diff --git a/Cargo.lock b/Cargo.lock index 7bd1a2d..ded4323 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -157,7 +157,7 @@ checksum = "2304e00983f87ffb38b55b444b5e3b60a884b5d30c0fca7d82fe33449bbe55ea" [[package]] name = "home-watcher" -version = "0.1.1" +version = "0.2.1" dependencies = [ "clap", "rusqlite", diff --git a/Cargo.toml b/Cargo.toml index 0747191..2c0a44d 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "home-watcher" -version = "0.1.1" +version = "0.2.1" edition = "2021" [profile.release] diff --git a/README.md b/README.md index 11f23bd..376cdb1 100644 --- a/README.md +++ b/README.md @@ -25,7 +25,7 @@ Note: Common user directories like `Documents`, `Downloads`, `Pictures`, `Videos ## Installation -1. **Build from Source** +1. **Build from source** Clone the repository and compile the Rust project: ```bash git clone https://github.com/QazCetelic/home-watcher.git @@ -34,11 +34,18 @@ Note: Common user directories like `Documents`, `Downloads`, `Pictures`, `Videos ``` The compiled binary will be available in the `target/release` directory. -2. **Install the Binary** +2. **Install the binary** Move the binary to a directory in your `PATH`, such as `/usr/local/bin`: ```bash sudo mv target/release/home-watcher /usr/local/bin/ ``` + +3. **Install the systemd service** + Make sure to change in home-watcher.service + ```bash + sudo cp ./home-watcher.service /etc/systemd/system/home-watcher.service + sudo systemctl enable home-watcher.service --now + ``` ## Database The database contains an `files` table with the following data: diff --git a/home-watcher.service b/home-watcher.service new file mode 100644 index 0000000..8dbfca7 --- /dev/null +++ b/home-watcher.service @@ -0,0 +1,11 @@ +[Unit] +Description=Log creation of non-standard home directory files +After=basic.target + +[Service] +Restart=on-failure +Type=simple +ExecStart=/usr/local/bin/home-watcher --user --excluded-dirs .var + +[Install] +WantedBy=multi-user.target diff --git a/src/ausearch_parse.rs b/src/ausearch_parse.rs index e70d983..7b85f12 100644 --- a/src/ausearch_parse.rs +++ b/src/ausearch_parse.rs @@ -24,7 +24,7 @@ pub fn parse_csv(mut lines: I) -> Vec where I: Iterator, { let mut interactions: Vec = Vec::new(); - let header = lines.next().expect("Output is empty"); + let header = if let Some(h) = lines.next() { h } else { return interactions; }; if header != EXPECTED_HEADER { panic!("Unexpected header") } diff --git a/src/file_audit.rs b/src/file_audit.rs index f2221ec..ed3c145 100644 --- a/src/file_audit.rs +++ b/src/file_audit.rs @@ -1,6 +1,6 @@ use crate::ausearch_parse::{parse_csv, Interaction}; use crate::time::DateTime; -use std::io::BufRead; +use std::io::{BufRead, Read}; use std::process::{Command, Output, Stdio}; pub const AUDITD_RULE_TAG: &str = "home_watcher_rule"; diff --git a/src/main.rs b/src/main.rs index d17bab6..c96fff6 100644 --- a/src/main.rs +++ b/src/main.rs @@ -6,6 +6,7 @@ use crate::user_env::UserEnvironment; use crate::util::{create_db_file, get_default_db_path, get_excluded_directories, get_user}; use clap::Parser; use std::collections::HashSet; +use std::env::set_var; use std::path::PathBuf; use std::thread::sleep; use std::time::Duration; @@ -43,6 +44,9 @@ struct Args { } fn main() { + // Use IS8601 / RFC3339 date (YYYY-MM-DD) to avoid issues with ausearch + set_var("LC_TIME", "en_DK.UTF-8"); + let args = Args::parse(); let mut excluded_executables: HashSet = Default::default(); let excluded_executables_str: String;