I'm reading the list of running processes from /proc/. And from the file (status) I get some information I need about the process.
I need to know the user ID that started the process. In the status file I see two fields that are interesting to me: uid and gid. After reading on the Internet, I found out that uid is the user identifier, and gid is the group identifier.
please tell me how to read the value into the uid_t
type? So I can compare it with the value obtained from the geteuid()
function?
I need to select from the list of processes only processes launched by a specific user.
This is how I currently read information from the /proc/status file:
ProcessInfo getInfoFromFileByPID(char pid[], const char* filename)
{
printf("getInfoFromFileByPID param = %s %s\n", pid, filename);
char path[256];
FILE* fp;
char szFullLine[256];
size_t len;
ProcessInfo process;
uid_t uid = geteuid(); // получим идентификатор текущего пользователя
snprintf(path, sizeof(path), filename, pid);
fp = fopen(path, "r");
if (fp)
{
memset(szFullLine, 0x00, sizeof(szFullLine));
len = fread(szFullLine, sizeof(char), sizeof(szFullLine), fp);
fclose(fp);
if( len > 0 )
{
std::string str(szFullLine);
std::map<std::string, std::string> map = mappify(str);
if (map.find("Name") != map.end())
process.Name = map["Name"];
if (map.find("Pid") != map.end())
process.PID = std::stoi(map["Pid"]);
std::cout << "info: " << str << std::endl;
return process;
}
}
return process;
}
Please tell me where I can find out what IP addresses and ports the process uses? For example, if I launched Skype, I want to get the hostname where it sends data and the port.
The Uid:
field in /proc/PID/status
is indeed what you want. Linux however has not just one UID that is assigned to a process, but 4:
This is also the order in which the numbers in /proc/PID/status
Unless you are doing something weird when it comes to permissions, what you most likely want to use is either the real user id (first field) or the effective user id (second field). (getuid()
returns the real user id, geteuid()
returns the effective user id.)
So on a desktop Linux system, you'll most likely have a line in the form
Uid: 1000 1000 1000 1000
If you split that string and take the first number, that'll be your real user id, the second number the effective user id. For example, when you run sudo -i
, that'll have the following user ids:
Uid: 1000 0 0 0
The real user id 1000
indicates that the user with id 1000
started the program, but the other ids being set to 0
indicate that the program actually has root privileges. (Root is always uid 0
.)
As to the other part of your question: uid_t
is just an integer type, typically unsigned int
on modern Linux systems, which is a 32bit unsigned integer.