我正在尝试从 Solaris 10 上的/proc/psinfo 文件获取信息。它是一个二进制文件,因此想使用 Perl 解包对其进行解码。 不幸的是,我在构建 Perl unpack 命令的模板时遇到了麻烦。 psinfo结构如下
typedef struct psinfo {
int pr_flag; /* process flags (DEPRECATED: see below) */
int pr_nlwp; /* number of active lwps in the process */
int pr_nzomb; /* number of zombie lwps in the process */
pid_t pr_pid; /* process id */
pid_t pr_ppid; /* process id of parent */
pid_t pr_pgid; /* process id of process group leader */
pid_t pr_sid; /* session id */
uid_t pr_uid; /* real user id */
uid_t pr_euid; /* effective user id */
gid_t pr_gid; /* real group id */
gid_t pr_egid; /* effective group id */
uintptr_t pr_addr; /* address of process */
size_t pr_size; /* size of process image in Kbytes */
size_t pr_rssize; /* resident set size in Kbytes */
dev_t pr_ttydev; /* controlling tty device (or PRNODEV) */
ushort_t pr_pctcpu; /* % of recent cpu time used by all lwps */
ushort_t pr_pctmem; /* % of system memory used by process */
timestruc_t pr_start; /* process start time, from the epoch */
timestruc_t pr_time; /* cpu time for this process */
timestruc_t pr_ctime; /* cpu time for reaped children */
char pr_fname[PRFNSZ]; /* name of exec'ed file */
char pr_psargs[PRARGSZ]; /* initial characters of arg list */
int pr_wstat; /* if zombie, the wait() status */
int pr_argc; /* initial argument count */
uintptr_t pr_argv; /* address of initial argument vector */
uintptr_t pr_envp; /* address of initial environment vector */
char pr_dmodel; /* data model of the process */
lwpsinfo_t pr_lwp; /* information for representative lwp */
taskid_t pr_taskid; /* task id */
projid_t pr_projid; /* project id */
poolid_t pr_poolid; /* pool id */
zoneid_t pr_zoneid; /* zone id */
ctid_t pr_contract; /* process contract id */
} psinfo_t;
但由于我对 C 一无所知,因此我在解锁模板中表示各种 psinfo 数据类型时遇到了麻烦。 我还尝试使用 hexdump/xxd 查看 psinfo 文件以查看我可以期待哪些数据,但这对我没有多大帮助。
到目前为止,我已经做好了准备
#!/usr/bin/perl -w
use strict;
use warnings;
use Data::Dumper;
opendir(PROC,"/proc") or die "Unable to open /proc:$!\n";
while (defined($_= readdir(PROC))){
next if ($_ eq "." or $_ eq "..");
next unless /^\d+$/; # filter out any random non-pid files
open(PSINFO, "/proc/$_/psinfo");
local $/;
read(PSINFO, my $psinfo,1000);
close PSINFO;
my @psinfoInfo = unpack("iiiiiiiiiiIiiiiSSi2i2i2Z16Z80iiIIaa3iiiiii", $psinfo);
print "'@psinfoInfo'\n";
}
closedir(PROC);
输出如下
'33554432 1 7871 4646 7871 4646 3339 3339 1087 1087 0 0 0 0 6291464 1 0 1522419148 159507010 0 113016534 0 0 top top 0 1 0 0 986003 3 0 0 0 924925'
'33554432 1 8323 9639 8323 9639 3339 3339 1087 1087 0 4116 2812 0 6291463 0 0 1522419159 626531984 0 39242598 0 0 processChecker. /usr/bin/perl -w ./processChecker.pl 0 3 134511508 134511524 986024 3 0 0 0 924944'
'33554432 1 8147 8146 2165 2165 3339 3339 1087 1087 0 6668 4060 0 -1 0 0 1522408545 333100499 0 513142054 0 0 sshd /usr/lib/ssh/sshd 0 1 134512284 134512292 984753 3 0 0 0 923830'
'33554432 1 21997 8153 21997 8153 3339 3339 1087 1087 0 2400 1504 0 6291458 0 0 1522410593 434583624 0 204410711 0 0 vi vi processChecker.pl 0 2 134511556 134511568 984753 3 0 0 0 923830'
但它与 psinfo 定义并不真正对应。例如进程名称被截断、时间值为 NOK 等。
我知道,有 Proc::processTable 可用,我并不是想重新发明轮子,但由于各种原因我无法使用该模块,这很重要。
我检查了http://perldoc.perl.org/perlpacktut.html和 http://perldoc.perl.org/functions/pack.html ,但仍然...
编辑:根据@borodins的建议,使用简短的C代码,我还设法在我的机器上获取数据类型的长度
Size of int: 4 bytes
Size of long: 4 bytes
Size of float: 4 bytes
Size of double: 8 bytes
Size of char: 1 byte
Size of pid_t: 4 bytes
Size of uid_t: 4 bytes
Size of gid_t: 4 bytes
Size of uintptr_t: 4 bytes
Size of size_t: 4 bytes
Size of dev_t: 4 bytes
Size of ushort_t: 2 bytes
Size of timestruc_t: 8 bytes
Size of lwpsinfo_t: 104 bytes
Size of taskid_t: 4 bytes
Size of projid_t: 4 bytes
Size of poolid_t: 4 bytes
Size of zoneid_t: 4 bytes
Size of ctid_t: 4 bytes
Size of time_t: 4 bytes
有人吗?
