Linux下通过inode找pid


=Start=

缘由:

我知道在Linux下如何通过pid找到对应的inode信息,但是现在有一个需求就是通过inode找到对应的pid。

正文:

参考解答:

In general, to find what’s at the other end of a socket, you need to iterate through /proc. This can of course mean letting an existing tool such as netstat, lsof or ss do it for you.

The reason for this is that a socket can be opened by different processes. Once a process has opened a socket, it can fork, and the children can change their privileges and switch to different namespaces. It’s also possible to pass file descriptors from a process to an unrelated process, using anciliary data on a unix socket. So arbitrary processes can have the same socket open. There is no such thing as “the PID of a socket”, only “the PIDs of a socket”.

While this doesn’t prove that there’s no way to enumerate the PIDs given the socket, it would be very difficult to design such an interface, especially when you consider that non-root users don’t get to know when files are opened by processes running as a different user. Access through /proc enforces security via permissions, and I’m not aware of any other interface to get the same data. Also, fuser, lsof, netstat and ss all enumerate /proc; if there was another interface, I’d expect someone to use it. So I’m pretty sure that there’s no other way.

 

参考链接:

https://unix.stackexchange.com/questions/302152/is-there-a-way-to-identify-the-pid-or-cgroup-of-a-socket-without-iterating-thr

https://stackoverflow.com/questions/3319521/how-can-i-match-each-proc-net-tcp-entry-to-each-opened-socket/

https://stackoverflow.com/questions/14667215/finding-a-process-id-given-a-socket-and-inode-in-python-3

https://emailcommand.wordpress.com/linux/how-does-inode-in-procnettcp-related-with-the-procpidfdnum-socketnum/

https://serverfault.com/questions/707490/how-to-determine-which-processes-have-most-inodes-opened #如何判断哪个进程打开的文件描述符最多?

=END=

, ,

《“Linux下通过inode找pid”》 有 4 条评论

回复 hi 取消回复

您的电子邮箱地址不会被公开。 必填项已用*标注