Commit Graph

135 Commits

Author SHA1 Message Date
Craig Small
95a253aa6e pgrep: Better warning if pidfd_open not implemented
If procps is built on a Linux 5.3+ system then pidwait
is built with pidfd_open(). If that program is run on
a system < 5.3 then it gives an odd generic error.

If we get a ENOSYS from one pid, we will get it for all
the others so its better to explain what happens and terminate.

The man page is updated to note this issue.

This came up due to killall in psmisc using pidfd_send_signal

References:
 https://bugs.debian.org/1015228

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2022-07-18 20:51:41 +10:00
Jim Warner
9b80d47df5 pgrep: adapted to the library changes for 'TIME' stuff
The library refactored 'TIME' items for consistency so
we must adapt to some new data types and calculations.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2022-02-27 21:27:02 +11:00
Craig Small
bcb837b8c7 First cut at subset=pid proc mount handling
The procfs mount option subset=pid only shows the processes, not things
such as /proc/stat etc.

For certain programs, this should mean they still work, but have reduced
functionality. This is the first cut at some of them.

pgrep - Removed always loading uptime which we never used anyway. The
program now works fine unless we use --older. Add note in man page
stating it will silently fail.

ps - Load boot time and memory total only when required instead of
always. Changed the error messages to something the user actually
cares about "can't get system boot time" vs "create a structure".
Works for most fields except starts and percent memory.

uptime - Give more useful error messages if uptime not available.

vmstat - move header generation after testing for required proc
files, makes the default output more consistent with the rest
of the options.

References:
 procps-ng/procps#227
 https://www.kernel.org/doc/html/latest/filesystems/proc.html#chapter-4-configuring-procfs
 6814ef2d99

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2021-12-16 20:36:00 +11:00
Craig Small
2e0e865ca5 pgrep: Fix format security
do_regcomp() error message didn't use a string literal for the format string.

pgrep.c:538:24: error: format not a string literal and no format arguments
[-Werror=format-security]

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2021-11-02 17:19:37 +11:00
Craig Small
4cfb0fb763 pgrep: Match on cgroup v2 paths
You can match or filter on cgroup paths. Currently the match is only
done for version 2 cgroups because these are way simpler as they have
a unified name and always start with "0::".

cgroup v1 can have:
 named groups "1:name=myspecialname:"
 controllers "9:blkio:"
 multiple controllers! "4:cpu,cpuacct:"

So they are very much more complicated from a options parsing and
cgroup matching point of view.

In addition, both my Debian bookworm and bullseye systems use
v2 cgroups.

$ ./pgrep --cgroup /system.slice/cron.service
760

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2021-10-26 20:56:19 +11:00
Todd Lewis
e500ba6d97 fix uid/gid > 2^31
This MR revisits a partial fix from 2018. The problem stems from incorrect
handling of unsigned 32-bit uid_ts and gid_ts as signed when values are
large - i.e. when the high bit is set. In that case, pgrep and pkill fail to
identify processes by uid. (They succeed when finding the same processes by
username.) The primary fix for this is to impliment the "FIXME" comment in
proc/readproc.h, the implementation of which allows the removal of the (int)
casts from the partial fix from 2018.

The other fixed code in this MR consists of tests in strict_atol() that
detects and errors out on overflows.

References:
 Merge !146
2021-10-26 18:13:48 +11:00
Tom Levy
2737850e66 pgrep: Add a newline after regex error messages
The message from 'regerror' does not include a newline.

Test with `pgrep '*'`.

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2021-09-15 20:53:12 +10:00
Craig Small
992b8b64f4 pkill: Add lt- variants
The pgrep code checks to see if the program is run as pkill or pidwait
and changes its behaviour accordingly.  Some older versions of libtool
run the programs as lt-pkill and lt-pidwait which means the tests fail.

We add these two program names to the checks.

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2021-04-05 14:40:00 +10:00
Craig Small
0864cf9a68 pidwait: Add missing name change line
Missed one of the lines that changes from pwait to pidwait
in referenced commit.

