How does ps show the argv for all processes on Mac OS X?
https://stackoverflow.com/questions/2568937
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I'm trying to identify when a particular process is running, based on its arguments, on Mac OS X. There may be several processes running with the same name, but only one will have the arguments I'm looking for. The processes are not owned by the same user who will be running my code. They will not have modified their argv in any way.
The 'ps' command shows exactly the information that I need. But I would greatly prefer not to have to spawn 'ps' and parse its output.
I originally tried the solution from this question, using sysctl, but it turns out that only works for processes you own; see my other question for more info.
So how does ps obtain argv information for processes owned by other users?
Solution
On Mac OS X ps is setuid 0, which is how it gets the information for all the processes. You have to run as root to get that information, so either you need to be setuid 0 or run your utility with sudo.
The best way is probably just to spawn ps and parse the output, even if you don't really want to ;)
OTHER TIPS
BSD ps (used in Mac OS X) uses kvm_getargv() to get the commandline arguments for a process.
Here is the actual call: ps source code. Search for kvm_getproc2.
See OpenBSD man page for this family of functions.
