I am in need of a way to retrieve all running processes for all users on a Mac (using Cocoa). I found an implementation to retrieve the process using sysctl, but I also need the running user. This is a snipping of what I've got to get the process list, but is there a way to modify it to include the user as well?
int err;
kinfo_proc * result;
bool done;
static const int name[] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0 };
size_t length;
// a valid pointer procList holder should be passed
assert( procList != NULL );
// But it should not be pre-allocated
assert( *procList == NULL );
// a valid pointer to procCount should be passed
assert( procCount != NULL );
*procCount = 0;
result = NULL;
done = false;
do
{
assert( result == NULL );
// Call sysctl with a NULL buffer to get proper length
length = 0;
err = sysctl((int *)name,(sizeof(name)/sizeof(*name))-1,NULL,&length,NULL,0);
if( err == -1 )
err = errno;
// Now, proper length is optained
if( err == 0 )
{
result = malloc(length);
if( result == NULL )
err = ENOMEM; // not allocated
}
if( err == 0 )
{
err = sysctl( (int *)name, (sizeof(name)/sizeof(*name))-1, result, &length, NULL, 0);
if( err == -1 )
err = errno;
if( err == 0 )
done = true;
else if( err == ENOMEM )
{
assert( result != NULL );
free( result );
result = NULL;
err = 0;
}
}
} while ( err == 0 && !done );
// Clean up and establish post condition
if( err != 0 && result != NULL )
{
free(result);
result = NULL;
}
*procList = result; // will return the result as procList
if( err == 0 )
*procCount = length / sizeof( kinfo_proc );
assert( (err == 0) == (*procList != NULL ) );
return err;
Note that the process list returned by sysctl(3) is an array of struct kinfo_proc. If you read kinfo_proc’s declaration, you’ll see that it has a kp_eproc member of type struct eproc, which in turn has an e_ucred member of type struct _ucred, which in turn has a cr_uid member of type uid_t, representing the effective user id of that process.
This means that you can use the chain
.kp_eproc.e_ucred.cr_uid
to obtain the id of the effective user. For example:
for (int i = 0; i < procCount; i++) {
printf("pid=%d, uid=%d\n",
procList[i].kp_proc.p_pid,
procList[i].kp_eproc.e_ucred.cr_uid);
}
If you want to convert the user id to a user name, you can use getpwuid(3) or its reentrant/thread-safe variant, getpwuid_r(3):
for (int i = 0; i < procCount; i++) {
struct passwd *user = getpwuid(procList[i].kp_eproc.e_ucred.cr_uid);
char *username = user ? user->pw_name : "getpwuid() failed";
printf("pid=%d, user=%s\n",
procList[i].kp_proc.p_pid,
username);
}
Here’s a sample program that lists all processes with their corresponding pids, effective uids and corresponding usernames:
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/sysctl.h>
#include <pwd.h>
int main(void) {
int err = 0;
struct kinfo_proc *proc_list = NULL;
size_t length = 0;
static const int name[] = { CTL_KERN, KERN_PROC, KERN_PROC_ALL, 0 };
// Call sysctl with a NULL buffer to get proper length
err = sysctl((int *)name, (sizeof(name) / sizeof(*name)) - 1, NULL, &length, NULL, 0);
if (err) goto ERROR;
// Allocate buffer
proc_list = malloc(length);
if (!proc_list) goto ERROR;
// Get the actual process list
err = sysctl((int *)name, (sizeof(name) / sizeof(*name)) - 1, proc_list, &length, NULL, 0);
if (err) goto ERROR;
int proc_count = length / sizeof(struct kinfo_proc);
// use getpwuid_r() if you want to be thread-safe
for (int i = 0; i < proc_count; i++) {
uid_t uid = proc_list[i].kp_eproc.e_ucred.cr_uid;
struct passwd *user = getpwuid(uid);
char *username = user ? user->pw_name : "user name not found";
printf("pid=%d, uid=%d, username=%s\n",
proc_list[i].kp_proc.p_pid,
uid,
username);
}
free(proc_list);
return EXIT_SUCCESS;
ERROR:
perror(NULL);
free(proc_list);
return EXIT_FAILURE;
}