void CollectionMonitor::run()

in CollectionMonitor.cpp [37:110]

• 63 lines of code
• 26 McCabe index (conditional complexity)

void CollectionMonitor::run() {
    Logger::Info("CollectionMonitor started");

    if (_netlink.Open(nullptr) != 0) {
        Logger::Error("CollectionMonitor: Could not open NETLINK connect, exiting");
        return;
    }

    do {
        auto now = std::chrono::steady_clock::now();

        if (_pause_collector_check && now - _pause_time > std::chrono::seconds(3600)) {
            _pause_collector_check = false;
        }

        uint32_t audit_pid = 0;
        auto ret = NetlinkRetry([this,&audit_pid]() { return _netlink.AuditGetPid(audit_pid); });
        if (ret != 0) {
            // Treat NETLINK errors as unrecoverable.
            if (!IsStopping()) {
                Logger::Warn("CollectionMonitor: Failed to get audit pid from audit NETLINK: %s", std::strerror(-ret));
            }
            audit_pid = 0;
        }
        if (!PathExists("/proc/"+std::to_string(audit_pid))) {
            audit_pid = 0;
        }

        // Always get collector aliveness. This will ensure the child is reaped if it exits and won't be restarted.
        bool is_alive = is_collector_alive();

        if (!_pause_collector_check && !is_auditd_present() && !is_alive && audit_pid == 0) {
            start_collector();

            int netlink_errno = 0;
            while (!IsStopping() && audit_pid <= 0 && !_sleep(500) && std::chrono::steady_clock::now() - now < std::chrono::seconds(10)) {
                auto ret = NetlinkRetry([this,&audit_pid]() { return _netlink.AuditGetPid(audit_pid); });
                if (ret != 0) {
                    // Treat NETLINK errors as unrecoverable.
                    if (!IsStopping()) {
                        netlink_errno = -ret;
                    }
                    audit_pid = 0;
                } else {
                    netlink_errno = 0;
                    if (!PathExists("/proc/"+std::to_string(audit_pid))) {
                        audit_pid = 0;
                    }
                }
            }
            if (IsStopping()) {
                break;
            }
            if (netlink_errno != 0) {
                Logger::Warn("CollectionMonitor: Failed to get audit pid from audit NETLINK: %s", std::strerror(netlink_errno));
            } else {
                if (audit_pid == 0) {
                    if (check_child(false)) {
                        Logger::Warn("CollectionMonitor: Collector has not set itself as the audit pid after 10 seconds");
                    }
                }
            }
        }

        if (!IsStopping()) {
            if (audit_pid != _audit_pid || now - _last_audit_pid_report > std::chrono::seconds(3600)) {
                _last_audit_pid_report = now;
                _audit_pid = audit_pid;
                send_audit_pid_report(audit_pid);
            }
        }
    } while(!_sleep(10000));
    Logger::Info("CollectionMonitor stopping");
}