最佳答案
为了不让更多的编辑让观众感到困惑,我将在这里发布答案。其实很简单
我从系统中获得了正确的 psinfo 信息。在我的系统(Solaris 10 1/13 s10x_u11wos_24a X86)上,它存储在/usr/local/include/sys/procfs.h
typedef struct psinfo { int pr_flag; /* process flags (DEPRECATED; do not use) */ int pr_nlwp; /* number of active lwps in the process */ pid_t pr_pid; /* unique process id */ pid_t pr_ppid; /* process id of parent */ pid_t pr_pgid; /* pid of process group leader */ pid_t pr_sid; /* session id */ uid_t pr_uid; /* real user id */ uid_t pr_euid; /* effective user id */ gid_t pr_gid; /* real group id */ gid_t pr_egid; /* effective group id */ uintptr_t pr_addr; /* address of process */ size_t pr_size; /* size of process image in Kbytes */ size_t pr_rssize; /* resident set size in Kbytes */ size_t pr_pad1; dev_t pr_ttydev; /* controlling tty device (or PRNODEV) */ /* The following percent numbers are 16-bit binary */ /* fractions [0 .. 1] with the binary point to the */ /* right of the high-order bit (1.0 == 0x8000) */ ushort_t pr_pctcpu; /* % of recent cpu time used by all lwps */ ushort_t pr_pctmem; /* % of system memory used by process */ timestruc_t pr_start; /* process start time, from the epoch */ timestruc_t pr_time; /* usr+sys cpu time for this process */ timestruc_t pr_ctime; /* usr+sys cpu time for reaped children */ char pr_fname[PRFNSZ]; /* name of execed file */ char pr_psargs[PRARGSZ]; /* initial characters of arg list */ int pr_wstat; /* if zombie, the wait() status */ int pr_argc; /* initial argument count */ uintptr_t pr_argv; /* address of initial argument vector */ uintptr_t pr_envp; /* address of initial environment vector */ char pr_dmodel; /* data model of the process */ char pr_pad2[3]; taskid_t pr_taskid; /* task id */ projid_t pr_projid; /* project id */ int pr_nzomb; /* number of zombie lwps in the process */ poolid_t pr_poolid; /* pool id */ zoneid_t pr_zoneid; /* zone id */ id_t pr_contract; /* process contract */ int pr_filler[1]; /* reserved for future use */ lwpsinfo_t pr_lwp; /* information for representative lwp */ } psinfo_t;解压 psinfo 二进制文件的代码片段没问题。只是我没有意识到timestruc_t有两个元素,秒和纳秒。均为LONG类型。 (感谢鲍罗丁)
下面是一段 C 代码,显示了所使用的不同数据类型的大小
#include <stdio.h> #include <stdlib.h> #include <dirent.h> /* UNIX dirs POSIX */ #include <errno.h> /* error stf POSIX */ #include <fcntl.h> /* UNIX file ctrl UNIX */ #include <procfs.h> /* Solaris proc SUN */ #include <string.h> /* Strings C89 */ #include <sys/stat.h> /* UNIX stat POSIX */ #include <sys/types.h> /* UNIX types POSIX */ int main() { int integerType; long long_type; float floatType; double doubleType; char charType; pid_t pid_t_type; uid_t uid_t_type; gid_t gid_t_type; uintptr_t uintptr_t_type; size_t size_t_type; dev_t dev_t_type; ushort_t ushort_t_type; timestruc_t timestruc_t_type; lwpsinfo_t lwpsinfo_t_type; taskid_t taskid_t_type; projid_t projid_t_type; poolid_t poolid_t_type; zoneid_t zoneid_t_type; ctid_t ctid_t_type; time_t time_t_type; // Sizeof operator is used to evaluate the size of a variable printf("Size of int: %ld bytes\n",sizeof(integerType)); printf("Size of long: %ld bytes\n",sizeof(long_type)); printf("Size of float: %ld bytes\n",sizeof(floatType)); printf("Size of double: %ld bytes\n",sizeof(doubleType)); printf("Size of char: %ld byte\n",sizeof(charType)); printf("Size of pid_t: %ld bytes\n",sizeof(pid_t_type)); printf("Size of uid_t: %ld bytes\n",sizeof(uid_t_type)); printf("Size of gid_t: %ld bytes\n",sizeof(gid_t_type)); printf("Size of uintptr_t: %ld bytes\n",sizeof(uintptr_t_type)); printf("Size of size_t: %ld bytes\n",sizeof(size_t_type)); printf("Size of dev_t: %ld bytes\n",sizeof(dev_t_type)); printf("Size of ushort_t: %ld bytes\n",sizeof(ushort_t_type)); printf("Size of timestruc_t: %ld bytes\n",sizeof(timestruc_t_type)); printf("Size of lwpsinfo_t: %ld bytes\n",sizeof(lwpsinfo_t_type)); printf("Size of taskid_t: %ld bytes\n",sizeof(taskid_t_type)); printf("Size of projid_t: %ld bytes\n",sizeof(projid_t_type)); printf("Size of poolid_t: %ld bytes\n",sizeof(poolid_t_type)); printf("Size of zoneid_t: %ld bytes\n",sizeof(zoneid_t_type)); printf("Size of ctid_t: %ld bytes\n",sizeof(ctid_t_type)); printf("Size of time_t: %ld bytes\n",sizeof(time_t_type)); return 0; }
关于Perl - 如何在 Solaris 10 上解压 psinfo 二进制文件,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/49576093/