Commit Graph

5 Commits

Author SHA1 Message Date
Eduardo Damato
3fa04fa947 docs: add info on why eip and esp are zeroed out 2022-09-04 13:48:45 -03:00
Craig Small
8eee6cc48c misc: Update NEWS/man date for pgrep -A
Added NEWS item
Update pgrep.1 date

References:
 commit 4b44ab98c1
2022-08-31 17:43:17 +10:00
Chris Down
4b44ab98c1 pgrep: Add support for ignoring ancestors with -A/--ignore-ancestors
pgrep and friends naturally filter their own processes from their
matches. The same issue can occur when elevating with tools like sudo or
doas, where the elevating shim layers linger as a parent and are
returned in the results. For example:

    % sudo pkill -9 -cf someelevatedcmdline
    1
    zsh: killed     sudo pkill -9 -cf someelevatedcmdline

This is a situation we've actually seen in production, where some poor
soul changes how permission management works (for example with Linux's
hidepid option), needs to elevate a pgrep or pkill call, and now ends up
with more than they bargained for. Even after the issue is noticed,
resolving it requires reinventing some of the pgrep logic, which is
unfortunate.

This commit adds the -A/--ignore-ancestors option which excludes pgrep's
ancestors from the results:

    % sudo ./pkill -9 -Acf someelevatedcmdline
    0

We looks at multiple layers of the process hierarchy because, while
things like sudo only have one layer of shimming, some mechanisms (like
those found in a typical container manager like those found in Docker or
Kubernetes) may have many more.

Signed-off-by: Chris Down <chris@chrisdown.name>
2022-08-31 07:37:10 +00:00
Craig Small
2c3635b687 docs: Update manpages
Change include directory <procps/ -> <libproc2/
Change link instruction -lproc-2 -lproc2
2022-08-29 20:56:43 +10:00
Craig Small
8e889ae682 build-sys: Rearrange the manual pages
All man pages are found in ./man
man-po -> po-man

References:
 https://www.freelists.org/post/procps/Next-for-newlib,3

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2022-08-29 18:07:43 +10:00