英文:
Filter processes in Go
问题
我有一个Go脚本,从配置文件中获取用户输入,并执行类似这样的命令:ps -ef | grep <USER_INPUT>。该脚本的目的是从Java进程中收集应用程序监控信息。为了收集这些信息,用户需要告诉Go脚本他们想要从哪些进程中收集这些信息。
在当前的实现中,如果我将输入设置为java,那么脚本将执行ps -ef | grep java命令,并返回所有包含关键词java的进程。然后,脚本将从这些进程中收集监控信息。
现在,我想改进逻辑以实现以下场景:
- 查找具有给定用户名的进程
- 查找匹配特定关键词的进程
- 忽略匹配特定关键词的进程
假设我在服务器上运行了以下4个进程:
user1 2683 1 0 Dec03 ? 00:06:28 java -Xms2g -Xmx48g -DlogDir=. -DuploadDir=. -jar webapp-runner-8.0.33.4.jar -AconnectionTimeout=3600000 --port 8080 app1.war
user2 26568 1 1 06:32 pts/3 00:00:32 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9010 app2.war
user3 89568 1 1 06:32 pts/3 00:00:28 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9020 app3.war
user2 12657 1 22 Nov21 ? 1-05:51:45 java -Xmx1g -jar entrypoint.jar MS_ENV=dev MS_NAME=dev-cron MS_ID= MS_CLASS=com.test.cron.Cron
现在假设我想从属于用户user2和user3的进程中收集监控信息,从匹配关键词java的进程中收集监控信息,并忽略匹配关键词cron的进程。
输出应该是:
user2 26568 1 1 06:32 pts/3 00:00:32 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9010 app2.war
user3 89568 1 1 06:32 pts/3 00:00:28 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9020 app3.war
是否可以将正则表达式或其他命令作为用户输入来实现这一点?有人可以帮我解决这个问题吗?
英文:
I have a Go script that takes user input from the config file and executes a command like this ps -ef | grep <USER_INPUT>. The purpose of this script is to collect application monitoring information from the java processes. In order to collect this information, the user needs to tell the go script from which processes they want to collect this information.
In the current implementation, if I pass input java as user input then the script is executing ps -ef | grep java command and returning all processes where the word java matches. Next, the script is collecting monitoring information from all these processes.
Now I want to enhance the logic to achieve the below scenario:
- Find processes with the given username
- Find processes where a particular word matches
- Ignore processes where a particular word matches
Let's say I have the following 4 processes running on my server:
user1 2683 1 0 Dec03 ? 00:06:28 java -Xms2g -Xmx48g -DlogDir=. -DuploadDir=. -jar webapp-runner-8.0.33.4.jar -AconnectionTimeout=3600000 --port 8080 app1.war
user2 26568 1 1 06:32 pts/3 00:00:32 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9010 app2.war
user3 89568 1 1 06:32 pts/3 00:00:28 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9020 app3.war
user2 12657 1 22 Nov21 ? 1-05:51:45 java -Xmx1g -jar entrypoint.jar MS_ENV=dev MS_NAME=dev-cron MS_ID= MS_CLASS=com.test.cron.Cron
Now say from the above processes, I want to collect monitoring information from the processes that are owned by a user user2 and user3, from the processes where the word java matches, and ignore processes where word cron matches.
The output should be:
user2 26568 1 1 06:32 pts/3 00:00:32 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9010 app2.war
user3 89568 1 1 06:32 pts/3 00:00:28 java -Xms2g -Xmx12g -DlogDir=. -DuploadDir=. -jar webapp-runner-9.0.31.0.jar -AconnectionTimeout=3600000 --port 9020 app3.war
Is it possible to pass regex or any other command as user input to achieve this? Can someone please help me out with this?
答案1
得分: 2
将用户输入传递给命令行工具是一个巨大的安全隐患,如果用户不可信任。最好的方法是调用ps -ef(静态调用,而不是使用用户输入),然后使用正则表达式库自己进行匹配。
另外,如果你已经在编写Go程序,你可以考虑直接从/proc获取所需的数据,或者使用像go-ps这样的库。这样可以避免解析面向人类的输出,直接获取计算机可读的数据。(然而,这取决于你的使用场景)
英文:
Passing user input to a command line tool is a big security no-no of the user is not trused. You are better of by calling ps -ef (statically not with user input), and then applying a regex yourself using the regexp library.
Alternatively, if you are writing a Go program anyway, you might consider getting the data you need directly from /proc, or use a library like go-ps. This saves you having to parse output that is meant for humans and directly get computer readable data. (However this depends on you usecase)
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论