I'm looking for a way to output traces to a log file in my code, which runs on linux.
I don't want to include the printing information in the binary, in every place I deploy it.
It windows, I simply used WPP to trace without putting the actual traces strings in my binary.
How can this by achieved in Linux?
I'm not very familiar with Linux tools in this area, so maybe there is a better system. However, since nobody else has made any good suggestions, I'll make a suggestion. (Probably not a very good suggestion, but the best I can think of right now.)
In theory, you could continue to use wpp. Wpp is simply a template system. It scans the configuration and input files to create data structures. Then it runs a template, fills in the data values it got from the scan, producing the tmh files. You could create a new set of templates that would use Linux apis instead of Windows apis, and would record the message strings in a way that works with some other log decoder system.
I noticed this question only now and would like to add my two cents to the story just for a case. Personally, I truly appreciate Windows WPP Tracing and consider it probably the best engineering solution for practical development troubleshooting among similar tools.
It happened I extended WPP use to Unix-like platforms twice. We wanted to use strong sides of WPP concept in general and yet use it in a multi-platform pieces of code. This was not a porting but rather a wrapper to specific WPP use we configured on Windows. One time we had a web service to perform actual WPP pre-processing on Windows; it may sound a bit insane but it worked fine and effective within the local network. A wrapper script that was executed before each compilation sent a web request, got a processed file and post-processed the generated include file to make it suitable for Unix-like platforms. The second time we implemented a simplified WPP pre-processor of our own (we found yet additional use for it - we could generate the tracing statements differently for production and unit testing, for example). This was a harsh solution: you anyway need to use some physical tracing framework behind the wrapper on non-Windows platform (well, the first time we apparently implemented our own lower level).
I do not think the Linux world has a framework comparable to WPP. Once I even thought it could be a great idea to make an open source porting project for WPP. I am not sure it would be much requested though. I said it is a great engineering solution. But who wants to do dirty engineering work? Open source community prefer abstract object-oriented and generic solutions, streaming and less necessity in corresponding tools (WPP requires special management tools and OS support).Ease of code writing is the today's choice.
There could be Microsoft fault (or unwillingness) in the lack of WPP popularity too. They kept it as an internal framework that came out just by a case with Windows DDK because they have to offer some logging/tracing solution for driver developers. Nobody even noticed much that WPP is well suitable for the user-space code too. And WPP pre-processor for C#, for example, has never been exposed to public at all.
Nevertheless, I still think that WPP porting to Unix/Linux work can be a challenging, interesting and maybe even useful attempt. If someone decides to lead it. :)
Related
I've been using the MonoTorrent library for a couple of weeks now and am looking for any kind of feedback or recommended alternatives.
The only issue I have with the library so far is that it is MUCH slower than uTorrent, I am not sure if this is a configuration issue or whether it doesnt support a required feature etc, but I require higher speeds for my needs and I found that for the exact same file I can get a major difference (times 100) in terms of the numbers of seeders and speeds.
I wanted to give libtorrent a try as well but have not been able to even compile the windows dll, let alone write the required code to use it :-)
I probably don't know much about the history of the torrent protocol but found it strange to find so little support in the C#/.Net world.
Was even considering wrapping the uTorrent client somehow, but it might be 'frowned upon' lol
Ended up using the libtorrent C++ library (running on a seperate process with added REST api to communicate with the main program) it works well and the torrent performance is excellent.
I am asking this question from an architectural point of view. I have been looking up tutorials and blog posts related to Node.js. Apart from a server-side implementation of Javascript, I don't see anything new when compared to the basic concepts used in CICS since the 1970s.
I must admit that the implementation and other technical details are different (PC vs Mainframe, Scripting language vs COBOL, UNIX vs MVS). However, other than those, I don't see any difference.
Can someone offer some insights from the architectural view?
The purpose of CICS psuedo-conversational programming is to release common resources while the user is filling out the screen.
Node.js keeps a single thread for your code while all input / output runs in parallel with your code.
With CICS, the developer has to code in a certain way (psuedo-conversational) so that the shared CICS system would run efficiently. With node.js, the design lets you code without worrying about the underlying architecture.
I'd say that the concepts are different. The developer serves CICS, while node.js serves the developer. It's like the difference between a dictatorship and a facilitator.
Actually they are quite similar in many ways. There are, several important differences in their implementations. Similarities first... both are examples of a monitor style of programming, both react to events in a more or less message passing style and both are designed to keep from blocking on allocated resources. Both also work very well with message passing middleware. CICS code can even be structurally similar (if you ignore the large and mostly mysterious number of constants and bizarre function names). there are also some profound differences, particularly with regards to transactionality, built in security ease of management. While CICS has GUI management, it is a long way from the simplicity of Node. I believe Node is now available natively on mainframes as well.
