Giters

dyne / Tomb

the Crypto Undertaker

Home Page:https://dyne.org/software/tomb

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

tomb ps output is broken

baryluk opened this issue · comments

commented 
user@debian:/media/secret$ 
tomb (*) Listing processes running inside all open tombs...
tomb  .  [secret] zsh/usr/bin/tombps (user)
cat: /proc/3252611/loginuid: No such file or directory
cat: /proc/3252611/cmdline: No such file or directory
tomb  .  [secret] root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
_apt
nobody
systemd-network
_galera
mysql
tss
epmd
fetchmail
systemd-coredump
Debian-exim
uuidd
debian-tor
iodine
messagebus
vnstat
nm-iodine
avahi-autoipd
usbmux
_aide
tcpdump
sshd
iperf3
_rpc
dnsmasq
statd
avahi
dictd
gpsd
speech-dispatcher
_flatpak
ntpsec
glances
lightdm
geoclue
sddm
smokeping
saned
polkitd
rtkit
colord
gnome-initial-setup
Debian-gdm
libvirt-qemu
nm-openvpn
nm-openconnect
fwupd-refresh
user (::3 owner::)
cat: /proc/3252614/loginuid: No such file or directory
cat: /proc/3252614/cmdline: No such file or directory
tomb  .  [secret] root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
_apt
nobody
systemd-network
_galera
mysql
tss
epmd
fetchmail
systemd-coredump
Debian-exim
uuidd
debian-tor
iodine
messagebus
vnstat
nm-iodine
avahi-autoipd
usbmux
_aide
tcpdump
sshd
iperf3
_rpc
dnsmasq
statd
avahi
dictd
gpsd
speech-dispatcher
_flatpak
ntpsec
glances
lightdm
geoclue
sddm
smokeping
saned
polkitd
rtkit
colord
gnome-initial-setup
Debian-gdm
libvirt-qemu
nm-openvpn
nm-openconnect
fwupd-refresh
user (::3 owner::)
cat: /proc/3252615/loginuid: No such file or directory
cat: /proc/3252615/cmdline: No such file or directory
tomb  .  [secret] root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
_apt
nobody
systemd-network
_galera
mysql
tss
epmd
fetchmail
systemd-coredump
Debian-exim
uuidd
debian-tor
iodine
messagebus
vnstat
nm-iodine
avahi-autoipd
usbmux
_aide
tcpdump
sshd
iperf3
_rpc
dnsmasq
statd
avahi
dictd
gpsd
speech-dispatcher
_flatpak
ntpsec
glances
lightdm
geoclue
sddm
smokeping
saned
polkitd
rtkit
colord
gnome-initial-setup
Debian-gdm
libvirt-qemu
nm-openvpn
nm-openconnect
fwupd-refresh
user (::3 owner::)
cat: /proc/3252616/loginuid: No such file or directory
cat: /proc/3252616/cmdline: No such file or directory
tomb  .  [secret] root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
_apt
nobody
systemd-network
_galera
mysql
tss
epmd
fetchmail
systemd-coredump
Debian-exim
uuidd
debian-tor
iodine
messagebus
vnstat
nm-iodine
avahi-autoipd
usbmux
_aide
tcpdump
sshd
iperf3
_rpc
dnsmasq
statd
avahi
dictd
gpsd
speech-dispatcher
_flatpak
ntpsec
glances
lightdm
geoclue
sddm
smokeping
saned
polkitd
rtkit
colord
gnome-initial-setup
Debian-gdm
libvirt-qemu
nm-openvpn
nm-openconnect
fwupd-refresh
user (::3 owner::)
cat: /proc/3252617/loginuid: No such file or directory
cat: /proc/3252617/cmdline: No such file or directory
tomb  .  [secret] root
daemon
bin
sys
sync
games
man
lp
mail
news
uucp
proxy
www-data
backup
list
irc
_apt
nobody
systemd-network
_galera
mysql
tss
epmd
fetchmail
systemd-coredump
Debian-exim
uuidd
debian-tor
iodine
messagebus
vnstat
nm-iodine
avahi-autoipd
usbmux
_aide
tcpdump
sshd
iperf3
_rpc
dnsmasq
statd
avahi
dictd
gpsd
speech-dispatcher
_flatpak
ntpsec
glances
lightdm
geoclue
sddm
smokeping
saned
polkitd
rtkit
colord
gnome-initial-setup
Debian-gdm
libvirt-qemu
nm-openvpn
nm-openconnect
fwupd-refresh
user (::3 owner::)
tomb  .  [secret] /bin/bash (user)
tomb  .  7 running processes found inside 1 open tombs
user@debian:/media/secret$

This mostly happens when the tomb ps itself, or other frequently forking processes are operating in that directory (i.e. as a current working directory).

When there are processes there, but they are idle and not doing fork/execve/exit, it mostly looks ok.

Looks like you should ignore error to open a file that might be gone by the time you try to open. Also rest of the output looks like some garbage from /etc/passwd or /etc/groups

Should look like this:

$ tomb ps
tomb (*) Listing processes running inside all open tombs...
tomb  .  [secret] /bin/bash (user)
tomb  .  [secret] /usr/bin/tomb (user)
tomb  .  2 running processes found inside 1 open tombs
$

Tomb 2.10.0 - a strong and gentle undertaker for your secrets

$ tomb -v
  Tomb 2.10.0 - a strong and gentle undertaker for your secrets

   Copyright (C) 2007-2021 Dyne.org Foundation, License GNU GPL v3+
   This is free software: you are free to change and redistribute it
   For the latest sourcecode go to <http://dyne.org/software/tomb>

   This source code is distributed in the hope that it will be useful,
   but WITHOUT ANY WARRANTY; without even the implied warranty of
   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
   When in need please refer to <http://dyne.org/support>.

  System utils:

  zsh 5.9 (x86_64-debian-linux-gnu)
  Sudo version 1.9.15p3
  cryptsetup 2.6.1 flags: UDEV BLKID KEYRING KERNEL_CAPI 
  pinentry-gnome3 (pinentry) 1.2.1
  findmnt from util-linux 2.39.3
  gpg (GnuPG) 2.2.40 - key forging algorithms (GnuPG symmetric ciphers):
  IDEA 3DES CAST5 BLOWFISH AES AES192 AES256 TWOFISH CAMELLIA128 CAMELLIA192 CAMELLIA256

  Optional utils:

  /usr/bin/gettext
  /usr/bin/dcfldd
  /usr/bin/shred
  /usr/bin/steghide
  /sbin/resize2fs
  /usr/libexec/tomb/tomb-kdb-pbkdf2
  /usr/bin/argon2
  /usr/bin/qrencode
  swish-e not found
  /usr/bin/unoconv
  /usr/bin/lsof
$ 

$ locale
LANG=en_US.UTF-8
LANGUAGE=
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=
commented

That is indeed suboptimal. And a interesting use-case if there is so much activity in the tomb?
Best would be if lsof could offer the information tomb wants to present, but don't know from the top of my head if that is possible.
If not then your proposed idea should help :)

commented

lsof can offer the information directly (which may of course be already obsolete): lsof +D "$tombmount" -F Lc.
Produces the following example output:

p1246
czsh
Lomnius
p124880
cSciTE
Lomnius

or lsof +D "$tombmount" -F Lc0

p1246czshLomnius
p124880cSciTELomnius

Could be in theory a replacement for the current structure. But I'm also not sure how to parse the output effectively in shell, but makes field identification really easy. awk would be the obvious candidate.. hm

Edit: Or just simply use the lsofoutput...