r00t2/go_sysutils
1
0
Fork 0
Code Issues Pull Requests Projects Releases Activity

Compare commits

base: r00t2:v1.15.1
Branches Tags
r00t2:master r00t2:wip_envs_staticenv
r00t2:v1.16.2 r00t2:v1.16.1 r00t2:v1.16.0 r00t2:v1.15.1 r00t2:v1.15.0 r00t2:v1.14.5 r00t2:v1.14.4 r00t2:v1.14.3 r00t2:v1.14.2 r00t2:v1.14.1 r00t2:v1.14.0 r00t2:v1.13.3 r00t2:v1.13.2 r00t2:v1.9.1 r00t2:v1.13.1 r00t2:v1.13.0 r00t2:v1.12.0 r00t2:v1.11.0 r00t2:v1.10.1 r00t2:v1.10.0 r00t2:v1.9.0 r00t2:v1.8.2 r00t2:v1.8.1 r00t2:v1.8.0 r00t2:v1.7.1 r00t2:v1.7.0 r00t2:v1.6.0 r00t2:v1.5.1 r00t2:v1.5.0 r00t2:v1.4.1 r00t2:v1.4.0 r00t2:v1.3.0 r00t2:v1.2.0 r00t2:v1.1.4 r00t2:v1.1.3 r00t2:v1.1.2 r00t2:v1.1.1 r00t2:v1.1.0 r00t2:v1.0.1 r00t2:v1.0.0
..
compare: r00t2:v1.16.2
Branches Tags
r00t2:master r00t2:wip_envs_staticenv
r00t2:v1.16.2 r00t2:v1.16.1 r00t2:v1.16.0 r00t2:v1.15.1 r00t2:v1.15.0 r00t2:v1.14.5 r00t2:v1.14.4 r00t2:v1.14.3 r00t2:v1.14.2 r00t2:v1.14.1 r00t2:v1.14.0 r00t2:v1.13.3 r00t2:v1.13.2 r00t2:v1.9.1 r00t2:v1.13.1 r00t2:v1.13.0 r00t2:v1.12.0 r00t2:v1.11.0 r00t2:v1.10.1 r00t2:v1.10.0 r00t2:v1.9.0 r00t2:v1.8.2 r00t2:v1.8.1 r00t2:v1.8.0 r00t2:v1.7.1 r00t2:v1.7.0 r00t2:v1.6.0 r00t2:v1.5.1 r00t2:v1.5.0 r00t2:v1.4.1 r00t2:v1.4.0 r00t2:v1.3.0 r00t2:v1.2.0 r00t2:v1.1.4 r00t2:v1.1.3 r00t2:v1.1.2 r00t2:v1.1.1 r00t2:v1.1.0 r00t2:v1.0.1 r00t2:v1.0.0

3 Commits
v1.15.1 ... v1.16.2

Author SHA1 Message Date
brent saner
d248d72b5a v1.16.2 
BUMPED:
* deps resynced to goutils
 2026-01-30 20:23:35 -05:00
brent saner
002067d3ac v1.16.1 
FIXED:
* Some IDState things on *NIX-likes that have no clue what they're doing
 2026-01-30 06:37:44 -05:00
brent saner
ed44eb6230 v1.16.0 
ADDED:
* Dummy implementation for IDState on Windows
 2026-01-29 06:05:13 -05:00
14 changed files with 246 additions and 23 deletions
Expand all files Collapse all files

19
chkplat.sh Executable file
View File

@@ -0,0 +1,19 @@
#!/bin/bash
# go tool dist list for all valid GOOS/GOARCH targets.
for tgt in $(go tool dist list);
do
o="$(echo ${tgt} | cut -f1 -d '/')"
a="$(echo ${tgt} | cut -f2 -d '/')"
out="$(env GOOS=${o} GOARCH=${a} go build ./... 2>&1)"
ret=${?}
if [ $ret -ne 0 ];
then
echo "OS: ${o}"
echo "ARCH: ${a}"
echo "${out}"
echo
echo
fi
done

8
doc_nix.go Normal file
View File

@@ -0,0 +1,8 @@
//go:build !(windows || plan9 || wasip1 || js || ios)
/*
Package sysutils provides [IDState], a collection of process information as it relates to user/group access/membership.
Take note that this module's main functionality is in its child packages.
*/
package sysutils

9
doc_windows.go Normal file
View File

@@ -0,0 +1,9 @@
/*
Package sysutils provides [IDState], a collection of process information as it relates to user/group access/membership.
NOTE: an [IDState], and all the functions/methods thereof, are fairly useless on Windows as all methods are NO-OPs and
[GetIDState]/[GetIDStateProc] just return an empty [IDState]. It is primarily provided on Windows for easier cross-platform development.
Take note that this module's main functionality is in its child packages.
*/
package sysutils