References:
 commit 9c1a62b637
2021-02-16 06:48:51 +11:00
Craig Small
9c1a62b637 pidwait: Rename from pwait
pwait is already in at least Debian in a different package

References:
 https://bugs.debian.org/982391
2021-02-15 21:55:05 +11:00
Jim Warner
423297c9db all: make buildable again for new 'misc.h' header file
With the 4 header files removed in the previous patch,
this commit just changes all those obsolete references
to that new consolidated 'misc.h' header file instead.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2021-01-21 17:30:25 +11:00
Craig Small
048820fde3 pgrep: Remove memory leak
This is part of !118 where @tt.rantala found a memory leak.
The other part of !118 may come later if the performance change
is significant.

References:
 procps-ng/procps!118
2020-12-22 16:14:56 +11:00
Craig Small
6bbb0bfc80 pgrep: fix missed change
I missed one change from the commit in the master branch meaning
pgrep would not compile.

References:
 commit c8384e682c
2020-12-22 14:25:56 +11:00
Alex Xu (Hello71)
c8384e682c pgrep: add pwait 2020-12-22 13:13:32 +11:00
Jim Warner
1aa8b16441 library: eliminated the questionable 'procps.h' header
There was a time when that procps.h file served a more
traditional role. Prior to the commit referenced below
it held just macros plus manifest constants. But, with
that change, such items were replaced with a series of
includes embracing all the library exported functions.

That approach was known to disguise errors which would
have otherwise yielded a compiler warning. And without
such a warning, there was no way to address the error.

So this patch will trade the all inclusive header file
approach for individual includes only where necessary.

Reference(s):
. April 2016, procps.h header file revamped
commit ccb6ae8de1
. Sept 2018, top abandoned use of procps.h
commit a6dfc2382e

Signed-off-by: Jim Warner <james.warner@comcast.net>
2020-07-05 21:13:01 +10:00
Jim Warner
c8864e8010 misc: eliminate a couple of miscellaneous gcc warnings
This commit just address the two warnings shown below.

Reference(s):
pgrep.c: In function `select_procs':
pgrep.c:535:12: warning: variable `now' set but not used [-Wunused-but-set-variable]
  535 |     time_t now;
      |            ^~~

pidof.c: In function `select_procs':
pidof.c:201:9: warning: `stat_cmd' may be used uninitialized in this function [-Wmaybe-uninitialized]
  201 |        !strcmp(program, stat_cmd) ||
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~

Signed-off-by: Jim Warner <james.warner@comcast.net>
2020-07-05 21:13:01 +10:00
Craig Small
9f751a7538 pgrep: Allow older than selection
Re-work merge request !79 of @edneville to permit older than
selection using the new library API.

References:
 procps-ng/procps!79
2020-05-17 23:00:27 +10:00
Arun Chandrasekaran
89392e67a9 pgrep: use sigqueue to pass value with the signal.
Based on the command line option, use 'sigqueue'
instead of 'kill' to pass the integer value with
the signal.

References:
 procps-ng/procps!32

Signed-off-by: Craig Small <csmall@dropbear.xyz>
2020-05-11 16:59:14 +10:00
Todd Lewis
3c079c821a Fix user and group name to number conversion for uid/gid above 2^31. 2020-04-24 17:36:27 +10:00
Craig Small
416b91836a pgrep: check sanity of SC_ARG_MAX
A kernel change means we cannot trust what sysconf(SC_ARG_MAX)
returns. We clamp it so its more than 4096 and less than 128*1024
which is what findutils does.