I realize this is an old question, but thought it deserved an update. The short answer is they are not the same, but that CICS can support a model very similar to node.
Ps... i have written code for both. In some ways CICS seems more friendly in C and Java than Cobol, which is what most people are familliar with. The respondent above is also right in that they do not serve exactly the same purpose although they can be used similarly. Node seems much easier to code for, but requires a lot of libraries and/or external components if you need some of the features that CICS provides out of the box.
I'm currently offering an assembly compile service for some people. They can enter their assembly code in an online editor and compile it. When then compile it, the code is sent to my server with an ajax request, gets compiled and the output of the program is returned.
However, I'm wondering what I can do to prevent any serious damage to the server. I'm quite new to assembly myself so what is possible when they run their script on my server? Can they delete or move files? Is there any way to prevent these security issues?
Thank you in advance!
Have a look at http://sourceforge.net/projects/libsandbox/. It is designed for doing exactly what you want on a linux server:
This project provides API's in C/C++/Python for testing and profiling simple (single process) programs in a restricted environment, or sandbox. Runtime behaviours of binary executable programs can be captured and blocked according to configurable / programmable policies.
The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM/ICPC training. They have since then evolved into a general-purpose tool for binary program testing, profiling, and security restriction. The sandbox libraries are currently maintained by the OpenJudge Alliance (http://openjudge.net/) as a standalone, open-source project to facilitate various assignment grading solutions for IT/CS education.
If this is a tutorial service, so the clients just need to test miscellaneous assembly code and do not need to perform operations outside of their program (such as reading or modifying the file system), then another option is to permit only a selected subset of instructions. In particular, do not allow any instructions that can make system calls, and allow only limited control-transfer instructions (e.g., no returns, branches only to labels defined within the user’s code, and so on). You might also provide some limited ways to return output, such as a library call that prints whatever value is in a particular register. Do not allow data declarations in the text (code) section, since arbitrary machine code could be entered as numerical data definitions.
Although I wrote “another option,” this should be in addition to the others that other respondents have suggested, such as sandboxing.
This method is error prone and, if used, should be carefully and thoroughly designed. For example, some assemblers permit multiple instructions on one line. So merely ensuring that the text in the first instruction field of a line was acceptable would miss the remaining instructions on the line.
Compiling and running someone else's arbitrary code on your server is exactly that, arbitrary code execution. Arbitrary code execution is the holy grail of every malicious hacker's quest. Someone could probably use this question to find your service and exploit it this second. Stop running the service immediately. If you wish to continue running this service, you should compile and run the program within a sandbox. However, until this is implemented, you should suspend the service.
You should run the code in a virtual machine sandbox because if the code is malicious, the sandbox will prevent the code from damaging your actual OS. Some Virtual Machines include VirtualBox and Xen. You could also perform some sort of signature detection on the code to search for known malicious functionality, though any form of signature detection can be beaten.
This is a link to VirtualBox's homepage: https://www.virtualbox.org/
This is a link to Xen: http://xen.org/
I want to use Smalltalk as an embedded DSL engine in C. No plugins required, and whole custom environment will be made by me. So almost ObjectEngine will be remained. Is this possible? I'm currently trying, however any help will be appreciated.
-- edit --
Any of Smalltalk implementation embedding guidance will also be appreciated. (except GNU Smalltalk. Because of it's license...)
This is a difficult thing to do with Pharo/Squeak:
The object engine depends on many primitives and thus many plugins need to be present. A while back most plugins couldn't be compiled statically. I don't know if this is still the case?
Building a whole custom environment is tricky, because it most likely means to strip down an existing image. There are various projects that try to build the infrastructure to bootstrap new images, but I haven't seen working solutions yet.
As Davorin writes Dolphin Smalltalk can be deployed as DLL. Similarly this is possible with Cincom Smalltalk and Smalltalk/X. All these Smalltalk's are commercial though.
To summarize, you are probably better off looking at Lua or Python that have been applied in your context many times already.
There was once a proposal for GSoC but never done:
Packaging Squeak as a DLL
A conventional approach to making libraries written in a particular language available to other languages is to package a library as a dynamic load library or shared object (dll from here on in). Adapting that approach to Squeak would both allow use of Smalltalk code by a wider audience and enable alternative deployment approaches for Squeak applications, easing the creation of Squeak plug-ins for systems like Apache, web browsers and so on. There are broadly two different approaches one can take, which one could call passive or active. In the passive architecture, the Squeak dll is inactive until called from another language, and runs only until a result is answered to the caller. In the active architecture the act of loading the dll causes Squeak to start up on its own thread and accept incoming calls from other threads in a form of rendezvous. The passive approach is easier to build but less useful; one does not have the full range of Squeak facilities such as light-weight processes, delays etc.