2
funcs_idstate_nix.go
View File

@@ -140,7 +140,7 @@ func (i *IDState) PPIDUIDsChecked() (checked bool) {
return return
} }
// SudoChecked is true if SudoEnvVars can be trusted // SudoChecked is true if SudoEnvVars can be trusted.
func (i *IDState) SudoChecked() (checked bool) { func (i *IDState) SudoChecked() (checked bool) {
if i == nil { if i == nil {

72
funcs_idstate_windows.go Normal file
View File

@@ -0,0 +1,72 @@
//go:build windows
package sysutils
// Checked consolidates all the provided checked functions. This is a NO-OP on Windows.
func (i *IDState) Checked() (checked bool) {
return
}
/*
IsReal consolidates all the elevation/dropped-privs checks into a single method.
This is a NO-OP on Windows.
*/
func (i *IDState) IsReal(real bool) {
return
}
/*
IsSudoGroup is true if any of the group sudo env vars are set,
or the parent process has a different group (and is not PID 1).
This is a NO-OP on Windows.
*/
func (i *IDState) IsSudoGroup() (sudo bool) {
return
}
/*
IsSudoUser is true if any of the user sudo env vars are set,
or the parent process has a different owner (and is not PID 1).
This is a NO-OP on Windows.
*/
func (i *IDState) IsSudoUser() (sudo bool) {
return
}
// IsSuid is true if the RUID does not match EUID or SUID. This is a NO-OP on Windows.
func (i *IDState) IsSuid() (suid bool) {
return
}
// IsSgid is true if the RGID does not match EGID or SGID. This is a NO-OP on Windows.
func (i *IDState) IsSgid() (sgid bool) {
return
}
// GIDsChecked is true if the GIDs presented can be trusted. This is a NO-OP on Windows.
func (i *IDState) GIDsChecked() (checked bool) {
return
}
// PPIDGIDsChecked is true if PPIDGidMatch can be trusted. This is a NO-OP on Windows.
func (i *IDState) PPIDGIDsChecked() (checked bool) {
return
}
// PPIDUIDsChecked is true if PPIDUidMatch can be trusted. This is a NO-OP on Windows.
func (i *IDState) PPIDUIDsChecked() (checked bool) {
return
}
// SudoChecked is true if SudoEnvVars can be trusted. This is a NO-OP on Windows.
func (i *IDState) SudoChecked() (checked bool) {
return
}
// UIDsChecked is true if the UIDs presented can be trusted. This is a NO-OP on Windows.
func (i *IDState) UIDsChecked() (checked bool) {
return
}

8
funcs_nix.go
View File

@@ -7,7 +7,7 @@ import (
`math` `math`
"os" "os"
`github.com/shirou/gopsutil/v3/process` `github.com/shirou/gopsutil/v4/process`
"golang.org/x/sys/unix" "golang.org/x/sys/unix"
"r00t2.io/sysutils/envs" "r00t2.io/sysutils/envs"
`r00t2.io/sysutils/errs` `r00t2.io/sysutils/errs`
@@ -19,9 +19,9 @@ func GetIDState() (ids IDState) {
var err error var err error
ids.RUID, ids.EUID, ids.SUID = unix.Getresuid() ids.RUID, ids.EUID, ids.SUID = getresuid()
ids.uidsChecked = true ids.uidsChecked = true
ids.RGID, ids.EGID, ids.SGID = unix.Getresgid() ids.RGID, ids.EGID, ids.SGID = getresgid()
ids.gidsChecked = true ids.gidsChecked = true
ids.SudoEnvCmd = envs.HasEnv(envSudoCmd) ids.SudoEnvCmd = envs.HasEnv(envSudoCmd)
@@ -59,7 +59,7 @@ func GetIDState() (ids IDState) {
func GetIDStateProc(pid uint32) (ids IDState, err error) { func GetIDStateProc(pid uint32) (ids IDState, err error) {
var i32 int32 var i32 int32
var ints []int32 var ints []uint32
var sudoUid bool var sudoUid bool
var sudoUname bool var sudoUname bool
var proc *process.Process var proc *process.Process

