self.get_model_data(treepath, self.COL_PID) - - def get_ip(self, treepath): - """Get the instruction pointer of a row""" - return self.get_model_data(treepath, self.COL_IP) diff -Nru gptrace-0.1.4/gptrace/settings.py gptrace-0.4.2/gptrace/settings.py --- gptrace-0.1.4/gptrace/settings.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/settings.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it @@ -29,6 +29,10 @@ SECTION_MAINWIN = 'main window' SECTION_APPLICATION = 'application' +SECTION_ACTIVITIES = 'activities' +SECTION_COUNTS = 'counts' +SECTION_FILES = 'files' +SECTION_PROCESSES = 'processes' class Settings(object): def __init__(self): @@ -102,37 +106,35 @@ self.config.set(SECTION_APPLICATION, 'intercepted syscalls', ','.join(model.syscalls)) - def get_visible_columns(self): + def get_visible_columns(self, section): """Get the visible column list""" results = None - if self.config.has_option(SECTION_APPLICATION, 'visible columns'): - results = self.config.get( - SECTION_APPLICATION, 'visible columns').split(',') + if self.config.has_option(section, 'visible columns'): + results = self.config.get(section, 'visible columns').split(',') return results - def set_visible_columns(self, columns_list): + def set_visible_columns(self, section, columns_list): """Save the visible column list""" - if not self.config.has_section(SECTION_APPLICATION): - self.config.add_section(SECTION_APPLICATION) + if not self.config.has_section(section): + self.config.add_section(section) names_list = [] for column in columns_list: if column.get_visible(): names_list.append(column.get_name()) - self.config.set(SECTION_APPLICATION, 'visible columns', - ','.join(names_list)) + self.config.set(section, 'visible columns', ','.join(names_list)) - def get_boolean(self, name, default=None): - """Get a boolean option""" - if self.config.has_option(SECTION_APPLICATION, name): - return self.config.get(SECTION_APPLICATION, name) == '1' + def get_boolean(self, section, name, default=None): + """Get a boolean option from a specific section""" + if self.config.has_option(section, name): + return self.config.get(section, name) == '1' else: return default - def set_boolean(self, name, value): - """Save a boolean option""" - if not self.config.has_section(SECTION_APPLICATION): - self.config.add_section(SECTION_APPLICATION) - self.config.set(SECTION_APPLICATION, name, value and '1' or '0') + def set_boolean(self, section, name, value): + """Save a boolean option in a specific section""" + if not self.config.has_section(section): + self.config.add_section(section) + self.config.set(section, name, value and '1' or '0') def save(self): """Save the whole configuration""" diff -Nru gptrace-0.1.4/gptrace/syscall_tracer.py gptrace-0.4.2/gptrace/syscall_tracer.py --- gptrace-0.1.4/gptrace/syscall_tracer.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/syscall_tracer.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it @@ -47,7 +47,7 @@ write_argname=True, replace_socketcall=False, string_max_length=300, - write_address=True, + write_address=False, max_array_count=20, ) self.syscall_options.instr_pointer = self.options.show_ip @@ -55,11 +55,6 @@ def displaySyscall(self, syscall): self.syscall_callback(syscall) - #name = syscall.name - #text = syscall.format() - #if syscall.result is not None: - # text = "%-40s = %s" % (text, syscall.result_text) - #error(text) def syscall(self, process): state = process.syscall_state diff -Nru gptrace-0.1.4/gptrace/ui/about.py gptrace-0.4.2/gptrace/ui/about.py --- gptrace-0.1.4/gptrace/ui/about.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/ui/about.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/gptrace/ui/__init__.py gptrace-0.4.2/gptrace/ui/__init__.py --- gptrace-0.1.4/gptrace/ui/__init__.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/ui/__init__.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/gptrace/ui/main_column_headers.py gptrace-0.4.2/gptrace/ui/main_column_headers.py --- gptrace-0.1.4/gptrace/ui/main_column_headers.py 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/gptrace/ui/main_column_headers.py 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,55 @@ +## +# Project: gpTrace +# Description: Trace the activities of an external application +# Author: Fabio Castelli (Muflone) +# Copyright: 2014 Fabio Castelli +# License: GPL-2+ +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the Free +# Software Foundation; either version 2 of the License, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, but WITHOUT +# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or +# FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for +# more details. +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA +## + +class ShowHideColumnHeaders(object): + def __init__(self, get_object, settings): + self.column_headers = {} + self.get_object = get_object + self.settings = settings + + def add_columns_to_section(self, section, column, menu, menuitem): + """Add a GtkTreeViewColumn, a GtkMenu and a GtkMenuItem to a section""" + columns = {} + columns[column] = (self.get_object(column), + self.get_object(menu), self.get_object(menuitem)) + if not self.column_headers.has_key(section): + self.column_headers[section] = [] + self.column_headers[section].append(columns) + + def load_visible_columns(self, section): + """Load the visible columns from the settings""" + visible_columns = self.settings.get_visible_columns(section) + if visible_columns is not None: + for items in self.column_headers[section]: + for column_name, (column, menu, menuitem) in items.items(): + menuitem.set_active(column_name in visible_columns) + + def save_visible_columns(self, section): + """Save the visible columns to the settings""" + self.settings.set_visible_columns(section, + [item.values()[0][0] for item in self.column_headers[section]]) + + def get_sections(self): + """Return all the available sections""" + return self.column_headers.keys() + + def get_values(self, section): + """Return all the widgets for a section""" + return [item.values()[0] for item in self.column_headers[section]] diff -Nru gptrace-0.1.4/gptrace/ui/main.py gptrace-0.4.2/gptrace/ui/main.py --- gptrace-0.1.4/gptrace/ui/main.