Checking Processes Are Started with Correct User
Hi There
I am trying to create a script with will allow me to check if a specific process is being run by the correct user (in this case this would be root). I have tried a few scripts but hasn't worked so far, my last attempt was: process_count=`pgrep -u root -x Introscope_WebView.lax;echo $?` if [ "$process_count" -eq 0] then process_user="Root" else process_user="Not Root" fi echo "<metric type="LongCounter" name="OS Processes|WebView User Process:Process Count" value="$process_count"/>" echo "<metric type="StringEvent" name="OS Processes|WebView User Process:Process User" value="$process_user"/>" exit 0 "Introscope_Webview.lax" is the process i want to ensure is being run by root Many Thanks Alex |
You're not really getting a process count but to do it the way you have it you just need to redirect the output of the pgrep command to /dev/null:
Code:
process_count=`pgrep -u root -x Introscope_WebView.lax >/dev/null;echo $?` |
@MensaWater
Thank you for your response I have tried your solution but it still comes back "not as root" I have double checked the ps- efl|grep java and it is defiantly ran by root as shown below: 0 S root 12003 1 6 80 0 - 1735348 futex_ Feb06 ? 02:37:01 ./jre/bin/java -Xms2048m -Xmx2048m -Djava.awt.headless=true -Dorg.owasp.esapi.resources=./config/esapi -Dsun.java2d.noddraw=true -Dorg.osgi.framework.bootdelegation=org.apache.xpath -javaagent:./product/webview/agent/wily/Agent.jar -Dcom.wily.introscope.agentProfile=./product/webview/agent/wily/core/config/IntroscopeAgent.profile -Dcom.wily.introscope.wilyForWilyPrefix=com.wily -Djetty.home=./ com.zerog.lax.LAX /opt/ca/APM/Introscope10.2.0.27/Introscope_WebView.lax /tmp/env.properties.12003 Cheers Alex |
What gets returned when you just run:
Code:
pgrep -u root -x Introscope_WebView.lax |
The "-x" flag is specifying command name. In your latest post you're showing the command name is actually "java" and the Introscope stuff is just part of the command line but not actually the name. Use the "-f" flag instead of "-x" so it looks at the entire command line:
Code:
process_count=`pgrep -u root -f Introscope_WebView.lax >/dev/null;echo $?` |
The output of cat proc/pid/status provides a lot of information including UID(s).
Remember that /proc, although it appears to be a directory containing subdirectories and files, is in fact an operating-system API. |
Quote:
|
@TenTenths
When I run the command nothing appears: [rp1cem@wycvlapph036 ca]$ pgrep -u root -x Introscope_WebView.lax [rp1cem@wycvlapph036 ca]$ @MensaWater Yes this worked and returned root! Fantastic Any chance I can get it to return the PID of root as well? Thanks for the responses guys! Alex |
Quote:
|
Code:
PID=$(pgrep -u root -f Introscope_WebView.lax) The first line just gets the Process ID (PID) reported by the pgrep. The second line gets the return code of the first line. If return code is 0 is prints your original echo and adds the PID to it. If return code is not 0 it prints your original echo but doesn't show the PID (because there won't be one since the first line only returns a PID if it is being run as root). |
@MensaWater
Thank you so much for your help on this! Not just with the code but also explaining it as well, great stuff :D Cheers Alex |
Glad I could help.
Please go to Thread Tools and mark this as Solved. It helps others in future with similar questions more quickly find solutions in web searches. |
Hi guys
Any reason why this is coming back with no result? - webview_process_user=`ps -efl | grep 'Introscope_Webview.lax' | grep -v grep | awk '{print $3}'` -rw-r--r--. 1 root root 5014 Jan 25 18:17 Introscope_WebView.lax [rp1cem@wycvlapph036 enterprisemanager]$ ps -efl | grep 'Introscope_Webview.lax' | grep -v grep | awk '{print $3}' [rp1cem@wycvlapph036 enterprisemanager]$ Cheers Alex |
All times are GMT -5. The time now is 03:00 PM. |