31
funcs_nix_noresuid.go Normal file
View File

@@ -0,0 +1,31 @@
//go:build !(windows || plan9 || wasip1 || js || ios) && (aix || darwin || dragonfly || freebsd || illumos || netbsd || solaris)
package sysutils
import (
`golang.org/x/sys/unix`
)
// getresgid spoofs unix.Getresgid, as this file targets platforms that do not support it.
func getresgid() (rgid, egid, sgid int) {
// rgid, egid, sgid = unix.Getresgid()
rgid = unix.Getgid()
egid = unix.Getegid()
sgid = -1
return
}
// getresuid spoofs unix.Getresuid, as this file targets platforms that do not support it.
func getresuid() (ruid, euid, suid int) {
// ruid, euid, suid = unix.Getresuid()
ruid = unix.Getuid()
euid = unix.Geteuid()
suid = -1
return
}

23
funcs_nix_resuid.go Normal file
View File

@@ -0,0 +1,23 @@
//go:build !(windows || plan9 || wasip1 || js || ios) && !(aix || darwin || dragonfly || freebsd || illumos || netbsd || solaris)
package sysutils
import (
`golang.org/x/sys/unix`
)
// getresgid wraps unix.Getresgid, as this file targets platforms that fully support it.
func getresgid() (rgid, egid, sgid int) {
rgid, egid, sgid = unix.Getresgid()
return
}
// getresuid wraps unix.Getresuid, as this file targets platforms that fully support it.
func getresuid() (ruid, euid, suid int) {
ruid, euid, suid = unix.Getresuid()
return
}

13
funcs_windows.go Normal file
View File

@@ -0,0 +1,13 @@
//go:build windows
package sysutils
// GetIDState returns current ID/elevation information. This is a NO-OP on Windows.
func GetIDState() (ids IDState) {
return
}
// GetIDStateProc is like GetIDState but for an arbitrary PID. This is a NO-OP on Windows.
func GetIDStateProc(pid uint32) (ids IDState, err error) {
return
}

8
go.mod
View File

@@ -6,12 +6,11 @@ require (
github.com/davecgh/go-spew v1.1.1 github.com/davecgh/go-spew v1.1.1
github.com/djherbis/times v1.6.0 github.com/djherbis/times v1.6.0
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510
github.com/shirou/gopsutil/v3 v3.24.5 github.com/shirou/gopsutil/v4 v4.25.12
github.com/shirou/gopsutil/v4 v4.25.11
golang.org/x/sync v0.19.0 golang.org/x/sync v0.19.0
golang.org/x/sys v0.39.0 golang.org/x/sys v0.40.0
honnef.co/go/augeas v0.0.0-20161110001225-ca62e35ed6b8 honnef.co/go/augeas v0.0.0-20161110001225-ca62e35ed6b8
r00t2.io/goutils v1.14.0 r00t2.io/goutils v1.16.6
) )
require ( require (
@@ -19,7 +18,6 @@ require (
github.com/go-ole/go-ole v1.3.0 // indirect github.com/go-ole/go-ole v1.3.0 // indirect
github.com/lufia/plan9stats v0.0.0-20251013123823-9fd1530e3ec3 // indirect github.com/lufia/plan9stats v0.0.0-20251013123823-9fd1530e3ec3 // indirect
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 // indirect
github.com/shoenig/go-m1cpu v0.1.7 // indirect
github.com/tklauser/go-sysconf v0.3.16 // indirect github.com/tklauser/go-sysconf v0.3.16 // indirect
github.com/tklauser/numcpus v0.11.0 // indirect github.com/tklauser/numcpus v0.11.0 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect github.com/yusufpapurcu/wmi v1.2.4 // indirect

