{"id":13446257,"url":"https://github.com/defuse/swatd","last_synced_at":"2025-04-04T15:10:59.047Z","repository":{"id":8971692,"uuid":"10714527","full_name":"defuse/swatd","owner":"defuse","description":"Run a script when one or more sensors fail.","archived":false,"fork":false,"pushed_at":"2017-01-10T23:29:28.000Z","size":38,"stargazers_count":870,"open_issues_count":2,"forks_count":44,"subscribers_count":42,"default_branch":"master","last_synced_at":"2024-10-14T12:09:51.880Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/defuse.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2013-06-16T02:12:00.000Z","updated_at":"2024-10-08T19:22:27.000Z","dependencies_parsed_at":"2022-09-10T01:51:20.891Z","dependency_job_id":null,"html_url":"https://github.com/defuse/swatd","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/defuse%2Fswatd","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/defuse%2Fswatd/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/defuse%2Fswatd/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/defuse%2Fswatd/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/defuse","download_url":"https://codeload.github.com/defuse/swatd/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247198463,"owners_count":20900080,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-07-31T05:00:49.621Z","updated_at":"2025-04-04T15:10:59.027Z","avatar_url":"https://github.com/defuse.png","language":"C","funding_links":[],"categories":["C"],"sub_categories":[],"readme":"SWATd\n=====\n\n[![Build Status](https://travis-ci.org/defuse/swatd.svg?branch=master)](https://travis-ci.org/defuse/swatd)\n\nSWATd lets you configure 'sensors' that check your PC's external environment.\nWhen enough sensors 'fail', SWATd will run a script for you.\n\nSensors are commands or scripts that get executed repeatedly. A sensor is said\nto fail when its exit code makes a transition from zero (working) to non-zero\n(not working). This makes configuration easy and powerful. For example, you can\nmake a sensor that checks if your website is online, and then make a command to\nalert you when the sensor fails.\n\nSWATd was originally written as a tool to defend against theft by criminals or\nto detect when your computer is captured by police. For example, you can set\na sensor to detect if your WiFi network is in range, and when it goes out of\nrange, automatically unmount encrypted volumes. So if someone steals your laptop\nfrom your house, your files will be safe. Since SWATd only counts the failure\nwhen the sensor *changes* from a \"WiFi in range\" state to a \"WiFi out of range\"\nstate, if you use your laptop somewhere else, you don't need to worry about\ndisabling SWATd every time you leave your house.\n\n**WARNING:** While this may be helpful for some, there are significant risks.\nFor one, in some countries, including the United States, you could go to jail on\nobstruction of justice charges just for *running* SWATd, even though you are\ninnocent. Second, SWATd is not perfect: law enforcement or a smart thief can\nstill dump your RAM, thus getting your encryption keys, before doing anything\nthat would make a sensor fail. Use with caution, and consult an attorney first.\n**It's most likely the case that if you find yourself needing to rely on SWATd,\nthen you have already lost.**\n\nBuilding and Installing\n-----------------------\n\nTo build SWATd, `cd` into the source code directory and run `make`. This will\ncreate a `swatd` executable. If you want to install it as a daemon, refer to\nyour operating system's manuals. To run SWATd from a terminal (non-daemon), pass\nthe `-s` option.\n\n### Arch Linux\n\nTo install SWATd on Arch Linux, copy `swatd` into `/usr/local/bin`:\n\n    # make\n    # install swatd /usr/local/bin/\n\nCreate the configuration file (See the Configuration section below):\n\n    # mkdir /etc/swatd\n    # chmod 700 /etc/swatd\n    # vim /etc/swatd/swatd.conf\n\nIf you want SWATd to start when you boot, add the following to\n`/etc/systemd/system/swatd.service`.\n\n    [Unit]\n    Description=SWATd\n    \n    [Service]\n    Type=forking\n    PIDFile=/var/run/swatd.pid\n    ExecStart=/usr/local/bin/swatd -p /var/run/swatd.pid\n    Restart=on-abort\n    \n    [Install]\n    WantedBy=multi-user.target\n\nThen run:\n\n    # systemctl enable swatd.service\n    # systemctl start swatd.service\n\nYou can check the status of SWATd by running:\n\n    # systemctl status swatd.service\n\nRead SWATd's log entries by running:\n\n    # journalctl /usr/local/bin/swatd\n\n### Debian \n\nTo install SWATd on Debian, copy `swatd` into `/usr/local/bin`:\n\n    # make\n    # install swatd /usr/local/bin/\n\nCreate the configuration file (See the Configuration section below):\n\n    # mkdir /etc/swatd\n    # chmod 700 /etc/swatd\n    # vim /etc/swatd/swatd.conf\n\nThen copy `swatd.init` to `/etc/init.d/` and enable it:\n\n    # cp swatd.init /etc/init.d/swatd\n    # update-rc.d swatd defaults\n\nConfiguration\n-------------\n\nBy default, SWATd looks for a configuration file in `/etc/swatd/swatd.conf`.\nAlternatively, you can provide a configuration file path to SWATd with the `-c`\noption. In any case, the configuration file must not be world writable, or SWATd\nwill refuse to run.\n\nThe configuration file syntax is extremely simple. There are only three options:\n`interval`, `threshold`, and `execute`. To set a value for one of the options,\nbegin a line with its name, followed by a colon, followed by the value.\nEverything after a '#' is treated as a comment (ignored). Blank lines are\nignored. All other lines define a sensor command.\n\n`interval` is the number of seconds to wait between sensor checks. `threshold`\nis the number of sensors that must fail before assuming you are being raided.\n`execute` is the command to execute when you are being raided.\n\nHere is an example configuration file:\n\n    # This configuration makes SWATd continually check if /tmp/foobar exists. If\n    # /tmp/foobar stops existing (goes from existing to not existing), SWATd will\n    # write some text to the file /tmp/ran.\n    \n    # =============================================================================\n    # The number of seconds to wait between sensor checks.\n    # =============================================================================\n    interval: 30\n    \n    # =============================================================================\n    # The number of sensors that must 'fail' at the same time.\n    # =============================================================================\n    threshold: 1\n    \n    # =============================================================================\n    # The command to execute when 'threshold' sensors fail.\n    # =============================================================================\n    execute: echo \"haiii\" \u003e /tmp/ran\n    \n    # =============================================================================\n    # Sensor commands.\n    # A sensor has 'failed' when the exit code transisions from zero to non-zero.\n    # If a sensor's exit code is transitions from zero to 255, the command will be \n    # executed immediately regardless of the 'threshold' setting, and the failure\n    # count will not be incremented.\n    # WARNING: Sensor commands MUST terminate.\n    # =============================================================================\n    \n    test -e /tmp/foobar\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdefuse%2Fswatd","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdefuse%2Fswatd","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdefuse%2Fswatd/lists"}