New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add option to hide processes running in a container #1062
Conversation
Please have a look at the compile issues mentioned by the CI. There seem to be some headers missing for |
df92e3e
to
9dd9cfc
Compare
linux/LinuxProcessList.c
Outdated
if (!LinuxProcessList_checkPidNamespace((Process *)lp, procFd)) | ||
goto errorReadingProcess; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
linux/LinuxProcessList.c
Outdated
if ((ss->flags & PROCESS_FLAG_LINUX_CGROUP) || hideRunningInContainer) { | ||
LinuxProcessList_readCGroupFile(lp, procFd); | ||
if (hideRunningInContainer && lp->cgroup && | ||
!(String_startsWith(lp->cgroup, "/user") || String_startsWith(lp->cgroup, "/machine") || String_startsWith(lp->cgroup, "/system")) ) { | ||
if (!LinuxProcessList_checkPidNamespace((Process *)lp, procFd)) | ||
goto errorReadingProcess; | ||
} | ||
} | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did you move this block of code?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Before moving the code, there was a significant lag between the moment one enables the "hide running in a container" option and the moment the change is actually seen on the screen.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
My theory is that it's because, initially, none of the processes are marked as "running in container". If the option is toggled just after this condition.
if ((ss->flags & PROCESS_FLAG_LINUX_CGROUP) || hideRunningInContainer)
The change will still not take effect in the next iteration of the loop, since the process will still not be marked as "running in a container" in this condition.
if (preExisting && hideRunningInContainer && Process_isRunningInContainer(proc))
It finally takes effect after one more iteration.
c8583e4
to
7359939
Compare
Can be used to hide processes of containers. Alternative to htop-dev#1062
166a314
to
12219cf
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The overall changes look okay now, but the commit history could manage some cleanup with git rebase
(squashing the cleanups into the commits they apply to). This gives a much nicer history and allows for better understanding of what changes where done why (otherwise half of the changes land on some fixups unnecessarily).
P.S.: Feel free to clean up the history on your PR as much as you like. I think targeting about 3 commits (e.g.: 1. whitespace fix in linux/LinuxProcessList.c
around line 1640, 2. Implementing the overall feature, 3. adding UI for it) might be good. Each commit for itself should be able to compile.
Cool. I'll clean up the commit history and push it again. |
Add actionToggle and fix LinuxProcessList_checkPidNamespace Read cgroup file irrespective of flags Improve logic to check if running in container Add isContainerOrVMSlice() Also change "(Process *)lp" to "proc" Remove check for root slice Remove Process_isRunningInContainer Co-authored-by: BenBE <BenBE@geshi.org>
Co-authored-by: BenBE <BenBE@geshi.org>
cc3bb7a
to
c6ab41a
Compare
I have cleaned up the commit history as best as I could. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM.
The |
Might close #1036
The patch makes use of NSpid to check whether a process runs inside a pid namespace that is different from the host's init process' pid namespace. If this check is true, the cgroup name is checked to ensure it isn't a process running on the host that happens to run in a different pid namespace.