Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

trace exec: add pcomm field (parent command) #2605

Merged
merged 1 commit into from
Mar 11, 2024
Merged

trace exec: add pcomm field (parent command) #2605

merged 1 commit into from
Mar 11, 2024

Conversation

alban
Copy link
Member

@alban alban commented Mar 11, 2024

trace exec: add pcomm field (parent command)

The trace exec gadgets shows new process executed. It is useful to know the parent processes that started the new processes. We already had the parent pid. This patch adds the parent command.

Similarly to the comm field, the pcomm field is limited to 16 characters by the kernel.

How to use

Same as before

Testing done

$ sh -c 'sh -c /bin/echo | /bin/cat'

$ sudo -E ./ig trace exec --host
INFO[0000] Experimental features enabled                
RUNTIME.CONTAINERNAME       PID        PPID       COMM           PCOMM          RET ARGS
                            2192986    402902     sh             bash           0   /usr/bin/sh -c sh -c /bin/echo|/b…
                            2192987    2192986    sh             sh             0   /usr/bin/sh -c /bin/echo
                            2192988    2192986    cat            sh             0   /bin/cat
                            2192987    2192986    echo           sh             0   /bin/echo

TODOs

  • Update documentation
  • Update tests
  • Update image-based gadget trace_exec (I can do that in another PR)

This PR supersedes:

@alban
trace exec: add pcomm field (parent command)
39bff57 
The trace exec gadgets shows new process executed. It is useful to know
the parent processes that started the new processes. We already had the
parent pid. This patch adds the parent command.

Signed-off-by: Alban Crequy <albancrequy@linux.microsoft.com>
@alban alban mentioned this pull request Mar 11, 2024
Closed
3 tasks
eiffel-fl
eiffel-fl approved these changes Mar 11, 2024
View reviewed changes
Copy link
Member

@eiffel-fl eiffel-fl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please, close the other PR.

@mauriciovasquezbernal mauriciovasquezbernal merged commit 18d52d8 into main Mar 11, 2024
178 checks passed
@mauriciovasquezbernal mauriciovasquezbernal deleted the citest/alban_pcomm branch March 11, 2024 20:22
pawarpranav83 added a commit to pawarpranav83/inspektor-gadget that referenced this pull request Apr 11, 2024
@pawarpranav83
ig testing framework
78b5b7e 
pkg/testing/command/command.go: code taken from integration/command.go at commit 18d52d8 ("Merge pull request inspektor-gadget#2605 from inspektor-gadget/citest/alban_pcomm")

Signed-off-by: pawarpranav83 <pawar.pranav83@gmail.com>
pawarpranav83 added a commit to pawarpranav83/inspektor-gadget that referenced this pull request Apr 11, 2024
@pawarpranav83
ig testing framework
8bab773 
pkg/testing/command/command.go: code taken from integration/command.go at commit 18d52d8 ("Merge pull request inspektor-gadget#2605 from inspektor-gadget/citest/alban_pcomm")

Signed-off-by: pawarpranav83 <pawar.pranav83@gmail.com>
pawarpranav83 added a commit to pawarpranav83/inspektor-gadget that referenced this pull request Apr 11, 2024
@pawarpranav83
ig testing framework
bebbcaa 
pkg/testing/command/command.go: code taken from integration/command.go at commit 18d52d8 ("Merge pull request inspektor-gadget#2605 from inspektor-gadget/citest/alban_pcomm")

Signed-off-by: pawarpranav83 <pawar.pranav83@gmail.com>
pawarpranav83 added a commit to pawarpranav83/inspektor-gadget that referenced this pull request Apr 14, 2024
@pawarpranav83
ig testing framework
57906c5 
pkg/testing/command/command.go: code taken from integration/command.go at commit 18d52d8 ("Merge pull request inspektor-gadget#2605 from inspektor-gadget/citest/alban_pcomm")

Signed-off-by: pawarpranav83 <pawar.pranav83@gmail.com>
pawarpranav83 added a commit to pawarpranav83/inspektor-gadget that referenced this pull request Apr 15, 2024
@pawarpranav83
ig testing framework
6b7e801 
pkg/testing/command/command.go: code taken from integration/command.go at commit 18d52d8 ("Merge pull request inspektor-gadget#2605 from inspektor-gadget/citest/alban_pcomm")

Signed-off-by: pawarpranav83 <pawar.pranav83@gmail.com>
pawarpranav83 added a commit to pawarpranav83/inspektor-gadget that referenced this pull request Apr 16, 2024
@pawarpranav83
ig testing framework
7aed4de 
pkg/testing/command/command.go: code taken from integration/command.go at commit 18d52d8 ("Merge pull request inspektor-gadget#2605 from inspektor-gadget/citest/alban_pcomm")

Signed-off-by: pawarpranav83 <pawar.pranav83@gmail.com>
pawarpranav83 added a commit to pawarpranav83/inspektor-gadget that referenced this pull request Apr 16, 2024
@pawarpranav83
ig testing framework
cdba40b 
pkg/testing/command/command.go: code taken from integration/command.go at commit 18d52d8 ("Merge pull request inspektor-gadget#2605 from inspektor-gadget/citest/alban_pcomm")

Signed-off-by: pawarpranav83 <pawar.pranav83@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eiffel-fl eiffel-fl eiffel-fl approved these changes

@mauriciovasquezbernal mauriciovasquezbernal Awaiting requested review from mauriciovasquezbernal mauriciovasquezbernal is a code owner

@blanquicet blanquicet Awaiting requested review from blanquicet blanquicet is a code owner

@mqasimsarfraz mqasimsarfraz Awaiting requested review from mqasimsarfraz mqasimsarfraz is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@alban @eiffel-fl @mauriciovasquezbernal