Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

How does ps show the argv for all processes on Mac OS X?

Tags:

c

macos

argv

ps

I'm trying to identify when a particular process is running, based on its arguments, on Mac OS X. There may be several processes running with the same name, but only one will have the arguments I'm looking for. The processes are not owned by the same user who will be running my code. They will not have modified their argv in any way.

The 'ps' command shows exactly the information that I need. But I would greatly prefer not to have to spawn 'ps' and parse its output.

I originally tried the solution from this question, using sysctl, but it turns out that only works for processes you own; see my other question for more info.

So how does ps obtain argv information for processes owned by other users?

like image 435
DNS Avatar asked Apr 02 '10 20:04

DNS

People also ask

How do I see all processes on a Mac?

In the Activity Monitor app on your Mac, in the View menu, choose one of the following: All Processes: Shows all the processes running on your Mac. All Processes, Hierarchically: Shows processes that belong to other processes, so you can see the parent/child relationship between them.

How do I find the PID of a process Mac?

One very useful command to help find a process by name or PID is grep which can filter out the desired information. It can be used in conjunction with the ps -ax command to list only the process that you are interested in. For example: At the command prompt type ps -ax | grep <application name>.

What ps flag is used to view detailed information about processes?

The -e option instructs ps to display all processes. The -f stands full-format listing, which provides detailed information about the processes.

What is ps on Mac?

For system administrators, ps on macOS is a frequently-used tool. The command stands for “process status,” and that's largely what it does. It reports currently-running processes with a variety of filters and views.

2 Answers

On Mac OS X ps is setuid 0, which is how it gets the information for all the processes. You have to run as root to get that information, so either you need to be setuid 0 or run your utility with sudo.

The best way is probably just to spawn ps and parse the output, even if you don't really want to ;)

like image 77
Jason Coco Avatar answered Oct 03 '22 02:10

Jason Coco

BSD ps (used in Mac OS X) uses kvm_getargv() to get the commandline arguments for a process.

Here is the actual call: ps source code. Search for kvm_getproc2.

See OpenBSD man page for this family of functions.

like image 42
Variable Length Coder Avatar answered Oct 03 '22 04:10

Variable Length Coder
Sign in to Comment

Related questions

How can I force the deletion of locked files in C/C++?
Determining realloc() behaviour before calling it
Monitor battery charge with Win32 API
Any hand-on exercise to understand how a program is loaded into memory and get executed
help with gdb traces (or similar)
Is it possible to host the CLR in a C program?
How to implement a timer in C on windows
Custom malloc() implementation header design
Does the Visual Studio C compiler have an equivalent to GCC's -M?
Matrix Standard library
Why assignment of double to int does not trigger gcc warnings?
How do disk pointers work?
Why is my C++ app faster than my C app (using the same library) on a Core i7
sqlite3 close returns error code 5
How does printf work?
How to invoke same program with different name?
C: Returning a void versus returning a double * from a subfunction
What does the code "DECLDIR __declspec(dllexport)" really do?
Measuring process statistics in Linux
Floating point calculation change depending on the compiler

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!