proc-connector
Linux Process Event Connector — safe, zero-overhead, full-coverage parser for all PROC_EVENT_* types.
Overview
proc-connector provides a safe, efficient Rust interface to Linux's Process Event Connector (NETLINK_CONNECTOR + CN_IDX_PROC). It parses all 10+ PROC_EVENT_* types including exec, fork, exit, uid/gid changes, ptrace, and more. The library offers zero-overhead abstractions with comprehensive error handling and async integration support.
Why proc-connector?
Unlike other process monitoring solutions that rely on polling /proc or using incomplete netlink implementations, proc-connector provides complete coverage of all kernel process events with a type-safe API. It handles the complexities of netlink protocol parsing, message alignment, and error recovery internally, letting you focus on reacting to process lifecycle events. For system tools that need real-time process monitoring without the overhead of polling, proc-connector offers the most complete and ergonomic Rust interface to Linux's proc connector.
Usage
Add to your Cargo.toml:
[]
= "0.1.6"
Requirements
- Linux kernel with
CONFIG_CONNECTORandCONFIG_PROC_EVENTSenabled CAP_NET_ADMINcapability (run as root or withcap_net_admin+ep)
The crate compiles on any platform, but all runtime operations require a Linux
kernel with proc connector support. Non-Linux platforms will fail at runtime
with Error::Os(ENOSYS).
Quick start
use ProcConnector;
use Duration;
// Requires CAP_NET_ADMIN
let conn = new.expect;
let mut buf = ;
loop