From: Evgeni Golov Date: Sat, 24 Sep 2016 10:25:33 +0000 (+0200) Subject: skip processes that are in a different pid namespace X-Git-Url: https://git.adam-barratt.org.uk/?p=mirror%2Fdsa-nagios.git;a=commitdiff_plain;h=3a002c0a3373df12af1cd23a45fcf63ee434b329 skip processes that are in a different pid namespace this is turned off by default and can be enabled by --ignore-pid-namespaces Signed-off-by: Peter Palfrader --- diff --git a/dsa-nagios-checks/checks/dsa-check-libs b/dsa-nagios-checks/checks/dsa-check-libs index fd9e338..da26cdc 100755 --- a/dsa-nagios-checks/checks/dsa-check-libs +++ b/dsa-nagios-checks/checks/dsa-check-libs @@ -52,16 +52,18 @@ if (!GetOptions ( '--help' => \$params->{'help'}, '--version' => \$params->{'version'}, '--quiet' => \$params->{'quiet'}, + '--ignore-pid-namespaces' => \$params->{'ignore_pid_namespaces'}, '--verbose' => \$params->{'verbose'}, '-v' => \$params->{'verbose'}, '--config=s' => \$params->{'config'}, )) { - dief ("$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--verbose] [--quiet] [--config=]\n"); + dief ("$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--ignore-pid-namespaces] [--verbose] [--quiet] [--config=]\n"); }; if ($params->{'help'}) { - print "$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--verbose] [--quiet] [--config=]\n"; + print "$PROGRAM_NAME: Usage: $PROGRAM_NAME [--help|--version] [--ignore-pid-namespaces] [--verbose] [--quiet] [--config=]\n"; print "Reports processes that are linked against libraries that no longer exist.\n"; print "The optional config file can specify ignore rules - see the sample config file.\n"; + print "Can optionally ignore processes from other PID namespaces.\n"; exit (0); }; if ($params->{'version'}) { @@ -142,6 +144,12 @@ sub inVserver() { my $INVSERVER = inVserver(); +my $PID_NS_SUPPORT = (-f '/proc/self/ns/pid'); +my $PID_NS; +if ($PID_NS_SUPPORT and $params->{'ignore_pid_namespaces'}) { + $PID_NS = readlink('/proc/self/ns/pid'); +} + print STDERR "Running $LSOF -n\n" if $params->{'verbose'}; open (LSOF, "$LSOF -n 2>/dev/null|") or dief ("Cannot run $LSOF -n: $!\n"); my @lsof=; @@ -160,6 +168,11 @@ LINE: for my $line (@lsof) { next; } + if ($PID_NS_SUPPORT and $params->{'ignore_pid_namespaces'}) { + my $pidns = readlink('/proc/'.$pid.'/ns/pid'); + next if (defined $pidns and $PID_NS ne $pidns); + } + unless ( $line =~ /^f/ ) { dief("UNKNOWN strange line read from lsof\n"); # don't print it because it contains NULL characters...