Class: ProcTable

Inherits:
Object
  • Object
show all
Defined in:
lib/vcseif/utils/proctbl.rb

Class Method Summary collapse

Class Method Details

.all_processesObject 



47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
 
# File 'lib/vcseif/utils/proctbl.rb', line 47

def self.all_processes()
    all_procs = []

    case $os
      when 'posix'
        all_procs = ProcTable.posix_processes()
      when 'windows'
        all_procs = ProcTable.windows_processes()
    end

    #all_procs.each do |proc|
    #  puts "%5d %s" % [proc['pid'], proc['cmdline']]
    #end

    return all_procs
end

.posix_processesObject 



64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
 
# File 'lib/vcseif/utils/proctbl.rb', line 64

def self.posix_processes()
  all_procs = []
  ps_output = `ps -ef`  # ps_output is single string
  pslines = ps_output.split("\n")
  hdr_line = pslines[0]
  cmd_column_ix = hdr_line.index('CMD')
  proc_lines =  pslines[1..pslines.length-1]
  proc_lines.each do |ps_entry|
    #puts "|#{ps_entry}|"
    fields = ps_entry.lstrip().split(/\s+/)
    #uid, pid, ppid, junk, started = fields[0], fields[1], fields[2], fields[3], fields[4]
    fields[5] = ps_entry[cmd_column_ix..ps_entry.length-1]
    proc_info = ProcessInfo.new(fields)
    all_procs << proc_info
    #puts "#{proc.inspect}"
  end
  return all_procs
end

.processes_matching_pattern(pattern) ⇒ Object 



113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
 
# File 'lib/vcseif/utils/proctbl.rb', line 113

def self.processes_matching_pattern(pattern)
  # this is not a true and foolproof regex pattern matching operation
  # The unfortunate truth is that any pattern arg that has a backslash in it
  # is probably going to fail, even though we'd like things like "foo\w+niski" to work.
  # So, given that we expect most callers to provide a simple string, we'll first
  # "adjust" their pattern by replacing backslashes with a token string of "<BACKWHACK>"
  # and then also "adjust" each process cmdline text that same way (mostly to compensate
  # for the MSWIN unfortunate choice of '\' as the path element separator char).
  # and only then do we do a regex check for a match.  
  # If there are any matches using this algorithm, we'll return the results.
  # Otherwise we will go ahead and perform the normal regex without any adjustments
  # on the off chance that the caller actually provided a valid regex pattern string 
  # instead of a string literal with no regex entities embedded.

  aps = ProcTable.all_processes

  matches = []
  aux_pattern = pattern.gsub('\\', '<BACKWHACK>')
  aps.each do |proc| 
    next if proc.cmdline == nil  # seems to only happen in Windoze land...
    command = proc['cmdline']
    aux_cmdline = command.gsub('\\', '<BACKWHACK>')
    matches << proc if aux_cmdline =! /#{aux_pattern}/
  end

  return matches if matches.length > 0

  mps = aps.select{|proc| proc.cmdline =~ /#{pattern}/}
  return mps
end

.processes_owned_by(target_uid = Process.uid) ⇒ Object 



107
108
109
110
111
 
# File 'lib/vcseif/utils/proctbl.rb', line 107

def self.processes_owned_by(target_uid=Process.uid)
  aps = ProcTable.all_processes
  tups = aps.select{|proc| proc.uid == target_uid.to_i}
  return tups
end

.target_process(target_pid) ⇒ Object 



100
101
102
103
104
105
 
# File 'lib/vcseif/utils/proctbl.rb', line 100

def self.target_process(target_pid)
  aps = ProcTable.all_processes
  target_proc = aps.select{|proc| proc.pid == target_pid.to_i}
  return target_proc.first if target_proc.length > 0
  return nil
end

.windows_processesObject 



83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
 
# File 'lib/vcseif/utils/proctbl.rb', line 83

def self.windows_processes()
  all_procs = []
  host = Socket.gethostname()
  wmi = WIN32OLE.connect("winmgmts://#{host}/root/cimv2")
  wmi.InstancesOf("Win32_Process").each do |wproc|
    if wproc.CreationDate.nil?
        startDate = nil
    else
        startDate = Date.parse(wproc.CreationDate.split('.').first)
    end
    fields = [0, wproc.ProcessId, wproc.ParentProcessId, "", startDate, wproc.CommandLine]
    proc_info = ProcessInfo.new(fields)
    all_procs << proc_info
  end
  return all_procs
end