Expand description
§proc-connector
A safe, modern Rust wrapper for the Linux Process Event Connector
(netlink NETLINK_CONNECTOR + CN_IDX_PROC).
Provides full coverage of all 10+ kernel process event types via a type-safe, zero-overhead, and fully safe API.
§Quick start
// Create connector (requires CAP_NET_ADMIN)
let conn = ProcConnector::new().expect("create connector");
let mut buf = vec![0u8; 4096];
// Blocking receive with timeout
match conn.recv_timeout(&mut buf, Duration::from_secs(1)) {
Ok(Some(event)) => println!("got event: {event}"),
Ok(None) => println!("timeout"),
Err(e) => eprintln!("error: {e}"),
}§Async integration
let conn = ProcConnector::new().unwrap();
let raw_fd = conn.as_raw_fd();
// Use with tokio:
// let async_fd = tokio::io::unix::AsyncFd::new(conn).unwrap();§Design philosophy (inspired by fanotify-fid)
- Safe API: internal
unsafeis confined to protocol parsing; callers receive a fully safe interface. - Complete event coverage: all
PROC_EVENT_*variants are exposed as aProcEventenum with structured fields. - Zero-copy where possible: parsing happens only after a successful
recv, with buffer ownership left to the caller. - Async-ready:
as_raw_fd()exposes the underlying socket fd for integration withtokio::AsyncFd,mio, or other event loops. - No overreach: does NOT manage threads, cache
/procdata, or impose any event processing policy.
Structs§
- Netlink
Message Iter - Iterator over multiple netlink messages packed into a single receive buffer.
- Proc
Connector - A safe handle to a Linux Netlink Proc Connector socket.
Enums§
- Error
- Errors that can occur during proc connector operations.
- Proc
Event - A parsed process event from the Linux Proc Connector.
Constants§
- CN_
IDX_ PROC - Connector index for process events.
- CN_
VAL_ PROC - Connector value for process events.
- COMM_
DATA - COMM_
PID - COMM_
TGID - CONNECTOR_
MAX_ MSG_ SIZE - Maximum message size for the connector protocol.
- COREDUMP_
PARENT_ PID - COREDUMP_
PARENT_ TGID - COREDUMP_
PID - COREDUMP_
TGID - EXEC_
PID - EXEC_
TGID - EXIT_
CODE - EXIT_
PARENT_ PID - EXIT_
PARENT_ TGID - EXIT_
PID - EXIT_
SIGNAL - EXIT_
TGID - FORK_
CHILD_ PID - FORK_
CHILD_ TGID - FORK_
PARENT_ PID - FORK_
PARENT_ TGID - ID_
EUID_ EGID - ID_PID
- ID_
RUID_ RGID - ID_TGID
- NETLINK_
CONNECTOR - Netlink protocol family for the Connector.
- NETLINK_
NO_ ENOBUFS - NLMSG_
ALIGNTO - NLMSG_
DONE - NLMSG_
ERROR - NLMSG_
MIN_ TYPE - Minimum valid message type for application-specific messages.
- NLMSG_
NOOP - NLMSG_
OVERRUN - NLM_
F_ REQUEST - PROC_
CN_ MCAST_ IGNORE - Multicast operation: stop listening.
- PROC_
CN_ MCAST_ LISTEN - Multicast operation: start listening.
- PROC_
EVENT_ COMM - Process name (comm) changed.
- PROC_
EVENT_ COREDUMP - Process dumped core.
- PROC_
EVENT_ EXEC - A process executed a new program (exec).
- PROC_
EVENT_ EXIT - Process exited.
- PROC_
EVENT_ FORK - A process was forked.
- PROC_
EVENT_ GID - Real/effective GID changed.
- PROC_
EVENT_ HEADER_ SIZE - Offset from
proc_eventbase toevent_dataunion. - PROC_
EVENT_ PTRACE - ptrace attach/detach.
- PROC_
EVENT_ SID - Session ID changed.
- PROC_
EVENT_ UID - Real/effective UID changed.
- PTRACE_
PID - PTRACE_
TGID - PTRACE_
TRACER_ PID - PTRACE_
TRACER_ TGID - SID_PID
- SID_
TGID - SIZE_
CN_ MSG - Size of
struct cn_msgheader (excluding flexibledataarray). - SIZE_
COMM_ EVENT - SIZE_
COREDUMP_ EVENT - SIZE_
EXEC_ EVENT - SIZE_
EXIT_ EVENT - SIZE_
FORK_ EVENT - Per-event sub-structure sizes (all within the
event_dataunion): - SIZE_
ID_ EVENT - SIZE_
NLMSGHDR - Size of
struct nlmsghdrin bytes (without alignment). - SIZE_
PTRACE_ EVENT - SIZE_
SID_ EVENT
Functions§
- nlmsg_
align - Round
lenup to the nearest multiple ofNLMSG_ALIGNTO. - nlmsg_
hdrlen - Total header length of
nlmsghdrafter alignment. - nlmsg_
length - Full message length:
lenbytes of payload plus aligned header.
Type Aliases§
- Result
- Convenience alias for
Result<T, Error>.