goldwarden/agent/sockets/callingcontext.go

59 lines
1.2 KiB
Go
Raw Normal View History

2023-07-17 04:23:26 +03:00
package sockets
import (
"net"
"os/user"
gops "github.com/mitchellh/go-ps"
"inet.af/peercred"
)
type CallingContext struct {
UserName string
ProcessName string
ParentProcessName string
GrandParentProcessName string
2023-09-12 19:56:35 +03:00
ProcessPid int
ParentProcessPid int
GrandParentProcessPid int
2023-07-17 04:23:26 +03:00
}
func GetCallingContext(connection net.Conn) CallingContext {
creds, err := peercred.Get(connection)
if err != nil {
panic(err)
}
pid, _ := creds.PID()
uid, _ := creds.UserID()
process, err := gops.FindProcess(pid)
ppid := process.PPid()
if err != nil {
panic(err)
}
2023-09-12 03:54:46 +03:00
2023-07-17 04:23:26 +03:00
parentProcess, err := gops.FindProcess(ppid)
if err != nil {
panic(err)
}
parentParentProcess, err := gops.FindProcess(parentProcess.PPid())
if err != nil {
panic(err)
}
username, err := user.LookupId(uid)
if err != nil {
panic(err)
}
return CallingContext{
UserName: username.Username,
ProcessName: process.Executable(),
ParentProcessName: parentProcess.Executable(),
GrandParentProcessName: parentParentProcess.Executable(),
2023-09-12 19:56:35 +03:00
ProcessPid: pid,
ParentProcessPid: ppid,
GrandParentProcessPid: parentParentProcess.PPid(),
2023-07-17 04:23:26 +03:00
}
}