Re: looking for packages versions of running daemons
On Thu, Sep 10, 2009 at 4:21 PM, Israel Garcia <igalvarez@gmail.com> wrote:
>>>case ruby. See below:
> Hi Cameron,
>
>>
>> Ok. Here's version 2. Fixes are:
>> * Sorted the output by port number and removed duplicates. Duplicates
>> happen when a daemon listens on multiple IP addresses (samba is one).
>> * Skip non-existent processes
>> * remove (delete) from the end of readlink paths. This may happen if a
>> package has been upgraded and the old exe deleted.
>> * Use argv[0] if its an executable instead of /proc/pid/exe. This
>> makes daemons that are running under interpretters (perl, ruby, etc)
>> identified properly. In my case, postgrey failed, as a perl process.
>> * Ignore dpkg -S errors, and write a shorter line if there is no
>> package for the process.
>>
>>>Ruby was compile from source, How can I modify this script to remove
>>>this error or better run -v option on daemons not installed by APT.
>>
>> What do you mean by -v option? If you mean run the exe with -v to get
>> the version, that could easily fail and do unpredictable things, as -v
>> is not standardised as a way to get the version of a program.
>
> Right, forget -v option :-)
>
>>
>> netstat -lntup \
>> | awk '/^tcp/ { print $4"/"$1, $7 } /^udp/ { print $4"/"$1, $6 }' \
>> | sed -n 's|^[^ ]*:\([^ ]*\) \([0-9]*\)/.*|\1 \2|p' \
>> | sort -nu \
>> | while read port pid ; do
>> [ -d /proc/$pid ] || continue
>> bin=$(xargs -n 1 -0 echo < /proc/$pid/cmdline | awk '{print
>> $1 ; exit}')
>> [ -x "$bin" ] || bin=$(readlink /proc/$pid/exe | sed 's/
>> (deleted)//')
>> pkg=$(dpkg -S $bin 2>/dev/null | cut -d: -f1)
>> [ -n "$pkg" ] || { echo "$bin on port $port"; continue; }
>> version=$(dpkg-query -W --showformat='${Version}' $pkg)
>> latest=$version
>> latest=$(apt-cache show -a $pkg | grep "^Version:" | { while
>> read x ver ; do
>> if dpkg --compare-versions $latest lt $ver ; then
>> latest=$ver
>> fi
>> done ; echo $latest; } )
>> echo -n "$bin on port $port from package $pkg (version
>> $version"
>> if [ $latest != $version ] ; then
>> echo -n ", $latest available"
>> fi
>> echo ")"
>> done
>>
> Well, this is the output of "version 2" in my case:
> Server:/usr/local/bin# check3.sh
> /usr/sbin/sshd on port 22/tcp from package openssh-server (version 1:5.1p1-5)
> /usr/lib/postfix/master on port 25/tcp from package postfix (version 2.5.5-1.1)
> xargs: echo: terminated by signal 13
> /usr/sbin/monit on port 80/tcp from package monit (version 1:5.0.3-3)
> xargs: echo: terminated by signal 13
> /usr/sbin/mysqld on port 3306/tcp from package mysql-server-5.0
> (version 5.0.51a-24+lenny2)
> xargs: echo: terminated by signal 13
> /opt/splunk/bin/python2.6 on port 8000/tcp from package splunk
> (version 4.0.3-65638)
> xargs: echo: terminated by signal 13
> /opt/splunk/bin/splunkd on port 8089/tcp from package splunk (version
> 4.0.3-65638)
> xargs: echo: terminated by signal 13
> /usr/local/bin/ruby on port 10000/tcp
> xargs: echo: terminated by signal 13
> /usr/local/bin/ruby on port 10001/tcp
> xargs: echo: terminated by signal 13
> /usr/local/bin/ruby on port 10002/tcp
> xargs: echo: terminated by signal 13
> /usr/sbin/collectd on port 32918/udp from package collectd (version 4.7.2-1)
>
> is this "xargs: echo: terminated by signal 13" the output it should be?
Probably, substituting:
bin=$(xargs -n 1 -0 echo < /proc/$pid/cmdline | awk '{print $1 ; exit}')
with
bin=$(awk '{print $1; exit}' /proc/$pid/cmdline)
will solved the issue
But I'm not sure why Cameron used xargs in this case.
Regards,
Reply to: