def dumpFileInfo(logger, file_obj):
try:
fileno = file_obj.fileno()
except AttributeError:
logger.info("File object class: %s" % file_obj.__class__.__name__)
return
logger.info("File descriptor: %s" % fileno)
if RUNNING_LINUX:
logger.info("File name: %r" % readProcessLink(getpid(), 'fd/%s' % fileno))
def dumpFileInfo(logger, file_obj):
try:
fileno = file_obj.fileno()
except AttributeError:
logger.info("File object class: %s" % file_obj.__class__.__name__)
return
logger.info("File descriptor: %s" % fileno)
if RUNNING_LINUX:
logger.info("File name: %r" %
readProcessLink(getpid(), 'fd/%s' % fileno))
def handle_event(self, event):
"""Handle external events like new process execution or child close"""
if isinstance(event, NewProcessEvent):
# Under Linux the new process phase first fork a new process with the same
# command line of the starting process then changes its command line
# Therefore here I skip the NewProcessEvent event and after I add a new
# process during the ProcessExecution event
status = None
elif isinstance(event, ProcessExecution):
status = _('Process execution')
elif isinstance(event, ProcessExit):
status = _('Process exit')
elif isinstance(event, ProcessSignal):
status = _('Process signal: %s') % event
elif isinstance(event, ChildError):
status = None
print event
else:
status = _('Event: %s') % event
if status:
pid = event.process.pid
if RUNNING_LINUX and isinstance(event, ProcessExecution):
self.event_callback(pid, _('Command line'),
' '.join(readProcessCmdline(event.process.pid)))
self.event_callback(pid, _('Current working directory'),
readProcessLink(event.process.pid, 'cwd'))
# If the process has a parent PID include it in the details
if event.process.parent:
self.event_callback(pid, _('Parent PID'), str(event.process.parent.pid))
# Add process details
details = self._get_process_status_details(event.process.pid)
if details.has_key(UID):
self.event_callback(pid, _('User ID'), details[UID].pw_uid)
self.event_callback(pid, _('User name'), details[UID].pw_name)
self.event_callback(pid, _('User real name'), details[UID].pw_gecos)
if details.has_key(EUID):
self.event_callback(pid, _('Effective user ID'), details[EUID].pw_uid)
self.event_callback(pid, _('Effective user name'), details[EUID].pw_name)
self.event_callback(pid, _('Effective user real name'), details[EUID].pw_gecos)
if details.has_key(GID):
self.event_callback(pid, _('Group ID'), details[GID].gr_gid)
self.event_callback(pid, _('Group name'), details[GID].gr_name)
if details.has_key(EGID):
self.event_callback(pid, _('Effective group ID'), details[EGID].gr_gid)
self.event_callback(pid, _('Effective group name'), details[EGID].gr_name)
self.event_callback(pid, information=_('Status'), value=status)
def dumpFileInfo(logger, file_obj):
try:
fileno = file_obj.fileno()
except AttributeError:
logger.info("File object class: %s" % file_obj.__class__.__name__)
return
if RUNNING_LINUX:
filename = readProcessLink(getpid(), 'fd/%s' % fileno)
logger.info("File name: %r" % filename)
logger.info("File descriptor: %s" % fileno)
stat = fstat(fileno)
logger.info("File user/group: %s/%s" % (stat.st_uid, stat.st_gid))
logger.info("File size: %s bytes" % stat.st_size)
logger.info("File mode: %04o" % stat.st_mode)
mtime = datetime.fromtimestamp(stat.st_mtime)
logger.info("File modification: %s" % mtime)
def dumpProcessInfo(log, pid, max_length=None):
"""
Dump all information about a process:
- log: callback to write display one line
- pid: process identifier
- max_length (default: None): maximum number of environment variables
"""
if not RUNNING_LINUX:
log("Process ID: %s" % pid)
return
try:
stat = readProcessStat(pid)
except ProcError:
# Permission denied
stat = None
text = "Process ID: %s" % pid
if stat:
text += " (parent: %s)" % stat.ppid
log(text)
if stat:
state = stat.state
try:
state = "%s (%s)" % (state, stat.STATE_NAMES[state])
except KeyError:
pass
log("Process state: %s" % state)
try:
log("Process command line: %r" % readProcessProcList(pid, 'cmdline'))
except ProcError:
# Permission denied
pass
try:
env = readProcessProcList(pid, 'environ')
if max_length:
# Truncate environment if it's too long
length = 0
removed = 0
index = 0
while index < len(env):
var = env[index]
if max_length < length + len(var):
del env[index]
removed += 1
else:
length += len(var)
index += 1
env = ', '.join("%s=%r" % tuple(item.split("=", 1))
for item in env)
if removed:
env += ', ... (skip %s vars)' % removed
log("Process environment: %s" % env)
except ProcError:
# Permission denied
pass
try:
log("Process working directory: %s" % readProcessLink(pid, 'cwd'))
except ProcError:
# Permission denied
pass
try:
user = None
group = None
status_file = openProc("%s/status" % pid)
for line in status_file:
if line.startswith("Uid:"):
user = [int(id) for id in line[5:].split("\t")]
if line.startswith("Gid:"):
group = [int(id) for id in line[5:].split("\t")]
status_file.close()
if user:
text = "User identifier: %s" % user[0]
if user[0] != user[1]:
text += " (effective: %s)" % user[1]
log(text)
if group:
text = "Group identifier: %s" % group[0]
if group[0] != group[1]:
text += " (effective: %s)" % group[1]
log(text)
except ProcError:
# Permission denied
pass
def dumpProcessInfo(log, pid, max_length=None):
if not RUNNING_LINUX:
log("Process ID: %s" % pid)
return
try:
stat = readProcessStat(pid)
except ProcError:
# Permission denied
stat = None
text = "Process ID: %s" % pid
if stat:
text += " (parent: %s)" % stat.ppid
log(text)
if stat:
state = stat.state
try:
state = "%s (%s)" % (state, stat.STATE_NAMES[state])
except KeyError:
pass
log("Process state: %s" % state)
try:
log("Process command line: %r" % readProcessProcList(pid, 'cmdline'))
except ProcError:
# Permission denied
pass
try:
env = readProcessProcList(pid, 'environ')
if max_length:
# Truncate environment if it's too long
length = 0
removed = 0
index = 0
while index < len(env):
var = env[index]
if max_length < length+len(var):
del env[index]
removed += 1
else:
length += len(var)
index += 1
env = ', '.join( "%s=%r" % tuple(item.split("=", 1)) for item in env )
if removed:
env += ', ... (skip %s vars)' % removed
log("Process environment: %s" % env)
except ProcError:
# Permission denied
pass
try:
log("Process working directory: %s" % readProcessLink(pid, 'cwd'))
except ProcError:
# Permission denied
pass
try:
user = None
group = None
for line in iterProc("%s/status" % pid):
if line.startswith("Uid:"):
user = [ int(id) for id in line[5:].split("\t") ]
if line.startswith("Gid:"):
group = [ int(id) for id in line[5:].split("\t") ]
if user:
text = "User identifier: %s" % user[0]
if user[0] != user[1]:
text += " (effective: %s)" % user[1]
log(text)
if group:
text = "Group identifier: %s" % group[0]
if group[0] != group[1]:
text += " (effective: %s)" % group[1]
log(text)
except ProcError:
# Permission denied
pass
