All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog,
- Architecture specification in snapcraft.yaml so snaps are built uisng the default behavior with respect to architectures
- The name of the project from OWWatcher to TmpWatcher.
- Continuous integration with Travis CI.
- Removed duplicate plugs in snapcraft.yaml.
- Switched from relative to absolute imports.
- Failure to reset umask when FileArchiver instance was destroyed, leading to 0600 permissions on the htmlcov directory created by pytest.
- Unit tests that fail with pytest 5.4.x and later (python 3.8 and later)
- File archive performance: Run a thread for archiving files, rather than incurring the overhead of creating a thread for each file that needs to be copied.
- File archive performance: Add files to the archive queue before syslog alerts are sent to increase the probability that the file still exists when the archive thread attemps to archive it.
- Refactored file archive functionality out of OWWatcher and into new FileArchiver class.
- Syslog alert performance: Run thread for sending syslog alerts so that the main thread can get back to processing syslog alerts.
- Refactored alerting functionality out of OWWatcher and into new SyslogAlerter class.
- This changelog and filled it in retroactively.
- Option that allows a user to specify that output should go to stdout, even if it a log file has also been specified (--stdout).
- Unit tests for OWWatcherLoggerConfigurer
- More/better unit tests for OWWatcher and Options
- An option to specify that inotify watches should be recursive (--recursive).
- Useful comments in owwatcher-default.conf to provide more information about how options are specified in the config file.
- A new feature where OWWatcher tries to save any files matching the permissions mask so they can be analyzed later.. This requires the user to specify a path (--archve_path) where files will be saved.
- Enablement of daemon on snap install. Previously, the owwatcherd daemon was automatically enabled on snap install. Now it is disabled by default.
- Command-line arguments and config files could both be specified. Instead, command-line arguments and config files are now mutually exclusive.
- By default, log output goes to stdout instead of a default log file. A log file must be specified in the command line options or config file if sending output to a file is desired.
- By default, alerts are not sent via syslog. They are only sent if the syslog_server and syslog_port options are specified.
- Inotify watches are not recursive by default.
- Minor performance improvement: removed IN_ISDIR from OWWatcher.EVENT_MASK
- The ability to use command-line arguments to override config file. Command-line arguments and config files are now mutually exclusive.
- Bug that caused the --tcp argument to be completely ignored. As a result, all syslog output was always sent over UDP.
- Set umask in setup.py so that snap can be run as regular user instead of only as root.
- i386 and arm64 architectures to snap/snapcraft.yaml
- A TODO item in the Future Work section of README.md: syslog alert should show permissions of files matching the permissions mask.
- A bug in the way directories are handled from within a snap. This bug caused potential infinte loops and crashes.
- Crashes caused by FileNotFoundErrors when adding inotify watches.
- Crashes caused by errors from the PyInotify library.
- Crashes caused by generic exceptions.
- Debug logging that shows the permissions for files matching the permissions mask.
- More/better unit tests for OWWatcher.
- Note to README.md about using strace to minimize the impact of race conditions.
- Unused code in OWWatcherTest
- Future work item about test coverage in README.md
- Reduced false positives by checking permissions on the parent directories of a file. If a parent directory does not match the permissions mask, an alert is generated with a caveat.
- Typo in debug log message in OWWatcher._check_perms_mask()
- Option to specify a permissions mask instead of only alerting on world-writable files (--perms-mask).
- Unit tests for OWWatcher._process_event()
- A bug in the way null logger was created which could cause owwatcher to crash or potential issues with the test suite.
- Snap to use system-backup interface instead of a combination of system-files and log-observe
- Logic to hide /var/snap/owwatcher/current portion of path from the user.
- Snap from classic confinement to strict confinement.
- Command-line argument to read options from a config file (--config-path).
- Ability to watch multiple directories concurrently.
- Signal handling for cleaner shutdown.
- snap/ directory, including snapcraft.yaml, so that owwatcher could be snapped and run as a daemon.
- Better exception handling.
- Improved detail in logging.
- Notes about race conditions that may cause false negatives to REDME.md.
- More/better unit tests
- The name of the project from detect_ow to OWWatcher.
- Future Work in README.md.
- "--port" option renamed to "--syslog_port".
- Logger output sent to a file which can be specified by the user.
- Python module structure, which changes the way owwatcher must be run from the command line.
- Duplicate log messages.
- Typos in README.md
- README.md.
- Basic functionality using inotify and a syslog logger to log world writable files in /tmp.
- Unit test suite