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace/ui/main.py 2014-09-06 18:09:57.000000000 +0000 @@ -1,7 +1,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it @@ -28,15 +28,20 @@ from gi.repository import Gdk from .about import AboutWindow +from .main_column_headers import ShowHideColumnHeaders from gptrace.constants import * from gptrace.functions import * -from gptrace.settings import Settings -from gptrace.models.syscalls import ModelSyscalls +from gptrace.settings import Settings, SECTION_APPLICATION, SECTION_ACTIVITIES, SECTION_COUNTS, SECTION_FILES, SECTION_PROCESSES +from gptrace.models.activities import ModelActivities from gptrace.models.intercepted_syscalls import ModelInterceptedSyscalls +from gptrace.models.counts import ModelCounts +from gptrace.models.files import ModelFiles +from gptrace.models.processes import ModelProcesses from gptrace.gtkbuilder_loader import GtkBuilderLoader from gptrace.daemon_thread import DaemonThread from gptrace.syscall_tracer import SyscallTracer +from gptrace.event_tracer import EventTracer from ptrace.syscall import SYSCALL_NAMES, SYSCALL_PROTOTYPES, FILENAME_ARGUMENTS, SOCKET_SYSCALL_NAMES from ptrace.ctypes_tools import formatAddress @@ -45,13 +50,25 @@ def __init__(self, application, settings): self.application = application self.ui = GtkBuilderLoader(FILE_UI_MAIN) - self.loadUI() self.settings = settings + self.loadUI() # Restore the intercepted syscalls list from settings saved_syscalls = settings.get_intercepted_syscalls() # Restore the options from settings self.ui.menuitemAutoClear.set_active(self.settings.get_boolean( - 'autoclear', self.ui.menuitemAutoClear.get_active())) + SECTION_APPLICATION, 'autoclear', + self.ui.menuitemAutoClear.get_active())) + # Update the Show only called syscalls in counts status + self.ui.menuitemCountsOnlyCalled.set_active(self.settings.get_boolean( + SECTION_COUNTS, 'only called', + self.ui.menuitemCountsOnlyCalled.get_active())) + self.on_menuitemCountsOnlyCalled_toggled(None) + # Update the Show only existing files status + self.ui.menuitemFilesShowOnlyExisting.set_active(self.settings.get_boolean( + SECTION_FILES, 'only existing', + self.ui.menuitemFilesShowOnlyExisting.get_active())) + self.on_menuitemFilesShowOnlyExisting_toggled(None) + self.ui.infobarInformation.set_visible(False) # Load all the available syscall names for syscall in sorted(SYSCALL_NAMES.values()): prototype = SYSCALL_PROTOTYPES.get(syscall, ('', ( ))) @@ -69,8 +86,8 @@ any(argname in FILENAME_ARGUMENTS for argtype, argname in prototype[1]), # Is this syscall used by sockets? syscall in SOCKET_SYSCALL_NAMES, - ) - ) + )) + self.modelCounts.add(items=(syscall, 0, False)) self.update_InterceptedSyscalls_count() # Restore the saved size and position if self.settings.get_value('width', 0) and self.settings.get_value('height', 0): @@ -82,14 +99,18 @@ self.settings.get_value('left', 0), self.settings.get_value('top', 0)) # Restore visible columns - saved_visible_columns = self.settings.get_visible_columns() - if saved_visible_columns is not None: - for key, (column, menuitem) in self.dict_column_headers.items(): - menuitem.set_active(key in saved_visible_columns) + for current_section in self.column_headers.get_sections(): + self.column_headers.load_visible_columns(current_section) # Set ModelFilter self.filtered_items = [] - self.ui.filterSyscalls.set_visible_func(self.check_for_filtered_syscall, + self.ui.filterActivities.set_visible_func(self.check_for_filtered_syscall, self.filtered_items) + # Set counts filter + self.ui.filterCounts.set_visible_column(self.modelCounts.COL_VISIBILITY) + self.ui.filterCounts.refilter() + # Set counts filter + self.ui.filterFiles.set_visible_column(self.modelFiles.COL_EXISTING) + self.ui.filterFiles.refilter() # Load the others dialogs self.about = AboutWindow(self.ui.winMain, False) self.thread_loader = None @@ -101,33 +122,56 @@ def loadUI(self): """Load the interface UI""" - self.modelSyscalls = ModelSyscalls(self.ui.storeSyscalls) + self.modelActivities = ModelActivities(self.ui.storeActivities) self.modelInterceptedSyscalls = ModelInterceptedSyscalls( self.ui.storeInterceptedSyscalls) + self.modelCounts = ModelCounts(self.ui.storeCounts) + self.modelFiles = ModelFiles(self.ui.storeFiles) + self.modelProcesses = ModelProcesses(self.ui.storeProcesses) # Associate each TreeViewColumn to the MenuItem used to show/hide - self.dict_column_headers = {} - for column, menuitem in ( - ('tvwcolTimestamp', 'menuitemVisibleColumnsTimestamp'), - ('tvwcolTime', 'menuitemVisibleColumnsTime'), - ('tvwcolSyscall', 'menuitemVisibleColumnsSyscall'), - ('tvwcolFormat', 'menuitemVisibleColumnsFormat'), - ('tvwcolPID', 'menuitemVisibleColumnsPID'), - ('tvwcolIP', 'menuitemVisibleColumnsIP')): - self._associate_column_to_menuitem( - self.ui.get_object(column), self.ui.get_object(menuitem)) + self.column_headers = ShowHideColumnHeaders(self.ui.get_object, self.settings) + for menu, section, items in ( + ('menuActivitiesVisibleColumns', SECTION_ACTIVITIES, ( + ('colActivitiesTimestamp', 'menuitemActivitiesVisibleColumnsTimestamp'), + ('colActivitiesTime', 'menuitemActivitiesVisibleColumnsTime'), + ('colActivitiesSyscall', 'menuitemActivitiesVisibleColumnsSyscall'), + ('colActivitiesFormat', 'menuitemActivitiesVisibleColumnsFormat'), + ('colActivitiesPID', 'menuitemActivitiesVisibleColumnsPID'), + ('colActivitiesIP', 'menuitemActivitiesVisibleColumnsIP') + )), + ('menuCountsVisibleColumns', SECTION_COUNTS, ( + ('colCountsSyscall', 'menuitemCountsVisibleColumnsSyscall'), + ('colCountsCount', 'menuitemCountsVisibleColumnsCount'), + )), + ('menuFilesVisibleColumns', SECTION_FILES, ( + ('colFilesPID', 'menuitemFilesVisibleColumnsPID'), + ('colFilesExisting', 'menuitemFilesVisibleColumnsExisting'), + ('colFilesPath', 'menuitemFilesVisibleColumnsPath'), + )), + ('menuProcessesVisibleColumns', SECTION_PROCESSES, ( + ('colProcessesPID', 'menuitemProcessesVisibleColumnsPID'), + ('colProcessesTimestamp', 'menuitemProcessesVisibleColumnsTimestamp'), + ('colProcessesTime', 'menuitemProcessesVisibleColumnsTime'), + ('colProcessesInformation', 'menuitemProcessesVisibleColumnsInformation'), + )), + ): + for column, menuitem in items: + self.column_headers.add_columns_to_section(section, column, menu, menuitem) # Set cellrenderers alignment - self.ui.cellTimestamp.set_property('xalign', 1.0) - self.ui.cellTime.set_property('xalign', 1.0) + self.ui.cellActivitiesTimestamp.set_property('xalign', 1.0) + self.ui.cellActivitiesTime.set_property('xalign', 1.0) # Set options menu items value as their column headers - for key, (tvwcolumn, menuitem) in self.dict_column_headers.items(): - # Set the MenuItem label as the TreeViewColumn header - menuitem.set_label(tvwcolumn.get_title()) - # Set button-press-event to the Button contained inside the TreeViewColumn - button = find_button_from_gtktreeviewcolumn(tvwcolumn) - if button: - # Set a signal callback to the Button - button.connect('button-press-event', self.on_tvwcolumn_button_release_event) + for section in self.column_headers.get_sections(): + for (column, menu, menuitem) in self.column_headers.get_values(section): + # Set the MenuItem label as the TreeViewColumn header + menuitem.set_label(column.get_title()) + # Set button-press-event to the Button contained inside the TreeViewColumn + button = find_button_from_gtktreeviewcolumn(column) + if button: + # Set a signal callback to the Button + button.connect('button-press-event', + self.on_tvwcolumn_button_release_event, menu) # Set various properties self.ui.winMain.set_title(APP_NAME) self.ui.winMain.set_icon_from_file(FILE_ICON) @@ -138,6 +182,18 @@ def on_winMain_delete_event(self, widget, event): """Close the application""" + # Save settings for window size, intercepted syscalls and visible columns + self.settings.set_sizes(self.ui.winMain) + self.settings.set_intercepted_syscalls(self.modelInterceptedSyscalls) + for