The objective of the project would be to implement either the passive or the active approach, depending on the student's interest and ability. The goal is to make Squeak more broadly useful to users and application deployers alike. There are many technical challenges to be met that will involve both Smalltalk and C coding and the use of the Smalltalk-C hybrid language Slang in which the Squeak VM is written.
The benefits to the student include gaining an in-depth understanding of dlls, interfacing to dynamic languages, foreign function interfaces and of the Squeak VM. The student will also be gaining an understanding of architectural issues by considering the many trade-offs between the passive and active approaches.
The benefits to the Squeak community will be in being able to package and deploy Squeak applications much more broadly than before.
Dolphin Smalltalk from Object Arts can be deployed as dll. But you would need to check the license for your particular use case, and it is windows only.
I'm trying to write a tool which lets me inspect the state of a PowerBuilder-based application. What I'm thinking of is something like Spy++ (or, even nicer, 'Snoop' as it exists for .NET applications) which lets me inspect the object tree (and properties of objects) of some PowerBuilder-based GUI.
I did the same for ordinary (MFC-based) applications as well as .NET applications already, but unfortunately I never developed an application in PowerBuilder myself, so I'm generally thinking about two problems at this point:
Is there some API (preferably in Java or C/C++) available which lets one traverse the
tree of visual objects of a PowerBuilder application? I read up a bit on the PowerBuilder Native Interface system, but it seems that this is meant to write PowerBuilder extensions in C/C++ which can then be called from the PowerBuilder script language, right?
If there is some API available - maybe PowerBuilder applications even expose some sort of IPC-enabled API which lets me inspect the state of a PowerBuilder object hierarchy without being within the process of the PowerBuilder application? Maybe there's an automation interface available, or something COM-based - or maybe something else?
Right now, my impression is that probably need to inject a DLL into the process of the PowerBuilder application and then gain access to the running PowerBuilder VM so that I can query it for the object tree. Some sort of IPC mechanism will then let me transport this information out of the PowerBuilder application's process.
Does anybody have some experience with this or can shed some light on whether anybody tried to do this already?
Best regards,
Frerich
First, the easy answer: I think what you're trying to do has been done, sort of. Rex from Enable does what I think you're after, but IIRC from talking with the developers, it depends on code hooks built into the application.
Which leads to the suggestion that I don't think you'll be able to do what I think you're trying to do completely externally from the application. You can grab window handles with WinAPIs and do some basic things with that, but not as much as you want. And getting information about DataWindows with WinAPIs? Forget it.
I believe I've heard of an API like the one you're asking about, but I've never heard of anyone other that automated testing software tool manufacturers getting their hands on it. If this is true (and the quality of this information is along the lines of "heard it in the hallway"), I suspect there might be some application security issues in letting this get out. (I know you'd never want to infect my application, or poke around and find out my secrets. grin)
Even with hooks into the PowerBuilder VM memory space, I'm not aware of being able to get a list of objects in memory without some PowerScript framework hooks (e.g. populating a list on every open and constructor with object handles). Once you've got a window handle, you can easily traverse its control arrays (and its subclasses control arrays) to get a list of objects on the window, but things like handles to NVO instance variables would be problematic.
I admire the idea. I wish I had better news (other than maybe Rex might solve your problem without the headaches of doing it yourself). Now I'm looking forward even more to what eran may release! grin
Good luck,
Terry.
I've just created such a tool, but I cheated a bit. Was actually about to ask the same question myself on the PB newsgroups. My solution is made of two parts:
Spy-like tool - a stand-alone app that like Spy++, i.e. lets you drag a target onto a control, using Windows API functions (though written in PB).
Internal infrastructure for target applications - located at the ancestor of all of the application's windows. Once given a certain (windows) handle, it goes through the Control[] array and looks for the control whose handle matches the given one. If necessary, it also recurses into control-containers such as tabs.
When the user selects a control, the spy tool first looks for its containing window using Windows API. When found, the tool sends a custom message to that window, which is then handled by the app's infrastructure. The control is then located in the PB app, and its details are finally sent back to the spy tool, which presents them to the user.
I suspect the infrastructure part can be replaced with some external thing, as I've seen tools that seem to be able to do that (Visual Expert, QTP). However, I haven't had the time to further investigate, and this solution was relatively easy to develop.
I've got to say, your question comes on a surprising timing. See this recent question of mine. If you're interested in the tool I've created, drop me a comment.