I'm trying to catch the exact moment a python app makes a system call to ldapsearch command and passes the user password in the command line itself.
The problem is that even with this code :
while :
do
ps -ef | grep 'ldapsearch' | grep -v 'grep' >> out
done
It seems the process is live for such a short time that the ps call misses it every time.
How can I accomplish this?
You can easyly print the log of the system calls with:
dmesg -w
with -w being the follow option.
Or if you know the PID of your process:
strace -p PID
Related
How can I wait for a program to complete and then start another program automatically in another console?
EDIT: The first program can be long running and the other program should start right after the completion of the first program.
tail -f --pid=xyzu /dev/null && second_program
for example, in one console (terminal) invoke cat. In another console, use pstree -p | grep cat to find its process id. Then, in that other console, type tail -f --pid=6169 /dev/null && ls (replace the number with the correct one and use the needed command instead of ls). Then, end cat with CTL-C.
EDIT: Another example is, you want to shutdown the computer automatically when a long running program has completed:
first, find the pid of the long running program:
pstree -p | grep long_running_program
For instance, you find the pid 3373. Now, use the command:
sudo tail -f --pid=3373 /dev/null && shutdown -h now
I'm working on a program that can query running X apps, save all the commands of running apps and them reopen them latter.
I encounter an issue. wmctctl can query the pid of Onlyoffice, for example the pid is 123. Then run ps -ef -q 123, I see that the CMD is ./DesktopEditors which should be a invalid command, because ./one_command only can work in special folder include file one_command.
I can get a complete command by running ps -ef -q $(pgrep -P 123).
Is there a straight way to get the complete command of Onlyoffice just via wmctl and ps?
If there is a better way to get all commands of X apps, please let me know. Thanks.
I suggest using ps -h -e -o pid,args command piped with a grep
This should provide full command path with it arguments and options.
For example find all running java programs with their arguments (might be extensive):
ps -eo pid,args | grep java
In your case I suggest a small awk script, that looks for the pid given as 3rd input field in current line:
wmctrl -l -p|awk '{system("ps -h --pid "$3" -o args")}'
Sample output
nautilus-desktop --force
/usr/libexec/gnome-terminal-server
/usr/libexec/gnome-terminal-server
update
Transforming current directory ./ to to full path.
Assuming ./ represent the current working directory.
Add the following pipe.
wmctrl -l -p|awk '{system("ps -h --pid "$3" -o args")}'|sed "s|^\./|$PWD/|"
Find the script or program DesktopEditors in your computer, using find / -name "DesktopEditors".
But I believe this is useless if you are trying to reverse engineer a web based application that requires some kind of a browser emulator.
I have the following bash command which works quite good:
ps aux | grep mpg321 | grep -v "grep mpg321" | awk '{print $2}' | xargs kill
The only problem is, when there is no mpg321 being executed it returns an awful message which I would not like to display to the user.
Is there a "quiet" parameter of a way to put an if in this statement to avoid returning the message?
Usage:
kill [options] <pid> [...]
Options:
<pid> [...] send signal to every <pid> listed
-<signal>, -s, --signal <signal>
specify the <signal> to be sent
-l, --list=[<signal>] list all signal names, or convert one to a name
-L, --table list all signal names in a nice table
-h, --help display this help and exit
-V, --version output version information and exit
For more details see kill(1).
Thank you!
How about killall?
killall mpg321
You can also use pkill as an alternative to killall
By the way xargs has a --no-run-if-empty option if you don't want to execute the command when there are no parameters to add.
$cat t.sh
grep "12" test | wc -c
I want to know how many processes will be created when it runs.
I used
./t.sh;ps -aux | grep "t.sh"
but it didn't work because "./t.sh" had run over when ps was working.
How can I reach this goal?
Depends on the system you are running on. If you have strace you can trace all the fork system calls. problem is though that somesystems use fork, some vfork and some clone, you will have to experiment. On linux:
strace -c -f -evfork ./t.sh
should give you a summary. -c gives a count, -f means "follow" child processes, and -evfork means trace the vfork kernel call. The output goes to stderr, but you can redirect it to a file using the -o option (there are some neat tricks you can do if you specify a named pipe here).
Your mistake is the semicolon. It tells the shell to wait until t.sh finishes before running grep. Use ampersand instead to tell the shell to run t.sh in the background. Also instead of grep you'd be better off using pstree to see the list of processes spawned by your t.sh script like this:
$ ./t.sh & pstree $(pgrep t.sh)
you can try
./t.sh;ps -aux | grep -E "t.sh"
-E match exactly what you need and nothing else, I'm not on linux right now so I can't be sure, but there's something to do with that option
How can a bash script ensure that not more than one copy of it is running?
I have tried:
ps -ef| grep /user/loca/shell/sh | wc -l
This shows me 2 because of the grep command. Change it to:
ps -ef | grep /user/loca/shell/sh | grep -v 'grep' wc -l
then its shows 1. However, if I then vim /user/loca/shell/sh and then execute:
ps -ef| grep /user/loca/shell/sh | grep -v 'grep' wc -l
that shows 2. But there is only one process, I have started.
How can the bash script check whether the process is running?
The idiom often used in Unix Daemons is to create a file with the PID in it when they start.
Then you can check the existence and/or content of the file when you start, if it's there, you exit and leave that instance running.
At the end of the script you delete the file, ready to run next time.
The only problem comes when the script runs, but does not complete for some reason, leaving the PID file in existence. This can be taken care of by checking its timestamp, if it's too long ago, you assume that it was an aborted run and continue with the current one.
Try pgrep instead of 'ps -ef ...' in your script:
pgrep /usr/loca/shell/sh
If that won't work then I'd resort to locking by attempting to create a symbolic link from the script if one does not exist yet and bail out if it already exists, and deleting it upon exit. Creating symbolic link is an atomic operation on unix that can be used as sort of a poorman's lock for shell scripts.
I use a file lock:
MY_LOCK_FILE='whatever.lock'
( if (flock -nx 200); then
# Do stuff here...
fi
) 200>"$MY_LOCK_FILE"