.gitignore

@@ -24,4 +24,3 @@ go.work
 sysmonitord.code-workspace
 data/
 config.yaml
-dist/

Makefile

@@ -1,25 +0,0 @@
-APP_NAME = sysmonitord
-VERSION = V0.1.0
-BUILD_TIME = $(shell date +%Y-%m-%d_%H:%M:%S)
-GIT_COMMIT = $(shell git rev-parse --short HEAD 2>/dev/null || echo "unknown")
-
-LDFLAGS = -ldflags "-X 'sysmonitord/internal/version.Version=$(VERSION)' \
--X 'sysmonitord/internal/version.BuildTime=$(BUILD_TIME)' \
--X 'sysmonitord/internal/version.GitCommit=$(GIT_COMMIT)'"
-
-all: build
-
-build:
-	@echo "开始编译 $(APP_NAME) 版本: $(VERSION)"
-	go build $(LDFLAGS) -o dist/$(APP_NAME) main.go
-	@echo "编译完成: dist/$(APP_NAME)"
-
-install:
-	@echo "安装 $(APP_NAME) 到/usr/local/bin..."
-	cp dist/$(APP_NAME) /usr/local/bin/
-	@echo "安装完成"
-
-clean:
-	@echo "清理编译产物..."
-	rm -rf dist/$(APP_NAME)
-	@echo "清理完成"

cmd/safe/safe.go

@@ -16,8 +16,7 @@ import (
 	"golang.org/x/term"
 )
 
-func NewSafeCmd() *cobra.Command {
-	cmd := &cobra.Command{
+var SafeCmd = &cobra.Command{
 	Use:   "safe",
 	Short: "交互式安全确认，将可疑对象加入白名单",
 	Long:  "查看当前的可疑文件和进程列表，并选择将其移入白名单。",
@@ -30,8 +29,6 @@ func NewSafeCmd() *cobra.Command {
 
 		interactiveSafe(cfg)
 	},
-	}
-	return cmd
 }
 
 func readKeyWithESC() (string, error) {

cmd/start/start.go

@@ -20,17 +20,16 @@ import (
 	"go.uber.org/zap"
 )
 
-func NewStartCmd() *cobra.Command {
-	cmd := &cobra.Command{
+var StartCmd = &cobra.Command{
 	Use:   "start",
 	Short: "启动系统监控守护服务",
 	Long:  "sysmonitord start 命令用于启动系统监控守护服务，首次启动会进行全量扫描建立白名单。",
 	Run: func(cmd *cobra.Command, args []string) {
 		logger.Log.Info("正在启动系统监控守护服务...")
 
-			cfg, ok := cmd.Context().Value("config").(*config.Config)
-			if !ok {
-				logger.Log.Error("无法获取配置")
+		cfg, err := config.LoadConfig("./config.yaml")
+		if err != nil {
+			logger.Log.Error("加载配置文件失败", zap.Error(err))
 			os.Exit(1)
 		}
 
@@ -177,7 +176,4 @@ func NewStartCmd() *cobra.Command {
 		}
 
 	},
-	}
-
-	return cmd
 }

cmd/status/status.go

@@ -10,8 +10,7 @@ import (
 	"github.com/spf13/cobra"
 )
 
-func NewStatusCmd() *cobra.Command {
-	cmd := &cobra.Command{
+var StatusCmd = &cobra.Command{
 	Use:   "status",
 	Short: "显示系统状态",
 	Long:  "显示Sysmonitod的当前状态",
@@ -25,8 +24,6 @@ func NewStatusCmd() *cobra.Command {
 
 		printStatus(cfg)
 	},
-	}
-	return cmd
 }
 
 func printStatus(cfg *config.Config) {

cmd/version/version.go

@@ -7,14 +7,11 @@ import (
 	"github.com/spf13/cobra"
 )
 
-func NewVersionCmd() *cobra.Command {
-	cmd := &cobra.Command{
+var VersionCmd = &cobra.Command{
 	Use:   "version",
 	Short: "显示 sysmonitord 的版本信息",
 	Long:  "sysmonitord version 命令用于显示当前 sysmonitord 的版本、Git 提交信息和构建时间。",
 	Run: func(cmd *cobra.Command, args []string) {
 		fmt.Println(version.Info())
 	},
-	}
-	return cmd
 }

config.yaml.example

@@ -19,7 +19,7 @@ scanner:
     algorithm: "xxhash64"
   file:
     include_paths:
-      - /
+      - /home/wuko233/Downloads
     exclude_paths:
       - /proc
       - /sys
@@ -27,22 +27,10 @@ scanner:
     fast_hash_size: 100MB
     fast_hash_chunk: 2MB
   process:
-    interval: 300 # seconds
+    interval: 30 # seconds
 
 storage:
   data_dir: "./data"
   process_system_file: "process_system.data"
   file_system_file: "file_system.data"
   dubious_file_list_file: "dubious_files.data"
-  dubious_process_list_file: "dubious_processes.data"
-
-notification:
-  email:
-    enabled: true
-    recipients:
-      - admin@wuko.top
-    smtp:
-      server:
-      port: 465
-      username:
-      password:

install.sh

@@ -1,59 +0,0 @@
-#!/bin/bash
-# sysmonitord 安装脚本
-set -e
-echo "正在安装 sysmonitord..."
-
-# 检测是否为 root 用户
-if [ "$EUID" -ne 0 ]; then
-    echo "请使用 root 用户运行此安装脚本。"
-    exit 1
-fi
-
-# 路径设置
-BIN_NAME="sysmonitord"
-INSTALL_DIR="/usr/local/bin"
-CONFIG_DIR="/etc/sysmonitord"
-DATA_DIR="/var/lib/sysmonitord"
-LOG_DIR="/var/log/sysmonitord"
-
-# 编译
-echo "正在编译 sysmonitord..."
-make build
-
-# 创建目录
-echo "正在创建目录..."
-mkdir -p "$CONFIG_DIR"
-mkdir -p "$DATA_DIR"
-mkdir -p "$LOG_DIR"
-
-# 复制文件
-echo "正在复制文件..."
-cp "dist/$BIN_NAME" "$INSTALL_DIR/"
-chmod +x "$INSTALL_DIR/$BIN_NAME"
-
-# 初始化配置文件
-if [ ! -f "$CONFIG_DIR/config.yaml" ]; then
-    echo "==> 初始化配置文件..."
-    cp config.yaml.example $CONFIG_DIR/config.yaml
-else
-    echo "==> 配置文件已存在，跳过覆盖..."
-fi
-
-# 安装systemd服务
-echo "正在安装 systemd 服务..."
-cp scripts/sysmonitord.service /etc/systemd/system/
-systemctl daemon-reload
-systemctl enable sysmonitord
-echo ""
-echo "安装完成！"
-echo ""
-echo "配置文件路径: $CONFIG_DIR/config.yaml"
-echo "数据目录: $DATA_DIR"
-echo "日志目录: $LOG_DIR"
-echo ""
-echo "您可以使用以下命令来管理 sysmonitord 服务："
-echo "启动: systemctl start sysmonitord"
-echo "停止: systemctl stop sysmonitord"
-echo "重启: systemctl restart sysmonitord"
-echo "查看状态: systemctl status sysmonitord"
-echo "查看日志: journalctl -u sysmonitord -f"

main.go

@@ -1,8 +1,6 @@
 package main
 
 import (
-	"context"
-	"fmt"
 	"os"
 	"sysmonitord/cmd/safe"
 	"sysmonitord/cmd/start"
@@ -15,44 +13,27 @@ import (
 	"go.uber.org/zap"
 )
 
-var (
-	cfgFile string
-	cfg     *config.Config
-)
-
 func main() {
 	logger.InitLogger()
 	defer logger.Sync()
 
+	cfg, err := config.LoadConfig("./config.yaml")
+	if err != nil {
+		logger.Log.Error("加载配置文件失败", zap.Error(err))
+		os.Exit(1)
+	} else {
+		logger.SetLogLevel(cfg.Log.Level)
+	}
+
 	var rootCmd = &cobra.Command{
 		Use:   "sysmonitord",
 		Short: "Sysmonitord 是一个 Linux 系统安全监控工具",
-		PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
-			if cfgFile == "" {
-				if _, err := os.Stat("./config.yaml"); err == nil {
-					cfgFile = "./config.yaml"
-				} else if _, err := os.Stat("/etc/sysmonitord/config.yaml"); err == nil {
-					cfgFile = "/etc/sysmonitord/config.yaml"
-				}
 	}
 
-			cfg, err := config.LoadConfig(cfgFile)
-			if err != nil {
-				return fmt.Errorf("加载配置文件失败: %w", err)
-			}
-
-			ctx := context.WithValue(cmd.Context(), "config", cfg)
-			cmd.SetContext(ctx)
-			return nil
-		},
-	}
-
-	rootCmd.PersistentFlags().StringVarP(&cfgFile, "config", "c", "", "配置文件路径 (默认: ./config.yaml 或 /etc/sysmonitord/config.yaml)")
-
-	rootCmd.AddCommand(start.NewStartCmd())
-	rootCmd.AddCommand(version.NewVersionCmd())
-	rootCmd.AddCommand(status.NewStatusCmd())
-	rootCmd.AddCommand(safe.NewSafeCmd())
+	rootCmd.AddCommand(start.StartCmd)
+	rootCmd.AddCommand(version.VersionCmd)
+	rootCmd.AddCommand(status.StatusCmd)
+	rootCmd.AddCommand(safe.SafeCmd)
 
 	if err := rootCmd.Execute(); err != nil {
 		logger.Log.Error("命令执行失败", zap.Error(err))

scripts/sysmonitord.service

@@ -1,16 +0,0 @@
-[Unit]
-Description=Sysmonitord - Linux System Security Monitor Daemon
-Documentation=https://github.com/wuko233/sysmonitord
-After=network.target
-
-[Service]
-Type=simple
-User=root
-Group=root
-ExecStart=/usr/local/bin/sysmonitord start
-Restart=on-failure
-RestartSec=10
-LimitNOFILE=65536
-
-[Install]
-WantedBy=multi-user.target