[CENTOS] Read all the contents of proc / [pid] ~ from attr to cpuset ~

Overview

I would appreciate it if you could read the details in Read all the contents of proc / [pid].

# sleep 365d > /dev/null &
[1] 3792

# ls /proc/3792
attr             cwd       map_files   oom_adj        schedstat  task
autogroup        environ   maps        oom_score      sessionid  timers
auxv             exe       mem         oom_score_adj  setgroups  uid_map
cgroup           fd        mountinfo   pagemap        smaps      wchan
clear_refs       fdinfo    mounts      patch_state    stack
cmdline          gid_map   mountstats  personality    stat
comm             io        net         projid_map     statm
coredump_filter  limits    ns          root           status
cpuset           loginuid  numa_maps   sched          syscall

# cd /proc/3792

attr/

# ls attr/
current  exec  fscreate  keycreate  prev  sockcreate
# cat current
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
# cat prev
unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

It was an empty file except for current and prev. Upon examination, these files seem to be referenced by SELinux features. In Linux, you can manage read, write, and execute permissions for files and directories with a function called permissions, and an extension of that is a function called SELinux. It seems that it is managed by the value of SELinux context instead of permission.

It seems that current describes the SELinux context of this process itself, and prev describes the SELinux context of the immediately executed process. (It is not well understood) The SELinux context set in the file created by this process seems to be written in ʻexec, Since / proc / 3792 / exec` this time is an empty file, it seems to be created with the default value.

You can check the default value here.

# semanage login -l

Login Name           SELinux User         MLS/MCS Range        Service

__default__          unconfined_u         s0-s0:c0.c1023       *
root                 unconfined_u         s0-s0:c0.c1023       *
system_u             system_u             s0-s0:c0.c1023       *

I will study SELinux in the future.

autogroup

# cat autogroup
/autogroup-401 nice 0

It seems that the value used by the CPU for scheduling is described.

auxv

# ll | grep auxv
-r--------. 1 root root 0 Jan 12 05:09 auxv

# cat auxv
! Temple
     d@@Awa d

捐  beef ゚  class P  sucking

# od -x auxv
0000000 0021 0000 0000 0000 0000 9fbb 7fff 0000
0000020 0010 0000 0000 0000 fbff 1f8b 0000 0000
0000040 0006 0000 0000 0000 1000 0000 0000 0000
0000060 0011 0000 0000 0000 0064 0000 0000 0000
0000100 0003 0000 0000 0000 0040 0040 0000 0000
0000120 0004 0000 0000 0000 0038 0000 0000 0000
    ....

Contains ELF interpreter information passed to the process at run time. http://surf.ml.seikei.ac.jp/~nakano/JMwww/html/LDP_man-pages/man5/proc.5.html

And that. It seems that auxv is an auxiliary vector. I tried ʻodandhexdump, but I couldn't understand it because of the enumeration of numbers. Even if you hit file aux v, it will be displayed as ./auxv: empty`, probably because it is a special file. It seems that the purpose is to read through some function.

It seems that the executable file has a format called ELF. It seems that the header information is described. I didn't know how to fix the garbled characters.

cgroup

# cat cgroup
11:cpuset:/
10:blkio:/
9:devices:/user.slice
8:hugetlb:/
7:net_prio,net_cls:/
6:perf_event:/
5:memory:/
4:cpuacct,cpu:/
3:pids:/
2:freezer:/
1:name=systemd:/user.slice/user-1000.slice/session-89.scope

cgroup is a feature that allows you to set limits on processes. It seems that you can set the CPU usage rate and the upper limit of memory in detail. Upward compatible with autogroup. From left: Hierarchy ID number: Set of subsystems associated with the hierarchy: Control group in the hierarchy to which the process belongs That's right. Study required.

clear_refs

# cat clear_refs
cat: clear_refs: Invalid argument

I got angry when I cated.

# ll clear_refs
--w-------. 1 root root 0 Jan 11 06:40 clear_refs

I had only write privileges with root privileges. I opened it with vi clear_refs but it was an empty file. Refer to when measuring memory? It seems. I didn't understand too much.

Postscript

If the permissions are only for writing, such as -w -------, It is intended to do something by writing data to that file.

I received a comment. It seems that some operation is performed through this file. I want to be able to read the source code of the kernel? CentOS ?. cmdline

# cat cmdline
sleep365d

# tr \\0 _ < cmdline
sleep_365d_

The command executed when the process started. It seems that arguments (such as ls -l) are also displayed. The delimiter was \ 0 (NULL).

comm

# cat comm
sleep

The command name displayed by ps -c.

coredump_filter

# cat coredump_filter
00000033

It seems that it is a bit filter setting of the error that is thrown when the process terminates abnormally. I don't know what mask each 00000033 is.

spuset

# cat cpuset
/

It seems to be referenced by cgroup. I searched a lot, but I'm sorry.

Impressions

There were too many things I didn't understand. I'm worried if the article I tweet is meaningful if I don't understand it. In the first place, there were many contents such as "Is this item used now ...?", And I could not distinguish it. I definitely want to hold down the cgroup.

reference

http://blue-9.hatenadiary.com/entry/2017/03/14/212929 http://www.usupi.org/sysad/024.html http://man7.org/linux/man-pages/man5/proc.5.html https://www.atmarkit.co.jp/flinux/rensai/watch2007/watch10a.html https://access.redhat.com/documentation/ja-jp/red_hat_enterprise_linux/6/html/resource_management_guide/sec-cpuset https://blog.goo.ne.jp/tell14/e/d03e57fbe77a73f7991da7016824cfbf http://manpages.ubuntu.com/manpages/bionic/ja/man5/proc.5.html

Recommended Posts

Read all the contents of proc / [pid] ~ from attr to cpuset ~
Read all the contents of proc / [pid] ~ From setgroups to wchan ~
Read all the contents of proc / [pid] ~ From cwd to loginuid ~
Read all the contents of proc / [pid] ~ From map_files to numa_maps ~
Read all the contents of proc / [pid] ~ From oom_adj to sessionid ~
Read all the contents of proc / [pid]
Template of python script to read the contents of the file
After all, the story of returning from Linux to Windows
Change the decimal point of logging from, to.
From the introduction of pyethapp to the execution of contract
The story of moving from Pipenv to Poetry
The wall of changing the Django service from Python 2.7 to Python 3
DataNitro, implementation of function to read data from sheet
Also read the contents of arch / arm / kernel / swp_emulate.c
I read the Chainer reference (updated from time to time)
[Ubuntu] How to delete the entire contents of a directory
Analyzing user dissatisfaction very easily from the contents of inquiries
How to calculate the amount of calculation learned from ABC134-D
Settings to debug the contents of the library with VS Code
[Introduction to matplotlib] Read the end time from COVID-19 data ♬
Deploy Django + React from scratch to GKE: Table of Contents
How to see the contents of the Jupyter notebook ipynb file
The story of copying data from S3 to Google's TeamDrive
How to connect the contents of a list into a string
Simulation of the contents of the wallet
[Python] Try to graph from the image of Ring Fit [OCR]
[EC2] How to install chrome and the contents of each command
Output the contents of ~ .xlsx in the folder to HTML with Python
From the introduction of JUMAN ++ to morphological analysis of Japanese with Python
Create a function to get the contents of the database in Go
[Python] A program that rotates the contents of the list to the left
How to read the SNLI dataset
See the contents of Kumantic Segumantion
Supplement to the explanation of vscode
From the introduction of GoogleCloudPlatform Natural Language API to how to use it
About the order of learning programming languages (from beginner to intermediate) Part 2
Wikipedia goes from the era of writing to the era of creation ~ Automatic generation from Twitter
[Introduction to Python] How to sort the contents of a list efficiently with list sort
[Image recognition] How to read the result of automatic annotation with VoTT
How to compare if the contents of the objects in scipy.sparse.csr_matrix are the same
Setting to debug test by entering the contents of the library with pytest
Download all the images attached to the body of the pull request on Github
Get the song name from the title of the video you tried to sing
Use python's pixivpy to download all the works of a specific user from pixiv at once (including moving)