Long-Term Supported Versions

    Innovation Versions

      secDetector Usage

      secDetector provides an SDK, that is, an .so library. Users can integrate the dynamic link library (DLL) into their applications to use secDetector through APIs. This chapter describes how to use the SDK.

      How to Use

      After secDetector is installed by referring to secDetector Installation, libsecDetectorsdk.so, secDetector_sdk.h, and secDetector_topic.h are deployed in the default path of the system user library.

      1. After ensuring that the include path is included in the application developed using C or C++, reference the two header files in the application.

        #include <secDetector/secDetector_topic.h>
        #include <secDetector/secDetector_sdk.h>
        
      2. Call APIs provided by the SDK to access secDetector by referring to API Reference.

        1. Call the subscription API secSub to subscribe to the required topics.
        2. Call the message reading API secReadFrom in an independent thread to read the messages from the subscribed topics in blocking mode.
        3. If secDetector is not required, call the secUnsub API for unsubscription. Use the return value of subscription during unsubscription.

      Sample Code

      See the sample code compiled in Python in the secDetector code repository.

      1. View the sample code at the following link:

        examples/python · openEuler/secDetector (gitee.com)

      2. Alternatively, download sample code.

      git clone https://gitee.com/openeuler/secDetector.git
      

      Specifications and Constraints

      1. Some functions (such as the security switch in memory modification probes) depend on the hardware architecture. They perform differently on different instruction set architectures.
      2. The buffer size for transferring data from the kernel to the user mode is shared by probes. If the buffer is full, newly collected event information is discarded. The buffer size ranges from 4 MB to 1,024 MB and must be a power of 2.
      3. The service process secDetectord can be run by the root user and does not support multiple instances. The program that is not the first to run exits.
      4. The maximum number of user subscription connections is 5.
      5. After a user subscribes to specific topics, a buffer needs to be provided for the message reading API. Messages that exceed the buffer length will be truncated. It is recommended that the buffer length be greater than or equal to 4096.
      6. The length of the description character strings such as the file name and node name is limited. If the length is too long, the description character strings may be truncated.
      7. Parallel multi-connection secDetectord for receiving messages is not supported within a single process of an application. Once a subscription is successful, a single connection is used to receive messages. You can subscribe to different topics only after unsubscribing from the subscribed topics.
      8. The secDetectord process can be closed and exited only after all applications are disconnected, that is, all topics are unsubscribed.
      9. Some functions (such as the security switch in memory modification probes) are based on the CPU status. The basic detection function is to detect the status change of the current CPU. If the status change of other CPUs is not synchronized to the current CPU in time, the status change of other CPUs will not be detected.

      Bug Catching

      Buggy Content

      Bug Description

      Submit As Issue

      It's a little complicated....

      I'd like to ask someone.

      PR

      Just a small problem.

      I can fix it online!

      Bug Type
      Specifications and Common Mistakes

      ● Misspellings or punctuation mistakes;

      ● Incorrect links, empty cells, or wrong formats;

      ● Chinese characters in English context;

      ● Minor inconsistencies between the UI and descriptions;

      ● Low writing fluency that does not affect understanding;

      ● Incorrect version numbers, including software package names and version numbers on the UI.

      Usability

      ● Incorrect or missing key steps;

      ● Missing prerequisites or precautions;

      ● Ambiguous figures, tables, or texts;

      ● Unclear logic, such as missing classifications, items, and steps.

      Correctness

      ● Technical principles, function descriptions, or specifications inconsistent with those of the software;

      ● Incorrect schematic or architecture diagrams;

      ● Incorrect commands or command parameters;

      ● Incorrect code;

      ● Commands inconsistent with the functions;

      ● Wrong screenshots.

      Risk Warnings

      ● Lack of risk warnings for operations that may damage the system or important data.

      Content Compliance

      ● Contents that may violate applicable laws and regulations or geo-cultural context-sensitive words and expressions;

      ● Copyright infringement.

      How satisfied are you with this document

      Not satisfied at all
      Very satisfied
      Submit
      Click to create an issue. An issue template will be automatically generated based on your feedback.
      Bug Catching
      编组 3备份