diff --git a/cmd/sysmonitord/main.go b/cmd/sysmonitord/main.go index 1e96c87..4a0d1ca 100644 --- a/cmd/sysmonitord/main.go +++ b/cmd/sysmonitord/main.go @@ -82,9 +82,11 @@ func main() { var sshMon *monitor.SSHMonitor var infoMon *monitor.InfoMonitor + scanPaths := determineScanPaths(officialCfg, userCfg) + // 扫盘器 if userCfg.Modules.FileScanner { - sysScanner = scanner.NewScanner(wlManager, centerClient) + sysScanner = scanner.NewScanner(wlManager, centerClient, scanPaths) sysScanner.Start() log.Printf("[监控信息] 文件周期扫描器已启动") } @@ -92,7 +94,7 @@ func main() { // 监控器 if userCfg.Modules.FileWatcher { var err error - sysWatcher, err = scanner.NewWatcher(wlManager, centerClient) + sysWatcher, err = scanner.NewWatcher(wlManager, centerClient, scanPaths) if err != nil { log.Fatalf("[启动错误] 初始化监控器失败: %v", err) } else { @@ -192,3 +194,18 @@ func initLogger() { log.SetOutput(io.MultiWriter(os.Stdout, fileLogger)) } + +func determineScanPaths(officialCfg config.OfficialConfig, userCfg config.UserConfig) []string { + // 从用户配置获取扫描路径 + if len(userCfg.ScanPaths) > 0 { + return userCfg.ScanPaths + } + + // 从官方配置获取扫描路径 + if len(officialCfg.ScanPaths) > 0 { + return officialCfg.ScanPaths + } + + // 默认扫描路径 + return []string{"/bin", "/sbin", "/usr/bin", "/usr/sbin", "/etc", "/tmp", "/home"} +} diff --git a/internal/config/config.go b/internal/config/config.go index 75293e4..9a47d11 100644 --- a/internal/config/config.go +++ b/internal/config/config.go @@ -17,6 +17,7 @@ type UserConfig struct { SupplementFiles map[string][]string `json:"supplement_files"` SupplementProcesses []string `json:"supplement_processes"` IgnoredPaths []string `json:"ignored_paths"` + ScanPaths []string `json:"scan_paths"` MonitorConfig MonitorConfig `json:"monitor_config"` } diff --git a/internal/scanner/scanner.go b/internal/scanner/scanner.go index 92f617f..c1a27d9 100644 --- a/internal/scanner/scanner.go +++ b/internal/scanner/scanner.go @@ -19,12 +19,12 @@ type Scanner struct { stopChan chan struct{} } -func NewScanner(wl *whitelist.Manager, client *network.WSClient) *Scanner { +func NewScanner(wl *whitelist.Manager, client *network.WSClient, scanPaths []string) *Scanner { return &Scanner{ wlManager: wl, client: client, cpuLimit: 50.0, - scanPaths: []string{"/bin", "/sbin", "/usr/bin", "/usr/sbin", "/etc", "/tmp", "/home"}, + scanPaths: scanPaths, stopChan: make(chan struct{}), } } diff --git a/internal/scanner/watcher.go b/internal/scanner/watcher.go index 38239b3..1d182b7 100644 --- a/internal/scanner/watcher.go +++ b/internal/scanner/watcher.go @@ -19,7 +19,7 @@ type Watcher struct { watchPaths []string } -func NewWatcher(wl *whitelist.Manager, client *network.WSClient) (*Watcher, error) { +func NewWatcher(wl *whitelist.Manager, client *network.WSClient, watchPaths []string) (*Watcher, error) { fsWatch, err := fsnotify.NewWatcher() if err != nil { return nil, err @@ -32,9 +32,7 @@ func NewWatcher(wl *whitelist.Manager, client *network.WSClient) (*Watcher, erro stopChan: make(chan struct{}), // TODO: 当前仅实现对主目录的监控,后续实现递归监控子目录 - watchPaths: []string{ - "/bin", "/sbin", "/usr/bin", "/etc/init.d", "/tmp", - }, + watchPaths: watchPaths, }, nil } @@ -64,7 +62,10 @@ func (w *Watcher) eventLoop() { return } - if event.Has(fsnotify.Create) || event.Has(fsnotify.Write) { + if event.Has(fsnotify.Create) || + event.Has(fsnotify.Write) || + event.Has(fsnotify.Remove) || + event.Has(fsnotify.Rename) { if w.wlManager.IsPathIgnored(event.Name) { continue }