Date: Wed, 23 Aug 2006 13:40:29 +0200 (CEST) From: Oliver Fromme <olli@lurza.secnetix.de> To: freebsd-hackers@FreeBSD.ORG, reko.turja@liukuma.net Subject: Re: Aqcuiring full path to running process from outside the ?kernel Message-ID: <200608231140.k7NBeTvg066384@lurza.secnetix.de> In-Reply-To: <006f01c6c67f$a0fb7c60$0a0aa8c0@rivendell>
next in thread | previous in thread | raw e-mail | index | archive | help
Reko Turja wrote: > But as said in earlier post of mine, I managed to achieve what I was > trying with the following code - using the sysctl seems to achieve > what was needed reliably enough, at least for now. > > int mib[4]; > size_t len; > mib[0] = CTL_KERN; > mib[1] = KERN_PROC; > mib[2] = KERN_PROC_PATHNAME; > mib[3] = -1; > len = PATH_MAX; > > /* First we try grabbing the path to executable using the sysctl MIB*/ > result = sysctl(mib, 4, name, &len, NULL, 0); > > I managed to stumble upon this about the same time I got the first > reply on my question, but for fallback methods I've gotten several > valuable suggestions and ideas from here, thanks! Another way would be to use /proc/$$/file (where $$ is the result from getpid()), but it only works when PROCFS is mounted on /proc, obviously. Finally, maybe you don't have to know the path at all. The kernel maintains a file descriptor of the executable. lsof(8) and fstat(1) display it (as "text" or "txt", repectively), so I assume there's a way to retrieve it from userland. If you can get access to that file descriptor, you should be able to read data from the executable without having to know its path name. The latter might even be the _only_ way to access the executable file, because someone might have unliked the directory entry right after starting it, so you cannot access it anymore by path name, but only by descriptor. Best regards Oliver -- Oliver Fromme, secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd Any opinions expressed in this message may be personal to the author and may not necessarily reflect the opinions of secnetix in any way. "If Java had true garbage collection, most programs would delete themselves upon execution." -- Robert Sewell
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200608231140.k7NBeTvg066384>