Read files to scan from stdin to use find for excluding of files, folders and mount points #42
Description
It would be great if the files to be scanned could be read from stdin.
This would open up a whole new set of possibilities together with find.
Example:
find / -xdev -type f | java -jar log4j-detector-2021.12.16.jar --stdin
This would scan all files in the local root filesystem, but omit /dev, /proc, etc. and all NFS mounts.
Using find, the following issues would be easy to solve: #11, #39 and #40,
Metadata
Metadata
Assignees
Labels
No labels
Type
Projects
Milestone
Relationships
Development
Participants
Activity
findfor excluding of files, folders and mount points #43zhurkin commentedon Dec 17, 2021
The find on large volumes just freezes . It is better to make an explicit exception in the program
beckerr-rzht commentedon Dec 17, 2021
I don't know such problems with
find, but I just want to scan files on all local filesystems only.For example I'm actually using this
findoptions:beckerr-rzht commentedon Dec 18, 2021
The current precompiled version 2021.12.17 supporting
--stdinis here:https://github.com/beckerr-rzht/log4j-detector/raw/master/log4j-detector-2021.12.17.jar
juergenhoetzel commentedon Dec 19, 2021
You can build and execute command lines from standard input using
xargs:beckerr-rzht commentedon Dec 19, 2021
Note the following when using
xargs:Using
xargscan always be slower if many files are passed, because the java process may have to be started several times.When using
xargs, parameters and environment variables together may only occupy a maximum of 4096 bytes in the worst case. The size of the environment ofrootis around 2000 bytes (depending on operating system and configuration).A "medium" installation of Ubuntu Desktop has about 400000 files.
This would result in the following comparison:
--stdinthe java process is started exactly once.--stdinxargsstarts the java process about 10000 times.But this is of course only the worst case, which should occur rarely.
The actual values of the particular system are provided by
xargs --show-limits.But
xargshas one advantage in any case:The parameter
-Pallows to run several processes in parallel.So e.g.:
... will start 8 processes scanning in parallel. Here
-rprevents the process from being started without parameters and-n100determines that 100 arguments are passed at a time.Provided you have enough CPU, this could speed up the detector scan.
However, in such cases the tool
parallelshould be preferred, because it is much more flexible.Regardless, I hope that my pull request #43 will be accepted.
[-]Read file to scan from stdin[/-][+]Read files to scan from stdin to use `find` for excluding of files, folders and mount points[/+]juliusmusseau commentedon Dec 20, 2021
I did this in my own way. See v2021.12.20 which adds a new --stdin flag.
findfor excluding of files, folders and mount points #75