References:
 procps-ng/procps#152
 https://git.savannah.gnu.org/cgit/findutils.git/tree/lib/buildcmd.c#n535
 https://lwn.net/Articles/727862/
 commit bb96fc4295
2020-01-05 15:19:41 +11:00
Craig Small
61b627d53c pgrep: Use POSIX _SC_ARG_MAX for maximum full command line length
Modified for newlib but based upon patch in master by
Clay Baenziger <cwb@clayb.net>

References:
    commit f9e56d3c66
    procps-ng/procps!85
2019-09-21 16:58:30 +10:00
ed
7b4ad698cc pgrep.c: Match based on process run state for issue 109
References:
 procps-ng/procps#109
2019-03-20 20:59:00 +11:00
Qualys Security Advisory
df0e1a13ab 0007-pgrep: Always null-terminate the cmd*[] buffers.
Otherwise, man strncpy: "If there is no null byte among the first n
bytes of src, the string placed in dest will not be null-terminated."
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
8e6d11a928 0006-pgrep: Initialize the cmd*[] stack buffers.
Otherwise (for example), if the (undocumented) opt_echo is set, but not
opt_long, and not opt_longlong, and not opt_pattern, there is a call to
xstrdup(cmdoutput) but cmdoutput was never initialized:

sleep 60 & echo "$!" > pidfile
env -i LD_DEBUG=`perl -e 'print "A" x 131000'` pkill -e -c -F pidfile | xxd
...
000001c0: 4141 4141 4141 4141 4141 4141 4141 4141  AAAAAAAAAAAAAAAA
000001d0: 4141 4141 4141 4141 fcd4 e6bd e47f 206b  AAAAAAAA...... k
000001e0: 696c 6c65 6420 2870 6964 2031 3230 3931  illed (pid 12091
000001f0: 290a 310a                                ).1.
[1]+  Terminated              sleep 60

(the LD_DEBUG is just a trick to fill the initial stack with non-null
bytes, to show that there is uninitialized data from the stack in the
output; here, an address "fcd4 e6bd e47f")
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
ac85587773 0005-pgrep: Simplify the match_*() functions. 2018-06-23 21:59:14 +10:00
Qualys Security Advisory
8e3e77910d 0004-pgrep: Replace buf+1 with buf in read_pidfile().
Unless we missed something, this makes it unnecessarily difficult to
read/audit.
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
9cfc1b8c1f 0003-pgrep: Replace ints with longs in strict_atol().
atol() means long, and value points to a long.
2018-06-23 21:59:14 +10:00
Qualys Security Advisory
7c9a7d7cfe 0002-pgrep: Prevent integer overflow of list size.
Not exploitable (not under an attacker's control), but still a potential
non-security problem. Copied, fixed, and used the grow_size() macro from
pidof.c.

Signed-off-by: Craig Small <csmall@enc.com.au>
2018-06-23 21:59:14 +10:00
Jim Warner
0e5c4373f4 Revert Support running with child namespace (catch up)
--------------- Original Master Branch Commit Message:
This reverts commit dcb6914f11.

This commit broke a lot of scripts that were expecting to see all
programs. See #91

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-05-06 07:19:38 +10:00
Jim Warner
ac73415e32 pgrep: Don't segfault with no match _______ (catch up)
--------------- Original Master Branch Commit Message:
If pgrep is run with a non-program name match and there are
no matches, it segfaults.

The testsuite thinks zero bytes sent, and zero bytes sent
because the program crashed is the same :/

References:
 commit 1aacf4af7f
 https://bugs.debian.org/894917

Signed-off-by: Jim Warner <james.warner@comcast.net>
2018-05-06 07:19:38 +10:00
Debabrata Banerjee
0e39102f75 Support running with child namespaces
By default pgrep/pkill should not kill processes in a namespace it is not
part of. If this is allowed, it allows callers to break namespaces they did
not expect to affect, requiring rewrite of all callers to fix.

So by default, we should work in the current namespace. If --ns 0 is
specified, they we look at all namespaces, and if any other pid is specified
we continue to look in only that namespace.

Signed-off-by: Debabrata Banerjee <dbanerje@akamai.com>

References:
 procps-ng/procps!41
2018-03-03 18:08:32 +11:00
Craig Small
ff05573f0d pkill: Return 0 if successfully killed process
Original report:
When trying kill a process with insufficient privileges (see blow),
pkill displays the error message “... failed: Operation not permitted”,
but returns 0. Surely it should return 3?