section in self.column_headers.get_sections(): + self.column_headers.save_visible_columns(section) + self.settings.set_boolean(SECTION_APPLICATION, 'autoclear', + self.ui.menuitemAutoClear.get_active()) + self.settings.set_boolean(SECTION_COUNTS, 'only called', + self.ui.menuitemCountsOnlyCalled.get_active()) + self.settings.set_boolean(SECTION_FILES, 'only existing', + self.ui.menuitemFilesShowOnlyExisting.get_active()) + self.settings.save() # Immediately hide the main window and let the events process to handle # an instantly close instead of slowly let GTK to empty the model before # the window is effectively destroyed @@ -148,13 +204,6 @@ self.thread_loader.cancel() self.thread_loader.join() self.about.destroy() - # Save settings for window size, intercepted syscalls and visible columns - self.settings.set_sizes(self.ui.winMain) - self.settings.set_intercepted_syscalls(self.modelInterceptedSyscalls) - self.settings.set_visible_columns( - [column for column, menuitem in self.dict_column_headers.values()]) - self.settings.set_boolean('autoclear', self.ui.menuitemAutoClear.get_active()) - self.settings.save() self.ui.winMain.destroy() self.application.quit() @@ -173,6 +222,15 @@ def thread_debug_process(self, program): """Debug the requested program to trace the syscalls""" + def add_process(pid, information, value): + """Add a process information""" + now = datetime.datetime.now() + GObject.idle_add(self.modelProcesses.add, ( + str(pid), + (now - self.debug_start_time).total_seconds(), + now.strftime('%H:%M:%S.%f'), + information, + str(value).strip())) self.debug_start_time = datetime.datetime.now() self.debugger = SyscallTracer( options=optparse.Values({ @@ -187,7 +245,7 @@ program=program, ignore_syscall_callback=self.ignore_syscall_callback, syscall_callback=self.syscall_callback, - event_callback=self.event_callback, + event_callback=EventTracer(add_process).handle_event, quit_callback=self.quit_callback) self.debugger.main() return True @@ -195,7 +253,7 @@ def syscall_callback(self, syscall): """Add the syscall to the syscalls model""" now = datetime.datetime.now() - GObject.idle_add(self.modelSyscalls.add, ( + GObject.idle_add(self.modelActivities.add, ( (now - self.debug_start_time).total_seconds(), now.strftime('%H:%M:%S.%f'), syscall.name, @@ -203,9 +261,15 @@ syscall.process.pid, formatAddress(syscall.instr_pointer) )) - - def event_callback(self, event): - print 'event', type(event), event + GObject.idle_add(self.modelCounts.increment_count, syscall.name) + # Check if the syscall has any filename or pathname argument + for argument in syscall.arguments: + argument_text = argument.getText() + if argument.name in FILENAME_ARGUMENTS and argument_text != "''...": + GObject.idle_add(self.modelFiles.add, ( + str(syscall.process.pid), + argument_text[1:-1], + os.path.exists(argument_text[1:-1]))) def ignore_syscall_callback(self, syscall): """Determine if to ignore a callback before it's processed""" @@ -262,24 +326,21 @@ def on_btnOptions_clicked(self, widget): """Show the options popup menu""" - self.ui.menuOptions.popup(None, None, None, 0, 0, Gtk.get_current_event_time()) + show_popup_menu(self.ui.menuOptions) def on_menuitemVisibleColumns_toggled(self, widget): """Hide or show a column header""" - for column, menuitem in self.dict_column_headers.values(): - # If both column and menuitem have the same label set column visibility - if column.get_title() == widget.get_label(): - column.set_visible(widget.get_active()) - break + for section in self.column_headers.get_sections(): + for (column, menu, menuitem) in self.column_headers.get_values(section): + # Set column visibility + if widget is menuitem: + column.set_visible(widget.get_active()) + break - def on_tvwcolumn_button_release_event(self, widget, event): + def on_tvwcolumn_button_release_event(self, widget, event, menu): """Show columns visibility menu on right click""" if event.button == Gdk.BUTTON_SECONDARY: - self.ui.menuVisibleColumns.popup(None, None, None, 0, 0, Gtk.get_current_event_time()) - - def _associate_column_to_menuitem(self, column, menuitem): - """Associate each column to the MenuItem used to set column visibility""" - self.dict_column_headers[column.get_name()] = (column, menuitem) + show_popup_menu(menu) def on_btnStartStop_toggled(self, widget): """Start and stop program tracing""" @@ -312,23 +373,26 @@ def on_menuitemClear_activate(self, widget): """Clear the syscalls list""" - self.modelSyscalls.clear() + self.modelActivities.clear() + self.modelCounts.clear_values() + self.modelFiles.clear() + self.modelProcesses.clear() - def on_menuitemFilterHideSyscall_activate(self, widget): + def on_menuitemActivitiesFilterHideSyscall_activate(self, widget): """Hide the selected syscall from the results""" - selection = self.ui.tvwSyscalls.get_selection() + selection = self.ui.tvwActivities.get_selection() if selection: model, iter = selection.get_selected() if iter: # Add the selected syscall to the filtered syscalls list - self.filtered_items.append(self.modelSyscalls.get_syscall( - self.ui.filterSyscalls.convert_iter_to_child_iter(iter))) + self.filtered_items.append(self.modelActivities.get_syscall( + self.ui.filterActivities.convert_iter_to_child_iter(iter))) # Filter the results - self.ui.filterSyscalls.refilter() + self.ui.filterActivities.refilter() - def on_menuitemFilterShowOnlySyscall_activate(self, widget): + def on_menuitemActivitiesFilterShowOnlySyscall_activate(self, widget): """Show only the selected syscall from the results""" - selection = self.ui.tvwSyscalls.get_selection() + selection = self.ui.tvwActivities.get_selection() if selection: model, iter = selection.get_selected() if iter: @@ -337,28 +401,28 @@ # First include every syscall names to the filtered syscalls self.filtered_items.extend(SYSCALL_NAMES.values()) # Then remove the selected syscall from the filtered syscalls list - self.filtered_items.remove(self.modelSyscalls.get_syscall( - self.ui.filterSyscalls.convert_iter_to_child_iter(iter))) + self.filtered_items.remove(self.modelActivities.get_syscall( + self.ui.filterActivities.convert_iter_to_child_iter(iter))) # Filter the results - self.ui.filterSyscalls.refilter() + self.ui.filterActivities.refilter() - def on_menuitemIgnoreSyscall_activate(self, widget): + def on_menuitemActivitiesIgnoreSyscall_activate(self, widget): """Remove the selected syscall name from the intercepted syscalls model""" - self.on_menuitemIgnoreUnignoreSyscall(False) + self.on_menuitemActivitiesIgnoreUnignoreSyscall(False) - def on_menuitemUnignoreSyscall_activate(self, widget): + def on_menuitemActivitiesUnignoreSyscall_activate(self, widget): """Add the selected syscall name to the intercepted syscalls model""" - self.on_menuitemIgnoreUnignoreSyscall(True) + self.on_menuitemActivitiesIgnoreUnignoreSyscall(True) - def on_menuitemIgnoreUnignoreSyscall(self, status): + def on_menuitemActivitiesIgnoreUnignoreSyscall(self, status): """Add or remove the selected syscall name from the intercepted syscalls model""" - selection = self.ui.tvwSyscalls.get_selection() + selection = self.ui.tvwActivities.get_selection() if selection: model, iter = selection.get_selected() if iter: # Get the syscall name to ignore/unignore - selected_syscall = self.modelSyscalls.get_syscall( - self.ui.filterSyscalls.convert_iter_to_child_iter(iter)) + selected_syscall = self.modelActivities.get_syscall( + self.ui.filterActivities.convert_iter_to_child_iter(iter)) # Cycle each row in the intercepted syscalls model for row in self.modelInterceptedSyscalls: # If the syscall name for the row is the same then ignore/unignore @@ -368,22 +432,23 @@ # Update the intercepted syscalls count self.update_InterceptedSyscalls_count() - def on_menuitemFilterReset_activate(self, widget): + def on_menuitemActivitiesFilterReset_activate(self, widget): """Clear the filtered syscalls list including all""" while len(self.filtered_items): self.filtered_items.pop() - self.ui.filterSyscalls.refilter() + self.ui.filterActivities.refilter() - def on_tvwSyscalls_button_release_event(self, widget, event): + def on_tvwActivities_button_release_event(self, widget, event): """Show filter menu on right click""" if event.button == Gdk.BUTTON_SECONDARY: - current_selection = self.ui.tvwSyscalls.get_path_at_pos(int(event.x), int(event.y)) + current_selection = self.ui.tvwActivities.get_path_at_pos( + int(event.x), int(event.y)) if current_selection: - self.ui.menuFilter.popup(None, None, None, 0, 0, Gtk.get_current_event_time()) + show_popup_menu(self.ui.menuActivitiesFilter) def check_for_filtered_syscall(self, model, iter, data): """Check if the sycall name should be filtered""" - return self.modelSyscalls.get_syscall(iter) not in self.filtered_items + return self.modelActivities.get_syscall(iter) not in self.filtered_items def on_btnProgramOpen_clicked(self, widget): """Select the program to open""" @@ -392,3 +457,36 @@ title = _("Select a program to execute")) if program: self.ui.txtProgram.set_text(program) + + def on_menuitemCountsOnlyCalled_toggled(self, widget): + """Set visibility of syscalls in counts section""" + if self.ui.menuitemCountsOnlyCalled.get_active(): + self.ui.tvwCounts.set_model(self.ui.filterCounts) + else: + self.ui.tvwCounts.set_model(self.ui.storeCounts) + + def on_menuitemFilesShowOnlyExisting_toggled(self, widget): + """Set visibility of only existing files in files section""" + state = self.ui.menuitemFilesShowOnlyExisting.get_active() + # Configure column sort order ID for each column in order to allow the sort + # if the show only existing files setting is set + self.ui.colFilesExisting.set_sort_column_id(state and -1 or self.modelFiles.COL_EXISTING) + self.ui.colFilesPID.set_sort_column_id(state and -1 or self.modelFiles.COL_PID) + self.ui.colFilesPath.set_sort_column_id(state and -1 or self.modelFiles.COL_FILEPATH) + # BUG: GTK+ seems to not react if the sort column ID is changed + # Set the clickable property again after setting the sort column ID + self.ui.colFilesExisting.set_clickable(True) + self.ui.colFilesPID.set_clickable(True) + self.ui.colFilesPath.set_clickable(True) + if state: + self.ui.tvwFiles.set_model(self.ui.filterFiles) + self.ui.lblInfoBarContent.set_markup( + _('When Show only existing files is selected the sorting ' + 'by click on the column headers is disabled')) + else: + self.ui.tvwFiles.set_model(self.ui.storeFiles) + self.ui.infobarInformation.set_visible(state) + + def on_infobar1_response(self, widget, response): + if response == Gtk.ResponseType.CLOSE: + self.ui.infobarInformation.set_visible(False) diff -Nru gptrace-0.1.4/gptrace.py gptrace-0.4.2/gptrace.py --- gptrace-0.1.4/gptrace.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/gptrace.py 2014-09-06 18:09:57.000000000 +0000 @@ -2,7 +2,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/LEGGIMI.md gptrace-0.4.2/LEGGIMI.md --- gptrace-0.1.4/LEGGIMI.md 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/LEGGIMI.md 2014-09-06 18:09:57.000000000 +0000 @@ -2,7 +2,7 @@ ======= **Descrizione:** Traccia le attivita di un'applicazione esterna. -**Copyright:** 2014 Fabio Castelli (Muflone) +**Copyright:** 2014 Fabio Castelli (Muflone) **Licenza:** GPL-2+ diff -Nru gptrace-0.1.4/man/gptrace.1 gptrace-0.4.2/man/gptrace.1 --- gptrace-0.1.4/man/gptrace.1 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/man/gptrace.1 2014-09-06 18:09:57.000000000 +0000 @@ -37,7 +37,7 @@ .SH AUTHORS .B gpTrace -was written by Fabio Castelli (Muflone) +was written by Fabio Castelli (Muflone) .SH HOMEPAGE Home page: http://www.muflone.com/gptrace/ diff -Nru gptrace-0.1.4/po/bg.po gptrace-0.4.2/po/bg.po --- gptrace-0.1.4/po/bg.po 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/po/bg.po 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,225 @@ +# gpTrace +# Trace the activities of an external application. +# Copyright (C) 2014 Fabio Castelli (Muflone) +# Website: http://www.muflone.com/gptrace/ +# This file is distributed under the same license of gpTrace. +# Bulgarian translation for gpTrace. +# +# Translators: +# sahwar , 2014 +msgid "" +msgstr "" +"Project-Id-Version: gpTrace\n" +"Report-Msgid-Bugs-To: https://github.com/muflone/gptrace/issues\n" +"POT-Creation-Date: 2014-08-24 17:09:29 +0200\n" +"PO-Revision-Date: 2014-08-31 00:41+0000\n" +"Last-Translator: sahwar \n" +"Language-Team: Bulgarian (http://www.transifex.com/projects/p/gptrace/language/bg/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: bg\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#: ui/main.glade.h:1 +msgid "Activities" +msgstr "Действия" + +#: ui/main.glade.h:2 +msgid "Visible columns" +msgstr "Видими колони" + +#: ui/main.glade.h:3 +msgid "Filter activities" +msgstr "Филтриране на действията" + +#: ui/main.glade.h:4 +msgid "Hide the selected syscall" +msgstr "Скриване на избрания syscall" + +#: ui/main.glade.h:5 +msgid "Show only the selected syscall" +msgstr "Показване само на избрания syscall" + +#: ui/main.glade.h:6 +msgid "Reset filter" +msgstr "Нулиране на филтъра" + +#: ui/main.glade.h:7 +msgid "Ignore (don't intercept) the selected syscall" +msgstr "Пренебрегвай (не прехващай) избрания syscall" + +#: ui/main.glade.h:8 +msgid "Unignore (intercept) the selected syscall" +msgstr "Премахни пренебрегването (прехващането) на избрания syscall" + +#: ui/main.glade.h:9 +msgid "Counts" +msgstr "Броения" + +#: ui/main.glade.h:10 +msgid "Show only called syscalls" +msgstr "Показване само на извиканите syscalls" + +#: ui/main.glade.h:11 +msgid "Files" +msgstr "Файлове" + +#: ui/main.glade.h:12 +msgid "Show only existing files" +msgstr "Показване само на съществуващи файлове" + +#: ui/main.glade.h:13 +msgid "Processes" +msgstr "Процеси" + +#: ui/main.glade.h:14 +msgid "Clear list now" +msgstr "Изчистване на списъка сега" + +#: ui/main.glade.h:15 +msgid "Clear automatically" +msgstr "Автоматично изчистване" + +#: ui/main.glade.h:16 +msgid "Program to execute:" +msgstr "Програма за изпълнение:" + +#: ui/main.glade.h:17 +msgid "Timestamp" +msgstr "Времеви печат" + +#: ui/main.glade.h:18 +msgid "Time" +msgstr "Време" + +#: ui/main.glade.h:19 +msgid "Syscall" +msgstr "Syscall" + +#: ui/main.glade.h:20 +msgid "Format" +msgstr "Формат" + +#: ui/main.glade.h:21 +msgid "PID" +msgstr "PID" + +#: ui/main.glade.h:22 +msgid "Instruction pointer" +msgstr "Инструкционен указател (instruction pointer)" + +#: ui/main.glade.h:23 +msgid "Calls count" +msgstr "Брояч на извикванията" + +#: ui/main.glade.h:24 +msgid "Existing" +msgstr "Съществуващ" + +#: ui/main.glade.h:25 +msgid "File path" +msgstr "Пътека на файла" + +#: ui/main.glade.h:26 +msgid "Information" +msgstr "Информация" + +#: ui/main.glade.h:27 +msgid "Checked" +msgstr "Проверен/отбелязан" + +#: ui/main.glade.h:29 +#, no-c-format +msgid "Selected intercepted syscalls (%(selected)d of %(total)d)" +msgstr "Избрани прехванати syscalls (%(selected)d от %(total)d)" + +#: ui/appmenu.ui.h:1 +msgid "_About gpTrace" +msgstr "_За gpTrace" + +#: ui/appmenu.ui.h:2 +msgid "_Quit" +msgstr "_Изход" + +#: gptrace/event_tracer.py:54 +msgid "Process execution" +msgstr "Изпълнение на процеса" + +#: gptrace/event_tracer.py:56 +msgid "Process exit" +msgstr "Изход от процеса" + +#: gptrace/event_tracer.py:58 +#, python-format +msgid "Process signal: %s" +msgstr "Сигнал на процеса: %s" + +#: gptrace/event_tracer.py:63 +#, python-format +msgid "Event: %s" +msgstr "Събитие: %s" + +#: gptrace/event_tracer.py:68 +msgid "Command line" +msgstr "Команден ред" + +#: gptrace/event_tracer.py:70 +msgid "Current working directory" +msgstr "Настояща работна директория" + +#: gptrace/event_tracer.py:74 +msgid "Parent PID" +msgstr "Родителски PID" + +#: gptrace/event_tracer.py:78 +msgid "User ID" +msgstr "Потребителски PID" + +#: gptrace/event_tracer.py:79 +msgid "User name" +msgstr "Потребителско име" + +#: gptrace/event_tracer.py:80 +msgid "User real name" +msgstr "Истинско име на потребителя" + +#: gptrace/event_tracer.py:82 +msgid "Effective user ID" +msgstr "Действаща потребителска ID" + +#: gptrace/event_tracer.py:83 +msgid "Effective user name" +msgstr "Действащо потребителско име" + +#: gptrace/event_tracer.py:84 +msgid "Effective user real name" +msgstr "Действащо реално име на потребителя" + +#: gptrace/event_tracer.py:86 +msgid "Group ID" +msgstr "ID на групата" + +#: gptrace/event_tracer.py:87 +msgid "Group name" +msgstr "Име на групата" + +#: gptrace/event_tracer.py:89 +msgid "Effective group ID" +msgstr "Действаща ID на групата" + +#: gptrace/event_tracer.py:90 +msgid "Effective group name" +msgstr "Действащо име на групата" + +#: gptrace/event_tracer.py:91 +msgid "Status" +msgstr "Статус" + +#: gptrace/ui/main.py:457 +msgid "Select a program to execute" +msgstr "Избор на програма за изпълнение" + +#: gptrace/ui/main.py:484 +msgid "When Show only existing files is selected the sorting by click on the column headers is disabled" +msgstr "Когато опцията Показване само на съществуващи файлове е избрана, сортирането чрез щракване на колоните е изключено" diff -Nru gptrace-0.1.4/po/en.po gptrace-0.4.2/po/en.po --- gptrace-0.1.4/po/en.po 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/po/en.po 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,225 @@ +# gpTrace +# Trace the activities of an external application. +# Copyright (C) 2014 Fabio Castelli (Muflone) +# Website: http://www.muflone.com/gptrace/ +# This file is distributed under the same license of gpTrace. +# X translation for gpTrace. +# +# Translators: +# Fabio Castelli (Muflone) , 2014 +msgid "" +msgstr "" +"Project-Id-Version: gpTrace\n" +"Report-Msgid-Bugs-To: https://github.com/muflone/gptrace/issues\n" +"POT-Creation-Date: 2014-08-24 17:09:29 +0200\n" +"PO-Revision-Date: 2014-08-30 18:47+0000\n" +"Last-Translator: Fabio Castelli (Muflone) \n" +"Language-Team: English (http://www.transifex.com/projects/p/gptrace/language/en/)\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Language: en\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#: ui/main.glade.h:1 +msgid "Activities" +msgstr "Activities" + +#: ui/main.glade.h:2 +msgid "Visible columns" +msgstr "Visible columns" + +#: ui/main.glade.h:3 +msgid "Filter activities" +msgstr "Filter activities" + +#: ui/main.glade.h:4 +msgid "Hide the selected syscall" +msgstr "Hide the selected syscall" + +#: ui/main.glade.h:5 +msgid "Show only the selected syscall" +msgstr "Show only the selected syscall" + +#: ui/main.glade.h:6 +msgid "Reset filter" +msgstr "Reset filter" + +#: ui/main.glade.h:7 +msgid "Ignore (don't intercept) the selected syscall" +msgstr "Ignore (don't intercept) the selected syscall" + +#: ui/main.glade.h:8 +msgid "Unignore (intercept) the selected syscall" +msgstr "Unignore (intercept) the selected syscall" + +#: ui/main.glade.h:9 +msgid "Counts" +msgstr "Counts" + +#: ui/main.glade.h:10 +msgid "Show only called syscalls" +msgstr "Show only called syscalls" + +#: ui/main.glade.h:11 +msgid "Files" +msgstr "Files" + +#: ui/main.glade.h:12 +msgid "Show only existing files" +msgstr "Show only existing files" + +#: ui/main.glade.h:13 +msgid "Processes" +msgstr "Processes" + +#: ui/main.glade.h:14 +msgid "Clear list now" +msgstr "Clear list now" + +#: ui/main.glade.h:15 +msgid "Clear automatically" +msgstr "Clear automatically" + +#: ui/main.glade.h:16 +msgid "Program to execute:" +msgstr "Program to execute:" + +#: ui/main.glade.h:17 +msgid "Timestamp" +msgstr "Timestamp" + +#: ui/main.glade.h:18 +msgid "Time" +msgstr "Time" + +#: ui/main.glade.h:19 +msgid "Syscall" +msgstr "Syscall" + +#: ui/main.glade.h:20 +msgid "Format" +msgstr "Format" + +#: ui/main.glade.h:21 +msgid "PID" +msgstr "PID" + +#: ui/main.glade.h:22 +msgid "Instruction pointer" +msgstr "Instruction pointer" + +#: ui/main.glade.h:23 +msgid "Calls count" +msgstr "Calls count" + +#: ui/main.glade.h:24 +msgid "Existing" +msgstr "Existing" + +#: ui/main.glade.h:25 +msgid "File path" +msgstr "File path" + +#: ui/main.glade.h:26 +msgid "Information" +msgstr "Information" + +#: ui/main.glade.h:27 +msgid "Checked" +msgstr "Checked" + +#: ui/main.glade.h:29 +#, no-c-format +msgid "Selected intercepted syscalls (%(selected)d of %(total)d)" +msgstr "Selected intercepted syscalls (%(selected)d of %(total)d)" + +#: ui/appmenu.ui.h:1 +msgid "_About gpTrace" +msgstr "_About gpTrace" + +#: ui/appmenu.ui.h:2 +msgid "_Quit" +msgstr "_Quit" + +#: gptrace/event_tracer.py:54 +msgid "Process execution" +msgstr "Process execution" + +#: gptrace/event_tracer.py:56 +msgid "Process exit" +msgstr "Process exit" + +#: gptrace/event_tracer.py:58 +#, python-format +msgid "Process signal: %s" +msgstr "Process signal: %s" + +#: gptrace/event_tracer.py:63 +#, python-format +msgid "Event: %s" +msgstr "Event: %s" + +#: gptrace/event_tracer.py:68 +msgid "Command line" +msgstr "Command line" + +#: gptrace/event_tracer.py:70 +msgid "Current working directory" +msgstr "Current working directory" + +#: gptrace/event_tracer.py:74 +msgid "Parent PID" +msgstr "Parent PID" + +#: gptrace/event_tracer.py:78 +msgid "User ID" +msgstr "User ID" + +#: gptrace/event_tracer.py:79 +msgid "User name" +msgstr "User name" + +#: gptrace/event_tracer.py:80 +msgid "User real name" +msgstr "User real name" + +#: