Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/h0mbre/busychild

a pstree mod that prints other helpful information and with added functionality
https://github.com/h0mbre/busychild

Last synced: about 2 months ago
JSON representation

a pstree mod that prints other helpful information and with added functionality

Awesome Lists containing this project

README 

        
## Busychild

Busychild is a `pstree` like utility with some added functionality built on. Busychild is aimed at getting a better understanding of applications which create numerous child processes. Busychild should allow users to peek into a portion of the IPC being used by the target process and highlight shared file descriptors (sockets (not datagram afaik), pipes) with other processes.



Hopefully the code isn't completely opaque and users are able to modify it to suit their needs. There is a lot of room left for added functionality as I've only chosen to highlight a small subset of the information available about a given process. There are many unexplored process aspects which lend themselves well to being highlighted by the program, such as: shared mapped files, CPU utilization, virtual memory size, process state, etc. These are all available through the wonderful [procfs Crate](https://docs.rs/procfs/0.8.0/procfs/index.html). 



Busychild is in a very early stage, please report any bugs! The code could use a heavy dose of refactoring, but it seems to be in a working state. **I've hardcoded a constant in the code in order to render the process start times as a UTC timestamp correctly, this constant is the `_SC_CLK_TCK` which, when used in conjuction with the process' start time and the OS boot time, can give you a UTC timestamp. This constant is set to 100 on my machine, please check yours in order to get the right result**



Tested on Ubuntu 18.04: `5.4.0-42-generic #46~18.04.1-Ubuntu SMP Fri Jul 10 07:21:24 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux`



## Thanks

Big thanks to @epi052 who actually wrote most of the recursive child discovery code! 



Currently, Busychild displays the following process information:

+ pid and process name,

+ parent pid,

+ level (a recursion level as compared to the greatest parent process),

+ owner (uid of process owner),

+ start time,

+ thread count,

+ command line,

+ socket inodes and the pids with which this inode is shared, and

+ pipe inodes and the pids with which this inode is shared



## Installation

+ `git clone https://github.com/h0mbre/busychild`

+ `cd busychild`

+ `cargo build --release`



## Usage

```

OPTIONS:

	-q, --quiet	only print information for target pid

	-s, --socket	print information for specific socket inode

	-p, --pipe	print information for specific pipe inode

	-h, --help	print this!

EXAMPLES:

	usage: ./busychild  

	usage: ./busychild 1337

	usage: ./busychild 1337 -q

	usage: ./busychild  

	usage: ./busychild -s 1337

	usage: ./busychild -p 1337

```



### Default Mode

The default mode will take a target pid,  `sysargv[1]`, and will recursively map out both parents of the pid and children of the pid. This mode will then color-code each discovered process node and arrange them in a `pstree`-like hiearchy.



Default mode can be utilized as follows: 

+ `./busychild `

+ `./busychild 1`



### Quiet Mode

Quiet mode is similar to Default Mode; however, only the target pid information will be printed.



Quiet mode can be utilized as follows:

+ `./busychild  -q`

+ `./busychild  --quiet`



### Socket Mode

Socket mode will look up a socket inode and try to find all of the processes which have an open file descriptor to this socket.



Socket mode can be utilized as follows:

+ `./busychild -s `

+ `./busychild --socket `



### Pipe Mode

Pipe mode will look up a socket inode and try to find all of the processes which have an open file descriptor to this socket.



Pipe mode can be utilized as follows:

+ `./busychild -p `

+ `./busychild --pipe `



## Output

Here is some sample output for default mode with pid `121486`.