Metadata-Version: 1.1
Name: findProcessesUsing
Version: 2.0.1
Summary: Application which scans running processes on the system for given mappings (shared libraries, executables) or open file descriptors
Home-page: https://github.com/kata198/findProcessesUsing
Author: Tim Savannah
Author-email: kata198@gmail.com
License: LGPLv3
Description: findProcessesUsing
        ==================
        
        Scans all running applications on a host to identify those using a shared library, or an executable, some other mapping, or an open file descriptor.
        
        
        This application works on UNIX-derived systems (Linux, BSD, cygwin, etc). You can use it, for example, to scan for processes using a certain version of a shared library, or running under a certain interpreter. It can print a summarized view, or optionally print all matching mappings as well.
        
        This application can also scan for open files, either fully qualified or partially qualified.
        
        This could be paired with https://github.com/kata198/remote_copy_and_execute to do audits of running software/library usage across many machines on a network.
        
        
        You must be root to scan all running processes, otherwise this will only scan that which is running under your current user.
        
        
        **Usage**
        
        	Usage: findProcessesUsing (options) [search portion]
        
        	Searches all running processes for those containing a given mapping, or an open file (with -f).
        
        	Mappings include running executables (like python), or a shared library, or a device.
        
        
        		Options:
        
        		   -v or --verbose        Also print mapping lines containing the given pattern, or matched filenames when given -f.
        
        		   -e or --exact          Require exact match. Default is to allow partial matches
        
        		   -f                     Scan for open files instead of mappings. This should not be a symbolic link.
        
        		   --version              Print the version
        
        
        
        	Examples:
        
        	  findProcessesUsing libpython2.7             # Scan for any processes linking against anything containing "libpython2.7"
        
        	  findProcessesUsing -f /var/lib/data.db      # Scan for any processes with an open handle to "/var/lib/data.db"
        
        
        
        	It is recommended to run this process as root, otherwise you are only able to scan your own processes.
        
        
        
        **Example Usage**
        
        Scan for mappings of libc
        
        
        	]$ sudo findProcessesUsing libc | head -n 20 | tail -n5
        
        	Found libc in 803 (john) [ -bash  ]
        
        	Found libc in 1060 (john) [ /usr/lib/tracker/tracker-extract  ]
        
        	Found libc in 1062 (www) [ /usr/bin/httpd  ]
        
        	Found libc in 808 (frankl) [ /bin/sh /usr/bin/startx  ]
        
        	Found libc in 1065 (frankl) [ /usr/lib/tracker/tracker-miner-user-guides  ]
        
        
        
        Scan for open file descriptor of pty
        
        
        	]$ ./findProcessesUsing -f -v pty
        
        	Found pty {fd=0,1,2,31} in 2384 (user1) [ /bin/bash  ]
        
        
        				0 = "/dev/pty1"
        
        				1 = "/dev/pty1"
        
        				2 = "/dev/pty1"
        
        				31 = "/dev/pty1"
        
        
        	Found pty {fd=3} in 5732 (user1) [ SCREEN  ]
        
        
        				3 = "/dev/pty0"
        
        
        	Found pty {fd=0,1,2} in 6184 (user1) [ screen  ]
        
        
        				0 = "/dev/pty0"
        
        				1 = "/dev/pty0"
        
        				2 = "/dev/pty0"
        
        
        	Found pty {fd=0,1,2} in 5772 (user1) [ python  ]
        
        
        				0 = "/dev/pty2"
        
        				1 = "/dev/pty2"
        
        				2 = "/dev/pty2"
        
        
        	Found pty {fd=0,1,2,31} in 6672 (user1) [ -bash  ]
        
        
        				0 = "/dev/pty0"
        
        				1 = "/dev/pty0"
        
        				2 = "/dev/pty0"
        
        				31 = "/dev/pty0"
        
        
        
        	Found pty {fd=0,1,2,31} in 6072 (user1) [ /bin/bash  ]
        
        
        				0 = "/dev/pty3"
        
        				1 = "/dev/pty3"
        
        				2 = "/dev/pty3"
        
        				31 = "/dev/pty3"
        
        
        
        	Found pty {fd=0,1,2,31} in 4796 (user1) [ /bin/bash  ]
        
        
        
        				0 = "/dev/pty2"
        
        				1 = "/dev/pty2"
        
        				2 = "/dev/pty2"
        
        				31 = "/dev/pty2"
        
        
        
Keywords: find,process,using,so,mapping,scanner,unix,proc,mappings,lib,detect,executable,shared,object
Platform: UNKNOWN
Classifier: Development Status :: 5 - Production/Stable
Classifier: Programming Language :: Python
Classifier: License :: OSI Approved :: GNU General Public License v2 (GPLv2)
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
Classifier: Programming Language :: Python :: 3.3
Classifier: Programming Language :: Python :: 3.4