gptrace/event_tracer.py:82 +msgid "Effective user ID" +msgstr "Effective user ID" + +#: gptrace/event_tracer.py:83 +msgid "Effective user name" +msgstr "Effective user name" + +#: gptrace/event_tracer.py:84 +msgid "Effective user real name" +msgstr "Effective user real name" + +#: gptrace/event_tracer.py:86 +msgid "Group ID" +msgstr "Group ID" + +#: gptrace/event_tracer.py:87 +msgid "Group name" +msgstr "Group name" + +#: gptrace/event_tracer.py:89 +msgid "Effective group ID" +msgstr "Effective group ID" + +#: gptrace/event_tracer.py:90 +msgid "Effective group name" +msgstr "Effective group name" + +#: gptrace/event_tracer.py:91 +msgid "Status" +msgstr "Status" + +#: gptrace/ui/main.py:457 +msgid "Select a program to execute" +msgstr "Select a program to execute" + +#: gptrace/ui/main.py:484 +msgid "When Show only existing files is selected the sorting by click on the column headers is disabled" +msgstr "When Show only existing files is selected the sorting by click on the column headers is disabled" diff -Nru gptrace-0.1.4/po/en_US.po gptrace-0.4.2/po/en_US.po --- gptrace-0.1.4/po/en_US.po 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/po/en_US.po 1970-01-01 00:00:00.000000000 +0000 @@ -1,104 +0,0 @@ -# gpTrace -# Trace the activities of an external application. -# Copyright (C) 2014 Fabio Castelli (Muflone) -# This file is distributed under the same license as the gpTrace package. -# American English translation for gpTrace. -# -msgid "" -msgstr "" -"Project-Id-Version: gpTrace\n" -"Report-Msgid-Bugs-To: https://github.com/muflone/gptrace/issues \n" -"POT-Creation-Date: 2014-07-13 13:21:30 +0200\n" -"PO-Revision-Date: 2014-07-13 13:21:30 +0200\n" -"Last-Translator: Fabio Castelli (Muflone) \n" -"Language-Team: English American\n" -"Language: en_US\n" -"MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=ASCII\n" -"Content-Transfer-Encoding: 8bit\n" -"Plural-Forms: nplurals=2; plural=(n != 1);\n" - -#: ui/main.glade.h:1 -msgid "Visible columns" -msgstr "Visible columns" - -#: ui/main.glade.h:2 -msgid "Clear list now" -msgstr "Clear list now" - -#: ui/main.glade.h:3 -msgid "Clear automatically" -msgstr "Clear automatically" - -#: ui/main.glade.h:4 -msgid "Filter items" -msgstr "Filter items" - -#: ui/main.glade.h:5 -msgid "Hide the selected syscall" -msgstr "Hide the selected syscall" - -#: ui/main.glade.h:6 -msgid "Show only the selected syscall" -msgstr "Show only the selected syscall" - -#: ui/main.glade.h:7 -msgid "Reset filter" -msgstr "Reset filter" - -#: ui/main.glade.h:8 -msgid "Ignore (don't intercept) the selected syscall" -msgstr "Ignore (don't intercept) the selected syscall" - -#: ui/main.glade.h:9 -msgid "Unignore (intercept) the selected syscall" -msgstr "Unignore (intercept) the selected syscall" - -#: ui/main.glade.h:10 -msgid "Program to execute:" -msgstr "Program to execute:" - -#: ui/main.glade.h:11 -msgid "Timestamp" -msgstr "Timestamp" - -#: ui/main.glade.h:12 -msgid "Time" -msgstr "Time" - -#: ui/main.glade.h:13 -msgid "Syscall" -msgstr "Syscall" - -#: ui/main.glade.h:14 -msgid "Format" -msgstr "Format" - -#: ui/main.glade.h:15 -msgid "PID" -msgstr "PID" - -#: ui/main.glade.h:16 -msgid "Instruction pointer" -msgstr "Instruction pointer" - -#: ui/main.glade.h:17 -msgid "Checked" -msgstr "Checked" - -#: ui/appmenu.ui.h:1 -msgid "_About gpTrace" -msgstr "_About gpTrace" - -#: ui/appmenu.ui.h:2 -msgid "_Quit" -msgstr "_Quit" - -#: gptrace/ui/main.py:392 -msgid "Select a program to execute" -msgstr "Select a program to execute" - -#: ui/main.glade.h:19 -#, no-c-format -msgid "Selected intercepted syscalls (%(selected)d of %(total)d)" -msgstr "Selected intercepted syscalls (%(selected)d of %(total)d)" diff -Nru gptrace-0.1.4/po/gptrace.pot gptrace-0.4.2/po/gptrace.pot --- gptrace-0.1.4/po/gptrace.pot 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/po/gptrace.pot 2014-09-06 18:09:57.000000000 +0000 @@ -1,15 +1,17 @@ # gpTrace # Trace the activities of an external application. -# Copyright (C) 2014 Fabio Castelli (Muflone) -# This file is distributed under the same license as the gpTrace package. +# Copyright (C) 2014 Fabio Castelli (Muflone) +# Website: http://www.muflone.com/gptrace/ +# This file is distributed under the same license of gpTrace. # X translation for gpTrace. -# +# +# Translators: #, fuzzy msgid "" msgstr "" "Project-Id-Version: gpTrace\n" "Report-Msgid-Bugs-To: https://github.com/muflone/gptrace/issues \n" -"POT-Creation-Date: 2014-07-13 13:21:30 +0200\n" +"POT-Creation-Date: 2014-08-24 17:09:29 +0200\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: https://www.transifex.com/projects/p/gptrace/ \n" @@ -19,73 +21,118 @@ "Content-Transfer-Encoding: 8bit\n" #: ui/main.glade.h:1 -msgid "Visible columns" +msgid "Activities" msgstr "" #: ui/main.glade.h:2 -msgid "Clear list now" +msgid "Visible columns" msgstr "" #: ui/main.glade.h:3 -msgid "Clear automatically" +msgid "Filter activities" msgstr "" #: ui/main.glade.h:4 -msgid "Filter items" +msgid "Hide the selected syscall" msgstr "" #: ui/main.glade.h:5 -msgid "Hide the selected syscall" +msgid "Show only the selected syscall" msgstr "" #: ui/main.glade.h:6 -msgid "Show only the selected syscall" +msgid "Reset filter" msgstr "" #: ui/main.glade.h:7 -msgid "Reset filter" +msgid "Ignore (don't intercept) the selected syscall" msgstr "" #: ui/main.glade.h:8 -msgid "Ignore (don't intercept) the selected syscall" +msgid "Unignore (intercept) the selected syscall" msgstr "" #: ui/main.glade.h:9 -msgid "Unignore (intercept) the selected syscall" +msgid "Counts" msgstr "" #: ui/main.glade.h:10 -msgid "Program to execute:" +msgid "Show only called syscalls" msgstr "" #: ui/main.glade.h:11 -msgid "Timestamp" +msgid "Files" msgstr "" #: ui/main.glade.h:12 -msgid "Time" +msgid "Show only existing files" msgstr "" #: ui/main.glade.h:13 -msgid "Syscall" +msgid "Processes" msgstr "" #: ui/main.glade.h:14 -msgid "Format" +msgid "Clear list now" msgstr "" #: ui/main.glade.h:15 -msgid "PID" +msgid "Clear automatically" msgstr "" #: ui/main.glade.h:16 -msgid "Instruction pointer" +msgid "Program to execute:" msgstr "" #: ui/main.glade.h:17 +msgid "Timestamp" +msgstr "" + +#: ui/main.glade.h:18 +msgid "Time" +msgstr "" + +#: ui/main.glade.h:19 +msgid "Syscall" +msgstr "" + +#: ui/main.glade.h:20 +msgid "Format" +msgstr "" + +#: ui/main.glade.h:21 +msgid "PID" +msgstr "" + +#: ui/main.glade.h:22 +msgid "Instruction pointer" +msgstr "" + +#: ui/main.glade.h:23 +msgid "Calls count" +msgstr "" + +#: ui/main.glade.h:24 +msgid "Existing" +msgstr "" + +#: ui/main.glade.h:25 +msgid "File path" +msgstr "" + +#: ui/main.glade.h:26 +msgid "Information" +msgstr "" + +#: ui/main.glade.h:27 msgid "Checked" msgstr "" +#: ui/main.glade.h:29 +#, no-c-format +msgid "Selected intercepted syscalls (%(selected)d of %(total)d)" +msgstr "" + #: ui/appmenu.ui.h:1 msgid "_About gpTrace" msgstr "" @@ -94,11 +141,84 @@ msgid "_Quit" msgstr "" -#: gptrace/ui/main.py:392 +#: gptrace/event_tracer.py:54 +msgid "Process execution" +msgstr "" + +#: gptrace/event_tracer.py:56 +msgid "Process exit" +msgstr "" + +#: gptrace/event_tracer.py:58 +#, python-format +msgid "Process signal: %s" +msgstr "" + +#: gptrace/event_tracer.py:63 +#, python-format +msgid "Event: %s" +msgstr "" + +#: gptrace/event_tracer.py:68 +msgid "Command line" +msgstr "" + +#: gptrace/event_tracer.py:70 +msgid "Current working directory" +msgstr "" + +#: gptrace/event_tracer.py:74 +msgid "Parent PID" +msgstr "" + +#: gptrace/event_tracer.py:78 +msgid "User ID" +msgstr "" + +#: gptrace/event_tracer.py:79 +msgid "User name" +msgstr "" + +#: gptrace/event_tracer.py:80 +msgid "User real name" +msgstr "" + +#: gptrace/event_tracer.py:82 +msgid "Effective user ID" +msgstr "" + +#: gptrace/event_tracer.py:83 +msgid "Effective user name" +msgstr "" + +#: gptrace/event_tracer.py:84 +msgid "Effective user real name" +msgstr "" + +#: gptrace/event_tracer.py:86 +msgid "Group ID" +msgstr "" + +#: gptrace/event_tracer.py:87 +msgid "Group name" +msgstr "" + +#: gptrace/event_tracer.py:89 +msgid "Effective group ID" +msgstr "" + +#: gptrace/event_tracer.py:90 +msgid "Effective group name" +msgstr "" + +#: gptrace/event_tracer.py:91 +msgid "Status" +msgstr "" + +#: gptrace/ui/main.py:457 msgid "Select a program to execute" msgstr "" -#: ui/main.glade.h:19 -#, no-c-format -msgid "Selected intercepted syscalls (%(selected)d of %(total)d)" +#: gptrace/ui/main.py:484 +msgid "When Show only existing files is selected the sorting by click on the column headers is disabled" msgstr "" diff -Nru gptrace-0.1.4/po/it.po gptrace-0.4.2/po/it.po --- gptrace-0.1.4/po/it.po 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/po/it.po 2014-09-06 18:09:57.000000000 +0000 @@ -1,91 +1,139 @@ # gpTrace # Trace the activities of an external application. -# Copyright (C) 2014 Fabio Castelli (Muflone) -# This file is distributed under the same license as the gpTrace package. -# Italian translation for gpTrace. -# +# Copyright (C) 2014 Fabio Castelli (Muflone) +# Website: http://www.muflone.com/gptrace/ +# This file is distributed under the same license of gpTrace. +# X translation for gpTrace. +# +# Translators: +# Fabio Castelli (Muflone) , 2014 msgid "" msgstr "" "Project-Id-Version: gpTrace\n" -"Report-Msgid-Bugs-To: https://github.com/muflone/gptrace/issues \n" -"POT-Creation-Date: 2014-07-13 13:21:30 +0200\n" -"PO-Revision-Date: 2014-07-13 13:21:30 +0200\n" -"Last-Translator: Fabio Castelli (Muflone) \n" -"Language-Team: Italian\n" -"Language: it\n" +"Report-Msgid-Bugs-To: https://github.com/muflone/gptrace/issues\n" +"POT-Creation-Date: 2014-08-24 17:09:29 +0200\n" +"PO-Revision-Date: 2014-08-30 17:28+0000\n" +"Last-Translator: Fabio Castelli (Muflone) \n" +"Language-Team: Italian (http://www.transifex.com/projects/p/gptrace/language/it/)\n" "MIME-Version: 1.0\n" -"Content-Type: text/plain; charset=ASCII\n" +"Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" +"Language: it\n" "Plural-Forms: nplurals=2; plural=(n != 1);\n" #: ui/main.glade.h:1 -msgid "Visible columns" -msgstr "Colonne visibili" +msgid "Activities" +msgstr "Attività" #: ui/main.glade.h:2 -msgid "Clear list now" -msgstr "Svuota lista adesso" +msgid "Visible columns" +msgstr "Colonne visibili" #: ui/main.glade.h:3 -msgid "Clear automatically" -msgstr "Svuota automaticamente" +msgid "Filter activities" +msgstr "Filtro attività" #: ui/main.glade.h:4 -msgid "Filter items" -msgstr "Filtra elementi" - -#: ui/main.glade.h:5 msgid "Hide the selected syscall" msgstr "Nascondi la syscall selezionata" -#: ui/main.glade.h:6 +#: ui/main.glade.h:5 msgid "Show only the selected syscall" msgstr "Mostra solo la syscall selezionata" -#: ui/main.glade.h:7 +#: ui/main.glade.h:6 msgid "Reset filter" msgstr "Resetta il filtro" -#: ui/main.glade.h:8 +#: ui/main.glade.h:7 msgid "Ignore (don't intercept) the selected syscall" msgstr "Ignora (non intercettare) la syscall selezionata" -#: ui/main.glade.h:9 +#: ui/main.glade.h:8 msgid "Unignore (intercept) the selected syscall" msgstr "De-ignora (intercetta) la syscall selezionata" +#: ui/main.glade.h:9 +msgid "Counts" +msgstr "Conteggi" + #: ui/main.glade.h:10 +msgid "Show only called syscalls" +msgstr "Mostra solo le syscall chiamate" + +#: ui/main.glade.h:11 +msgid "Files" +msgstr "File" + +#: ui/main.glade.h:12 +msgid "Show only existing files" +msgstr "Mostra solo file esistenti" + +#: ui/main.glade.h:13 +msgid "Processes" +msgstr "Processi" + +#: ui/main.glade.h:14 +msgid "Clear list now" +msgstr "Svuota lista adesso" + +#: ui/main.glade.h:15 +msgid "Clear automatically" +msgstr "Svuota automaticamente" + +#: ui/main.glade.h:16 msgid "Program to execute:" msgstr "Programma da eseguire:" -#: ui/main.glade.h:11 +#: ui/main.glade.h:17 msgid "Timestamp" msgstr "Marcatore orario" -#: ui/main.glade.h:12 +#: ui/main.glade.h:18 msgid "Time" msgstr "Orario" -#: ui/main.glade.h:13 +#: ui/main.glade.h:19 msgid "Syscall" msgstr "Syscall" -#: ui/main.glade.h:14 +#: ui/main.glade.h:20 msgid "Format" msgstr "Formato" -#: ui/main.glade.h:15 +#: ui/main.glade.h:21 msgid "PID" msgstr "ID processo" -#: ui/main.glade.h:16 +#: ui/main.glade.h:22 msgid "Instruction pointer" msgstr "Puntatore all'istruzione" -#: ui/main.glade.h:17 +#: ui/main.glade.h:23 +msgid "Calls count" +msgstr "Conteggio chiamate" + +#: ui/main.glade.h:24 +msgid "Existing" +msgstr "Esistente" + +#: ui/main.glade.h:25 +msgid "File path" +msgstr "Percorso del file" + +#: ui/main.glade.h:26 +msgid "Information" +msgstr "Informazioni" + +#: ui/main.glade.h:27 msgid "Checked" msgstr "Spuntata" +#: ui/main.glade.h:29 +#, no-c-format +msgid "Selected intercepted syscalls (%(selected)d of %(total)d)" +msgstr "Syscall intercettate selezionate (%(selected)d of %(total)d)" + #: ui/appmenu.ui.h:1 msgid "_About gpTrace" msgstr "_Informazioni su gpTrace" @@ -94,11 +142,84 @@ msgid "_Quit" msgstr "_Esci" -#: gptrace/ui/main.py:392 +#: gptrace/event_tracer.py:54 +msgid "Process execution" +msgstr "Esecuzione del processo" + +#: gptrace/event_tracer.py:56 +msgid "Process exit" +msgstr "Uscita del processo" + +#: gptrace/event_tracer.py:58 +#, python-format +msgid "Process signal: %s" +msgstr "Segnale del processo: %s" + +#: gptrace/event_tracer.py:63 +#, python-format +msgid "Event: %s" +msgstr "Evento: %s" + +#: gptrace/event_tracer.py:68 +msgid "Command line" +msgstr "Riga di comando" + +#: gptrace/event_tracer.py:70 +msgid "Current working directory" +msgstr "Directory di lavoro corrente" + +#: gptrace/event_tracer.py:74 +msgid "Parent PID" +msgstr "ID processo padre" + +#: gptrace/event_tracer.py:78 +msgid "User ID" +msgstr "ID utente" + +#: gptrace/event_tracer.py:79 +msgid "User name" +msgstr "Nome utente" + +#: gptrace/event_tracer.py:80 +msgid "User real name" +msgstr "Nome reale utente" + +#: gptrace/event_tracer.py:82 +msgid "Effective user ID" +msgstr "ID utente effettivo" + +#: gptrace/event_tracer.py:83 +msgid "Effective user name" +msgstr "Nome utente effettivo" + +#: gptrace/event_tracer.py:84 +msgid "Effective user real name" +msgstr "Nome reale utente effettivo" + +#: gptrace/event_tracer.py:86 +msgid "Group ID" +msgstr "ID