Skip to content

pleiszenburg/loggedfs-python

BranchesTags

Repository files navigation

Build Status: master / release Build Status: development branch Project License: Apache License v2 Project Development Status Available on PyPi - the Python Package Index Available on PyPi - the Python Package Index

LoggedFS-python repository

Synopsis

LoggedFS-python is a FUSE-based filesystem which can log every operation that happens in it. It is a pure Python re-implementation of LoggedFS by Rémi Flament maintaining CLI compatibility. The project is heavily inspired by Stavros Korokithakis' 2013 blog post entitled "Writing a FUSE filesystem in Python" (source code repository). The filesystem is fully POSIX compliant, passing the pjdfstest test-suite, a descendant of FreeBSD's fstest. It furthermore passes stress tests with fsx-linux based on the fsx-flavor released by the Linux Test Project. It is intended to be suitable for production systems.

CAVEATS

  • PROJECT STATUS: BETA
  • THE FILESYSTEM IS CURRENTLY ONLY BEING DEVELOPED FOR AND TESTED ON LINUX. ANYONE INTERESTED IN CONFIRMING MAC OS X AND/OR ADDING BSD SUPPORT?

Installation

From the Python Package Index (PyPI):

pip install loggedfs

From GitHub:

pip install git+https://github.com/pleiszenburg/loggedfs-python.git@master

Supports Python 3.{4,5,6,7}.

Supports Linux. Support for MAC OS X is implemented but has yet not been tested.

Simple usage example

To start recording access to /tmp/TEST into /root/log.txt, just do:

sudo loggedfs -p -s -l /root/log.txt /tmp/TEST

To stop recording, just unmount as usual:

sudo fusermount -u /tmp/TEST

Configuration

LoggedFS-python can use an XML configuration file if you want it to log operations only for certain files, for certain users, or for certain operations. LoggedFS-python is fully compatible with configuration files in LoggedFS' original format. Yet it can also handle additional fields (e.g. the command field).

Here is a sample configuration file :

<?xml version="1.0" encoding="UTF-8"?>

<loggedFS logEnabled="true" printProcessName="true">
        <includes>
                <include extension=".*" uid="*" action=".*" retname=".*" command=".*"/>
        </includes>
        <excludes>
                <exclude extension=".*\.bak$" uid="*" action=".*" retname="SUCCESS" command=".*"/>
                <exclude extension=".*" uid="1000" action=".*" retname="FAILURE" command=".*"/>
                <exclude extension=".*" uid="*" action="getattr" retname=".*" command=".*"/>
        </excludes>
</loggedFS>

This configuration can be used to log everything except if it concerns a *.bak file, or if the uid is 1000, or if the operation is getattr.

Need help?

Feel free to post questions in the GitHub issue tracker of this project.

Bugs & issues

Please report bugs in LoggedFS-python here in its GitHub issue tracker.

Miscellaneous

About

Filesystem monitoring with Fuse and Python

Topics

fuse monitoring filesystem logging fuse-filesystem filesystem-logging filesystemwatcher

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

29 stars

Watchers

2 watching

Forks

6 forks
Report repository

Releases 6

0.0.6 (2020-07-11) Latest
Jul 11, 2020
+ 5 releases

Packages

No packages published

Languages