En C un peu propre (donc pas de system/exec), comme dit precedemment, libproc-dev.
Sinon tu t'amuse toi-meme a scanner /proc. C'est juste (presque tres!) fastidieux. Pour le fun, je t'ai fais un exemple sans pretention. Perl et autres, beaucoup plus facile et rapide. C.f. le module Proc::ProcessTable par example pour perl. A+, JD. On Thursday 28 April 2005 13:46, Frederic Beck wrote: FB > non c'est pas que je debute, je connais system ou la famille exec, mais FB > system ne m'arrange pas car je ne peux pas r�cup�rer la sortie -- Jean-Damien Durand CERN/IT/FIO/DS - Geneva, Switzerland PGP: http://home.cern.ch/~jdurand/public_key.asc CERN CA: http://cern.ch/service-grid-ca/crt/root_crt.html WWW: http://home.cern.ch/~jdurand
/* Basic, stupid and al. example on how to one can use /proc */
/* Fits on systems where ssh pid is _correctly_ launched as a */
/* daemon and stored its pid in /var/run/sshd.pid */
/* cc -Wall -o sshspy sshspy.c; ./sshspy */
#include <sys/types.h>
#include <dirent.h>
#include <sys/stat.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <fcntl.h>
#define SSH_PID "/var/run/sshd.pid"
static int sshspydoit(int);
static char *readlink_malloc(char *);
int main() {
int sshpidfd;
char buf[21];
int sshpid = 0;
int nssh;
/* Recupere sshd pid */
if ((sshpidfd = open(SSH_PID,O_RDONLY)) < 0) {
perror(SSH_PID);
} else {
/* Will it ever be more than 21 bytes !? */
if (read(sshpidfd,buf,21) <= 0) {
perror(SSH_PID);
} else {
memset(buf,20,'\0');
if ((sshpid = atoi(buf)) <= 0) {
fprintf(stderr,"Negative ssh pid in %s !?\n", SSH_PID);
sshpid = 0;
}
close(sshpidfd);
}
}
if (sshpid == 0) {
fprintf(stderr,"Warning - you are likely to match ssh master daemon\n");
}
if (getuid() != 0) {
fprintf(stderr,"Warning - you will not match all sessions unless you are root\n");
}
nssh = sshspydoit(sshpid);
fprintf(stdout,"%d ssh session%s found\n", nssh, nssh > 1 ? "s" : "");
exit(EXIT_SUCCESS);
}
static int sshspydoit(sshpid)
int sshpid;
{
int rc = 0;
DIR *proc_dir;
if ((proc_dir = opendir("/proc")) == NULL) {
perror("/proc");
} else {
int proc_dir_return_code;
struct dirent proc_dir_entry;
struct dirent *proc_dir_result;
for (proc_dir_return_code = readdir_r(proc_dir, &proc_dir_entry, &proc_dir_result);
proc_dir_result != NULL && proc_dir_return_code == 0;
proc_dir_return_code = readdir_r(proc_dir, &proc_dir_entry, &proc_dir_result)) {
char *fullpath;
struct stat statbuf;
char *filename;
/* Let's scan entries that have onlt digits */
if (strspn(proc_dir_entry.d_name,"1234567890") != strlen(proc_dir_entry.d_name)) {
continue;
}
/* Master ssh pid !? */
if (atoi(proc_dir_entry.d_name) == sshpid) {
continue;
}
/* We will stat /proc/proc_dir_entry.d_name/exe and /proc/proc_dir_entry.d_name/stat and */
if ((fullpath = (char *) malloc(strlen("/proc/") + strlen(proc_dir_entry.d_name) + strlen("/exe") + 2)) == NULL) {
perror("malloc");
continue;
}
strcpy(fullpath,"/proc/");
strcat(fullpath,proc_dir_entry.d_name);
strcat(fullpath,"/exe");
if (stat(fullpath,&statbuf) == 0) {
/* This is a link - only linux we expect so */
if ((filename = readlink_malloc(fullpath)) != NULL) {
char *p;
/* Ends with "/sshd" ? */
if ((p = strrchr(filename,'/')) != NULL) {
*p++ = '\0';
if (strcmp(p,"sshd") == 0) {
*--p = '/';
/* Try to open /proc/pid/stat if we know the sshd master */
if (sshpid > 0) {
int fd;
strcpy(fullpath,"/proc/");
strcat(fullpath,proc_dir_entry.d_name);
strcat(fullpath,"/stat");
if ((fd = open(fullpath,O_RDONLY)) >= 0) {
char buf[4097];
/* We are only interested in the token No 4: pid (command) state ppid ... */
/* This cannot exceed 4096 bytes - can it ? */
memset(buf,4096,'\0');
if (read(fd,buf,4096) > 0) {
char *p;
char *last = NULL;
buf[4096] = '\0';
/* I hate sscanf - that's all */
if ((p = strtok_r(buf," ",&last)) != NULL) { /* pid */
if ((p = strtok_r(NULL," ",&last)) != NULL) { /* (command) */
if ((p = strtok_r(NULL," ",&last)) != NULL) { /* state */
if ((p = strtok_r(NULL," ",&last)) != NULL) { /* ppid */
int ppid = atoi(p);
if (ppid == sshpid) {
fprintf(stdout,"PID=%s PPID=%d %s\n", proc_dir_entry.d_name, ppid, filename);
++rc;
} else if (ppid == 1) {
fprintf(stdout,"PID%s PPID=%d %s (orphaned !?)\n", proc_dir_entry.d_name, ppid, filename);
++rc;
}
}
}
}
}
}
close(fd);
}
}
}
}
free(filename);
}
}
free(fullpath);
}
closedir(proc_dir);
}
return(rc);
}
static char *readlink_malloc(filename)
char *filename;
{
int size = 100;
while (1) {
char *buffer = (char *) calloc(size,1);
if (buffer == NULL) {
perror("calloc");
return(NULL);
}
int nchars = readlink (filename, buffer, size);
if (nchars < 0) {
perror(filename);
return(NULL);
}
if (nchars < size) {
return(buffer);
}
free (buffer);
size *= 2;
}
}
smime.p7s
Description: S/MIME cryptographic signature