gruppo" + +#: gptrace/event_tracer.py:87 +msgid "Group name" +msgstr "Nome gruppo" + +#: gptrace/event_tracer.py:89 +msgid "Effective group ID" +msgstr "ID gruppo effettivo" + +#: gptrace/event_tracer.py:90 +msgid "Effective group name" +msgstr "Nome gruppo effettivo" + +#: gptrace/event_tracer.py:91 +msgid "Status" +msgstr "Stato" + +#: gptrace/ui/main.py:457 msgid "Select a program to execute" msgstr "Scegliere un programma da eseguire" -#: ui/main.glade.h:19 -#, no-c-format -msgid "Selected intercepted syscalls (%(selected)d of %(total)d)" -msgstr "Syscall intercettate selezionate (%(selected)d of %(total)d)" +#: gptrace/ui/main.py:484 +msgid "When Show only existing files is selected the sorting by click on the column headers is disabled" +msgstr "Quando Mostra solo file esistenti è selezionato l'ordinamento tramite click sull'intestazione della colonna è disabilitato" diff -Nru gptrace-0.1.4/README.md gptrace-0.4.2/README.md --- gptrace-0.1.4/README.md 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/README.md 2014-09-06 18:09:57.000000000 +0000 @@ -2,7 +2,7 @@ ======= **Description:** Trace the activities of an external application. -**Copyright:** 2014 Fabio Castelli (Muflone) +**Copyright:** 2014 Fabio Castelli (Muflone) **License:** GPL-2+ diff -Nru gptrace-0.1.4/setup.py gptrace-0.4.2/setup.py --- gptrace-0.1.4/setup.py 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/setup.py 2014-09-06 18:09:57.000000000 +0000 @@ -2,7 +2,7 @@ ## # Project: gpTrace # Description: Trace the activities of an external application -# Author: Fabio Castelli (Muflone) +# Author: Fabio Castelli (Muflone) # Copyright: 2014 Fabio Castelli # License: GPL-2+ # This program is free software; you can redistribute it and/or modify it diff -Nru gptrace-0.1.4/.tx/config gptrace-0.4.2/.tx/config --- gptrace-0.1.4/.tx/config 1970-01-01 00:00:00.000000000 +0000 +++ gptrace-0.4.2/.tx/config 2014-09-06 18:09:57.000000000 +0000 @@ -0,0 +1,8 @@ +[main] +host = https://www.transifex.com + +[gptrace.gptrace] +file_filter = po/.po +source_file = po/gptrace.pot +source_lang = en + diff -Nru gptrace-0.1.4/ui/main.glade gptrace-0.4.2/ui/main.glade --- gptrace-0.1.4/ui/main.glade 2014-08-09 18:47:39.000000000 +0000 +++ gptrace-0.4.2/ui/main.glade 2014-09-06 18:09:57.000000000 +0000 @@ -26,73 +26,276 @@ True False - + True False - Visible columns + Activities True - + True False - + True False - C Timestamp + Visible columns True - True - + + + True + False + + + True + False + C Timestamp + True + True + + + + + + True + False + C Time + True + True + + + + + + True + False + C Syscall + True + True + + + + + + True + False + C Format + True + True + + + + + + True + False + C PID + True + True + + + + + + True + False + C Instruction Pointer + True + True + + + + + - + True False - C Time + Filter activities True - True - + + + True + False + + + True + False + Hide the selected syscall + True + + + + + + True + False + Show only the selected syscall + True + + + + + + True + False + Reset filter + True + + + + + + True + False + + + + + True + False + Ignore (don't intercept) the selected syscall + True + + + + + + True + False + Unignore (intercept) the selected syscall + True + + + + + + + + + + + + True + False + Counts + True + + + True + False - + True False - C Syscall + Visible columns True - True - + + + True + False + + + True + False + C Syscall + True + True + + + + + + True + False + C Count + True + True + + + + + - + True False - C Format + Show only called syscalls True - True - + + + + + + + + True + False + Files + True + + + True + False - + True False - C PID + Visible columns True - True - + + + True + False + + + True + False + C PID + True + True + + + + + + True + False + C Existing + True + True + + + + + + True + False + C File Path + True + True + + + + + - + True False - C Instruction Pointer + Show only existing files True - True - + @@ -100,89 +303,143 @@ - + True False - Clear list now + Processes True - + + + True + False + + + True + False + Visible columns + True + + + True + False + + + True + False + C PID + True + True + + + + + + True + False + C Timestamp + True + True + + + + + + True + False + C Time + True + True + + + + + + True + False + C Information + True + True + + + + + + + + + - + True False - Clear automatically + + + + + True + False + Clear list now True - True + - + True False - Filter items + Clear automatically True - - - True - False - - - True - False - Hide the selected syscall - True - - - - - - True - False - Show only the selected syscall - True - - - - - - True - False - Reset filter - True - - - - - - True - False - - - - - True - False - Ignore (don't intercept) the selected syscall - True - - - - - - True - False - Unignore (intercept) the selected syscall - True - - - - - + True + + + + + + + + + + + + + + + + + + storeActivities + + + + + + + + + + + + + storeCounts + + + + + + + + + + + + + storeFiles + @@ -199,25 +456,20 @@ - + + + - + - - - - - + - - storeSyscalls - False 6 @@ -331,125 +583,417 @@ + + True + False + True + True + + + + False + start + + + + + + + + + False + False + 0 + + + + + False + 16 + + + True + False + lblInfoBarContent + True + end + + + False + True + 0 + + + + + False + False + 0 + + + + + False + True + 1 + + + True True vertical - + True True - in - + True True - filterSyscalls - 2 - - - - + in - - True - Timestamp - True - 0.5 - True - True - 0 + + True + True + filterActivities + 2 + + + + - - - 0 - + + True + Timestamp + True + 0.5 + True + + + + 0 + + + - - - - - True - Time - True - 0.5 - True - 1 - - - 1 - + + True + Time + True + 0.5 + True + + + + 1 + + + + + + + True + Syscall + True + True + 0.5 + True + + + + 2 + + + + + + + True + Format + True + 0.5 + True + + + end + + + 3 + + + + + + + True + PID + True + 0.5 + True + + + + 4 + + + - - - - - True - Syscall - True - True - 0.5 - True - 2 - - - 2 - + + True + Instruction pointer + True + True + + + + 5 + + + + + + + + True + False + Activities + + + False + + + + + True + True + in - - True - Format - True - 0.5 - True - 3 + + True + True + filterCounts + 0 + + + - - end + + True + Syscall + True + True + + + + 0 + + + + + + + True + Calls count + True + True + + + + 1 + + - - 3 - + + + 1 + + + + + True + False + Counts + + + 1 + False + + + + + True + True + in - - True - PID - True - 0.5 - True - 4 + + True + True + storeFiles + False + + + - - - 4 - + + True + PID + True + True + + + + 0 + + + + + + + Existing + True + True + + + + 2 + + + + + + + True + File path + True + True + + + + 1 + + + + + + 2 + + + + + True + False + Files + + + 2 + False + + + + + True + True + in - - True - Instruction pointer - True - True - 5 + + True + True + storeProcesses + False + + + - - - 5 - + + True + PID + True + True + + + + 0 + + + + + + + True + Timestamp + True + True + + + + 1 + + + + + + + True + Time + True + True + + + + 2 + + + + + + + True + Information + True + True + + + + 3 + + + + + + 4 + + + + + 3 + + + + + True + False + Processes + + + 3 + False + @@ -624,7 +1168,7 @@ True True - 1 + 2