util/pidowner: new package to map from process ID to its user ID
This commit is contained in:
parent
40e12c17ec
commit
23f01174ea
|
@ -0,0 +1,25 @@
|
|||
// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
// Package pidowner handles lookups from process ID to its owning user.
|
||||
package pidowner
|
||||
|
||||
import (
|
||||
"errors"
|
||||
"runtime"
|
||||
)
|
||||
|
||||
var ErrNotImplemented = errors.New("not implemented for GOOS=" + runtime.GOOS)
|
||||
|
||||
var ErrProcessNotFound = errors.New("process not found")
|
||||
|
||||
// OwnerOfPID returns the user ID that owns the given process ID.
|
||||
//
|
||||
// The returned user ID is suitable to passing to os/user.LookupId.
|
||||
//
|
||||
// The returned error will be ErrNotImplemented for operating systems where
|
||||
// this isn't supported.
|
||||
func OwnerOfPID(pid int) (userID string, err error) {
|
||||
return ownerOfPID(pid)
|
||||
}
|
|
@ -0,0 +1,33 @@
|
|||
package pidowner
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"tailscale.com/util/lineread"
|
||||
)
|
||||
|
||||
func ownerOfPID(pid int) (userID string, err error) {
|
||||
file := fmt.Sprintf("/proc/%d/status", pid)
|
||||
err = lineread.File(file, func(line []byte) error {
|
||||
if len(line) < 4 || string(line[:4]) != "Uid:" {
|
||||
return nil
|
||||
}
|
||||
f := strings.Fields(string(line))
|
||||
if len(f) >= 2 {
|
||||
userID = f[1] // real userid
|
||||
}
|
||||
return nil
|
||||
})
|
||||
if os.IsNotExist(err) {
|
||||
return "", ErrProcessNotFound
|
||||
}
|
||||
if err != nil {
|
||||
return
|
||||
}
|
||||
if userID == "" {
|
||||
return "", fmt.Errorf("missing Uid line in %s", file)
|
||||
}
|
||||
return userID, nil
|
||||
}
|
|
@ -0,0 +1,9 @@
|
|||
// Copyright (c) 2020 Tailscale Inc & AUTHORS All rights reserved.
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
// +build !windows,!linux
|
||||
|
||||
package pidowner
|
||||
|
||||
func ownerOfPID(pid int) (userID string, err error) { return "", ErrNotImplemented }
|
|
@ -0,0 +1,47 @@
|
|||
package pidowner
|
||||
|
||||
import (
|
||||
"math/rand"
|
||||
"os"
|
||||
"os/user"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestOwnerOfPID(t *testing.T) {
|
||||
id, err := OwnerOfPID(os.Getpid())
|
||||
if err == ErrNotImplemented {
|
||||
t.Skip(err)
|
||||
}
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
t.Logf("id=%q", id)
|
||||
|
||||
u, err := user.LookupId(id)
|
||||
if err != nil {
|
||||
t.Fatalf("LookupId: %v", err)
|
||||
}
|
||||
t.Logf("Got: %+v", u)
|
||||
}
|
||||
|
||||
// validate that OS implementation returns ErrProcessNotFound.
|
||||
func TestNotFoundError(t *testing.T) {
|
||||
// Try a bunch of times to stumble upon a pid that doesn't exist...
|
||||
const tries = 50
|
||||
for i := 0; i < tries; i++ {
|
||||
_, err := OwnerOfPID(rand.Intn(1e9))
|
||||
if err == ErrNotImplemented {
|
||||
t.Skip(err)
|
||||
}
|
||||
if err == nil {
|
||||
// We got unlucky and this pid existed. Try again.
|
||||
continue
|
||||
}
|
||||
if err == ErrProcessNotFound {
|
||||
// Pass.
|
||||
return
|
||||
}
|
||||
t.Fatalf("Error is not ErrProcessNotFound: %T %v", err, err)
|
||||
}
|
||||
t.Errorf("after %d tries, couldn't find a process that didn't exist", tries)
|
||||
}
|
|
@ -0,0 +1,32 @@
|
|||
package pidowner
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"syscall"
|
||||
|
||||
"golang.org/x/sys/windows"
|
||||
)
|
||||
|
||||
func ownerOfPID(pid int) (userID string, err error) {
|
||||
procHnd, err := windows.OpenProcess(windows.PROCESS_QUERY_INFORMATION, false, uint32(pid))
|
||||
if err == syscall.Errno(0x57) { // invalid parameter, for PIDs that don't exist
|
||||
return "", ErrProcessNotFound
|
||||
}
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("OpenProcess: %T %#v", err, err)
|
||||
}
|
||||
defer windows.CloseHandle(procHnd)
|
||||
|
||||
var tok windows.Token
|
||||
if err := windows.OpenProcessToken(procHnd, windows.TOKEN_QUERY, &tok); err != nil {
|
||||
return "", fmt.Errorf("OpenProcessToken: %w", err)
|
||||
}
|
||||
|
||||
tokUser, err := tok.GetTokenUser()
|
||||
if err != nil {
|
||||
return "", fmt.Errorf("GetTokenUser: %w", err)
|
||||
}
|
||||
|
||||
sid := tokUser.User.Sid
|
||||
return sid.String(), nil
|
||||
}
|
Loading…
Reference in New Issue