All geek questions in one place

Get cmdline of a process in MAC os from another C executable

I would like to know if there is a sys call that gets the identifier of the remote process and returns it on the MAC OS x command line (the equivalent in linux is / proc / PID / cmdline.

I could use the following method to read the output of 'px ax PID' from a file, but I believe there is a cleaner way.

enter code here
char sys_cmd[PATH_MAX];
snprintf(sys_cmd, PATH_MAX, "ps ax %d", pid);

fp = popen(sys_cmd, "r");
while (fgets(res, sizeof(res)-1, fp) != NULL) {
    printf("%s", res);
}
pclose(fp);

thank

+4
source share
1 answer

Depending on what you want to do, you can do something like the following with proc_pidinfo()(source code for the kernel implementation here and a header file with structure definitions here ):

$ cat procname.c 
#include <stdio.h>
#include <stdlib.h>
#include <sys/proc_info.h>

extern int proc_pidinfo(int pid, int flavor, uint64_t arg, user_addr_t buffer,
    uint32_t  buffersize);
#define SHOW_ZOMBIES 0

int main(int argc, char **argv) {
    if(argc != 2) {
        puts("Usage: procname <pid>");
        return 1;
    }

    struct proc_taskallinfo info;

    int ret = proc_pidinfo(atoi(argv[1]), PROC_PIDTASKALLINFO, SHOW_ZOMBIES,
        (user_addr_t) &info, sizeof(struct proc_taskallinfo));
    printf("ret=%d, result=%s\n", ret, (char *) info.pbsd.pbi_comm);

    return 0;
}
$ clang procname.c -o procname 2>/dev/null
$ sudo ./procname 29079
ret=232, result=Google Chrome

dtruss ps -p ... -o args, syscall, , , , El Capitan dtruss, , ( ps) - :

$ sudo dtruss ps -p 29079 -o args

dtrace: failed to execute ps: dtrace cannot control executables signed with restricted entitlements

, , sudo nm $(which ps), , ps, , , Googled xnu (Mac OS X ).

+3

Source: https://habr.com/ru/post/1598576/

More articles:


All Articles