$ pkill syslogd ; echo $?
pkill: killing pid 373 failed: Operation not permitted
0

Return value 0 means one of more things matched. For a pgrep (which
shares code with pkill) this makes sense, there was a match. It seems
wrong for pkill to return 0 when it in fact could not do what you told
it to.  However return value 3 means a fatal error and it's not fatal.

Looking at other programs when trying to kill things it cannot kill.
shell kill returns 1, procps kill returns 1, killall returns 1, skill
returns 0 (and says it was successful!, ah well poor old skill)

The consensus seems to be that you return 1 if you cannot kill it, even
if you found it. In other words the return value for both not found and
not able to kill it is the same.

pkill only returns 0 if something was killed. This means we found a
match AND the kill() system call worked too.

References:
 https://bugs.debian.org/852758

Signed-off-by: Craig Small <csmall@enc.com.au>
2017-02-04 12:00:24 +11:00
Jan Rybar
9252a04eae pgrep: warning about 15+ chars name only if zero matches found
This avoids situations where longer regex which matches short-named proc
is used. Test for pgrep updated.

This is the newlib update of 5d12be1b7e8cc690a4d8778754aae5db4c07db2b
Signed-off-by: Craig Small <csmall@enc.com.au>
2017-01-26 16:52:23 +11:00
Craig Small
34d040a079 pgrep: add warning that pattern exceeeds 15 chars
Add a warning if you specify a command over 15 characters and don't
use the -f command.

This is a pick of two patches from master:
 24fd260 pgrep: Fix off by one error in line check
 4a7f9fc pgrep - adds warning that pattern exceeds 15 chars without

References:
 !25
2016-09-11 10:40:47 +10:00
Jim Warner
c0f33884b5 pgrep: fixup inconsistencies in result type references
Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-08-11 07:56:00 +10:00
Jim Warner
e0515e23e7 related: respond to VAL macro addition of context parm
Since the VAL macro now requires a 4th parameter, this
commit simply adds the 'info' context structure to it.

In some cases, that context structure needed to become
global, since it was referenced in multiple functions.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-08-07 21:40:48 +10:00
Jim Warner
612f36189e related: change for lost 'PROCPS_' enumerator prefixes
With this patch we've completed a progression toward a
standard approach to naming conventions which follows:

* Only functions will begin with that 'procps_' prefix
. ........................................... examples
. procps_vmstat_get ()
. procps_diskstats_select ()
- ----------------------------------------------------

* Exposed structures begin with the module/header name
. ........................................... examples
. struct pids_info
. struct stat_reaped
- ----------------------------------------------------

* Item enumerators begin like structs, but capitalized
. ........................................... examples
. VMSTAT_COMPACT_FAIL
. MEMINFO_DELTA_ACTIVE

[ slabinfo varies slightly due to some item variants ]
. SLABINFO_extra
. SLABS_SIZE_ACTIVE
. SLABNODE_OBJS_PER_SLAB
[ could cure with a prefix of SLABINFO, but too long ]
- ----------------------------------------------------

* Other enumerators work exactly like item enumerators
. ........................................... examples
. PIDS_SORT_ASCEND
. STAT_REAP_CPUS_AND_NODES
- ----------------------------------------------------

* Macros and constants begin just like the enumerators
. ........................................... examples
. #define SLABINFO_GET
. #define DISKSTATS_TYPE_DISK
- ----------------------------------------------------

Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-07-26 20:49:44 +10:00
Jim Warner
d7cbf3448f related: adapt to changes in 'context' structure names
Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-07-26 20:47:50 +10:00
Jim Warner
56def1cbac misc: adapt others to changes in interface, <PIDS> api
I've got nothing to add to the commit message but that
doesn't mean I won't produce perfectly justified text.

