diff options
author | Leah Neukirchen <leah@vuxu.org> | 2018-06-19 17:03:59 +0200 |
---|---|---|
committer | Leah Neukirchen <leah@vuxu.org> | 2018-06-19 17:03:59 +0200 |
commit | 14818ae3e1f41a9266def200dcbd170ea6b51a3e (patch) | |
tree | 8d3b96bcb3fee75ab1a53689649f26e56efd9be2 | |
parent | e69c98b6ec3c0ab68f85394c3e3535110c5c83b5 (diff) | |
download | extrace-14818ae3e1f41a9266def200dcbd170ea6b51a3e.tar.gz extrace-14818ae3e1f41a9266def200dcbd170ea6b51a3e.tar.xz extrace-14818ae3e1f41a9266def200dcbd170ea6b51a3e.zip |
add -u to print owner of process
-rw-r--r-- | README | 6 | ||||
-rw-r--r-- | extrace.1 | 6 | ||||
-rw-r--r-- | extrace.c | 20 |
3 files changed, 26 insertions, 6 deletions
diff --git a/README b/README index c030e9f..ca55be0 100644 --- a/README +++ b/README @@ -4,7 +4,7 @@ NAME extrace – trace exec() calls system-wide SYNOPSIS - extrace [-deflqt] [-o file] [-p pid | cmd ...] + extrace [-deflqtu] [-o file] [-p pid | cmd ...] DESCRIPTION extrace traces all program executions occurring on a system. @@ -25,6 +25,8 @@ DESCRIPTION -t Also display process exit status and duration. + -u Also display the user running the process. + -o file Redirect trace output to file. @@ -68,4 +70,4 @@ BUGS LICENSE extrace is licensed under the terms of the GPLv2. -Void Linux June 13, 2016 Void Linux +Void Linux June 19, 2018 Void Linux diff --git a/extrace.1 b/extrace.1 index d84050c..7cec42d 100644 --- a/extrace.1 +++ b/extrace.1 @@ -1,4 +1,4 @@ -.Dd June 13, 2016 +.Dd June 19, 2018 .Dt EXTRACE 1 .Os .Sh NAME @@ -6,7 +6,7 @@ .Nd trace exec() calls system-wide .Sh SYNOPSIS .Nm -.Op Fl deflqt +.Op Fl deflqtu .Op Fl o Ar file .Op Fl p Ar pid | cmd\ ... .Sh DESCRIPTION @@ -35,6 +35,8 @@ Suppress printing of arguments. .It Fl t Also display process exit status and duration. +.It Fl u +Also display the user running the process. .It Fl o Ar file Redirect trace output to .Ar file . diff --git a/extrace.c b/extrace.c index a1ec370..b7eb37e 100644 --- a/extrace.c +++ b/extrace.c @@ -3,7 +3,7 @@ * Requires CONFIG_CONNECTOR=y and CONFIG_PROC_EVENTS=y. * Requires root or "setcap cap_net_admin+ep extrace". * - * Usage: extrace [-deflq] [-o FILE] [-p PID|CMD...] + * Usage: extrace [-deflqu] [-o FILE] [-p PID|CMD...] * default: show all exec(), globally * -p PID only show exec() descendant of PID * CMD... run CMD... and only show exec() descendant of it @@ -13,6 +13,7 @@ * -f flat output: no indentation * -l print full path of argv[0] * -q don't print exec() arguments + * -u print user of process * * Copyright (C) 2014-2018 Leah Neukirchen <leah@vuxu.org> * @@ -56,11 +57,13 @@ #include <linux/netlink.h> #include <sys/socket.h> +#include <sys/stat.h> #include <sys/types.h> #include <sys/wait.h> #include <fcntl.h> #include <limits.h> +#include <pwd.h> #include <signal.h> #include <stdint.h> #include <stdio.h> @@ -93,6 +96,7 @@ int show_args = 1; int show_cwd = 0; int show_env = 0; int show_exit = 0; +int show_user = 0; FILE *output; sig_atomic_t quit = 0; #define CPU_MAX 4096 @@ -350,6 +354,17 @@ handle_msg(struct cn_msg *cn_hdr) strncpy(pid_db[i].cmdline, cmdline, CMDLINE_DB_MAX-1); pid_db[i].cmdline[CMDLINE_DB_MAX-1] = 0; } + if (show_user) { + struct stat st; + struct passwd *p; + + if (fstat(proc_dir_fd, &st) < 0) + st.st_uid = -1; + if ((p = getpwuid(st.st_uid))) + fprintf(output," <%s>", p->pw_name); + else + fprintf(output," <%d>", st.st_uid); + } putc(' ', output); if (show_cwd) { print_shquoted(cwd); @@ -429,7 +444,7 @@ main(int argc, char *argv[]) output = stdout; - while ((opt = getopt(argc, argv, "+deflo:p:qtw")) != -1) + while ((opt = getopt(argc, argv, "+deflo:p:qtwu")) != -1) switch (opt) { case 'd': show_cwd = 1; break; case 'e': show_env = 1; break; @@ -446,6 +461,7 @@ main(int argc, char *argv[]) } break; case 'w': /* obsoleted, ignore */; break; + case 'u': show_user = 1; break; default: goto usage; } |