Signed-off-by: Jim Warner <james.warner@comcast.net>
2016-05-16 19:58:20 +10:00
Craig Small
ad13b4badb pgrep: some coverity fixes
procps_ns_get_id should be checked for < 0 not -1
strncpy should copy only to buflen-1 not buflen

References:
  Coverity 99117, 99108, 99107
2016-04-27 22:50:25 +10:00
Craig Small
ccb6ae8de1 library: cleanup of library includes
The includes used to define a lot of things a library include
should not. It was also a bit messy what was exposed in the library
and what was not.

get_pid_digits -> procps_pid_length and exported correctly

MALLOC attribute move into relevant .c files
NORETURN attribute moved to relevant .c, not used in library
PURE attribute removed, it wasn't used
KLONG/KLF/STRTOUKL were fixed for long, so now just use long

HIDDEN attribute removed. It was for 3 functions. The PROCPS_EXPORT
seems to do the same (opposite) thing.

likely/unlikely removed from most places, its highly debateable
this does anything useful as CPUs have gotten smarter about branches.

Re-arranged the includes, ALL external programs should just #include
<proc/procps.h> then proc/procps.h includes headers for files that
have exported functions. procps.h and the headers it includes should
not use items that are not exportable (e.g. hidden functions or
macros) they go in procps-private.h
2016-04-16 17:03:57 +10:00
Filipe Brandenburger
a3975a9c60 pkill: reject -signal number with trailing garbage
This commit prevents pkill from accepting something like `-1garbage` as
a SIGHUP. The previous code was using atoi() which does not check for
trailing garbage and would parse the above as 1.

Handling numeric signals in signal_option() is not really necessary,
since signal_name_to_number() will recognize numeric signals and parse
them properly using strtol() and checking for trailing garbage. It also
checks that the numeric signals are in the proper range. So all we need
to do is remove the buggy numeric signal handling here.

Tested with `pkill -1garbage sleep`, after this patch it will complain
that "1" is not a valid option, which is the expected.

Signed-off-by: Filipe Brandenburger <filbranden@google.com>

Ported-by: Jim Warner <james.warner@comcast.net>
From original:
commit 9646f7cba4
2015-10-14 21:24:38 +11:00
Jim Warner
a5051b7ef3 pgrep: a few tweaks to the <pids> interface conversion
Signed-off-by: Jim Warner <james.warner@comcast.net>
2015-10-05 20:30:40 +11:00
Craig Small
2af3617b8d pgrep:Remove the a?b:c for threads or no threads 2015-09-26 14:47:56 +10:00
Craig Small
492a2c64db pgrep: remove commented old code
pgrep had old API code commented out, its now removed.
2015-09-26 14:34:51 +10:00
Craig Small
f37e5eec96 pgrep: use tty_name
pgrep used to extract tty and then convert to a name. As the library
does this for you now there is no need for the double step.
2015-09-26 08:31:06 +10:00
Craig Small
b5e3c5e835 pgrep: Use new library API
Change pgrep to use new library API. Threads now use their own
name instead of parent process.  Updated man page to make note
of it.
2015-09-26 08:19:32 +10:00
Craig Small
a61f78d6e0 library: rework namespace calls
Functions related to namespaces were half-in half-out of the
procps library and didn't fit the standard naming scheme.

While struct { long ns[x]} is a bit clunky, its the only way
to "lock in" x. The alternative is to use ns_* variables.

This work was needed before pgrep could be converted.
2015-09-03 22:32:19 +10:00
Craig Small
56399212c8 library: Remove signal name from library
Procps library previously held functions that were about either
listing or finding signal names. These are not really the right
location for a library about reading procfs.

This patch handles signal related functions in two ways:

For functions purely found in skill, these have been moved back
into this binary as they are used nowhere else.

For functions used across the binaries, these have been moved
into include/signals.h and lib/signals.c. Besides formatting,
these functions are largely the same.

To assist the skill functions, two functions to access the
signal map array have been added to lib/signals.c
2015-06-29 21:52:51 +10:00
Craig Small
505f257a8c library: remove procps_version functions
It doesn't make any sense to have the binary version strings
embedded into the library. The version strings are defined
already either in the Makefile or in include/c.h
2015-06-18 22:37:24 +10:00