16
go.sum
View File

@@ -17,14 +17,8 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU= github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55 h1:o4JXh1EVt9k/+g42oCprj/FisM4qX9L3sZB3upGN2ZU=
github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE= github.com/power-devops/perfstat v0.0.0-20240221224432-82ca36839d55/go.mod h1:OmDBASR4679mdNQnz2pUhc2G8CO2JrUAVFDRBDP/hJE=
github.com/shirou/gopsutil/v3 v3.24.5 h1:i0t8kL+kQTvpAYToeuiVk3TgDeKOFioZO3Ztz/iZ9pI= github.com/shirou/gopsutil/v4 v4.25.12 h1:e7PvW/0RmJ8p8vPGJH4jvNkOyLmbkXgXW4m6ZPic6CY=
github.com/shirou/gopsutil/v3 v3.24.5/go.mod h1:bsoOS1aStSs9ErQ1WWfxllSeS1K5D+U30r2NfcubMVk= github.com/shirou/gopsutil/v4 v4.25.12/go.mod h1:EivAfP5x2EhLp2ovdpKSozecVXn1TmuG7SMzs/Wh4PU=
github.com/shirou/gopsutil/v4 v4.25.11 h1:X53gB7muL9Gnwwo2evPSE+SfOrltMoR6V3xJAXZILTY=
github.com/shirou/gopsutil/v4 v4.25.11/go.mod h1:EivAfP5x2EhLp2ovdpKSozecVXn1TmuG7SMzs/Wh4PU=
github.com/shoenig/go-m1cpu v0.1.7 h1:C76Yd0ObKR82W4vhfjZiCp0HxcSZ8Nqd84v+HZ0qyI0=
github.com/shoenig/go-m1cpu v0.1.7/go.mod h1:KkDOw6m3ZJQAPHbrzkZki4hnx+pDRR1Lo+ldA56wD5w=
github.com/shoenig/test v1.7.0 h1:eWcHtTXa6QLnBvm0jgEabMRN/uJ4DMV3M8xUGgRkZmk=
github.com/shoenig/test v1.7.0/go.mod h1:UxJ6u/x2v/TNs/LoLxBNJRV9DiwBBKYxXSyczsBHFoI=
github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U=
github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U=
github.com/tklauser/go-sysconf v0.3.16 h1:frioLaCQSsF5Cy1jgRBrzr6t502KIIwQ0MArYICU0nA= github.com/tklauser/go-sysconf v0.3.16 h1:frioLaCQSsF5Cy1jgRBrzr6t502KIIwQ0MArYICU0nA=
@@ -39,11 +33,9 @@ golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7w
golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220615213510-4f61da869c0c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk= golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
honnef.co/go/augeas v0.0.0-20161110001225-ca62e35ed6b8 h1:FW42yWB1sGClqswyHIB68wo0+oPrav1IuQ+Tdy8Qp8E= honnef.co/go/augeas v0.0.0-20161110001225-ca62e35ed6b8 h1:FW42yWB1sGClqswyHIB68wo0+oPrav1IuQ+Tdy8Qp8E=
honnef.co/go/augeas v0.0.0-20161110001225-ca62e35ed6b8/go.mod h1:44w9OfBSQ9l3o59rc2w3AnABtE44bmtNnRMNC7z+oKE= honnef.co/go/augeas v0.0.0-20161110001225-ca62e35ed6b8/go.mod h1:44w9OfBSQ9l3o59rc2w3AnABtE44bmtNnRMNC7z+oKE=
r00t2.io/goutils v1.14.0 h1:mvEiJLrTy/hx7ZX2TzCm/y0be2TcTu822m++qsSQGLc=
r00t2.io/goutils v1.14.0/go.mod h1:68jkIl/QYxEEVmVz8k1a7QI9vAA4faQUIcjSHSbtgHw=

11
paths/TODO
View File

@@ -1 +1,12 @@
- search criteria should *also* support a timestamp range (e.g. so a search can be restricted to both older than AND newer than; e.g. older than 00:00, newer than 01:00) - search criteria should *also* support a timestamp range (e.g. so a search can be restricted to both older than AND newer than; e.g. older than 00:00, newer than 01:00)
- need an ExpandHomeSys (...which will change ExpandHome behavior, if it switches to path instead of path/filepath...)
-- Should probably split out to a separate module or branch to v2.
-- separate module:
--- r00t2.io/paths/
<generic>
gopath/
<generic path separator - forward slash>
syspath/
<os.PathSeparator>
I could consolidate a LOT of code if I use a struct that has a mode (or typed against different separators?) etc. but...

11
types_nix.go
View File

@@ -11,7 +11,16 @@ IDState collects information about the current running process.
It should only be used as returned from GetIDState(). It should only be used as returned from GetIDState().
Its methods WILL return false information if any of these values are altered. Its methods WILL return false information if any of these values are altered.
FSUID/FSGID are not supported. FSUID/FSGID are not currently supported.
Currently, macOS (and FreeBSD, and a couple others) will not populate:
* SUID
* SGID
due to Apple in their "infinite wisdom" allowing you to *set* these
but exposing no direct syscall whatsoever to *retrieve* them.
Enjoy your crippled OS, fanboys.
*/ */
type IDState struct { type IDState struct {
// RUID: Real UID // RUID: Real UID

38
types_windows.go Normal file
View File

@@ -0,0 +1,38 @@
//go:build windows
package sysutils
/*
IDState on *NIX-like platforms collects information about the current running process.
However, it is only present as a sort of dummy on Windows to make cross-platform development easier.
Do not expect any sort of usefulness from this struct on Windows other than parsing an IDState generated on *NIX.
*/
type IDState struct {
// RUID: Real UID
RUID int
// EUID: Effective UID
EUID int
// SUID: Saved Set UID
SUID int
// RGID: Real GID
RGID int
// EGID: Effective GID
EGID int
// SGID: Saved Set GID
SGID int
// SudoEnvUser is true if SUDO_USER or SUDO_UID is set.
SudoEnvUser bool
// SudoEnvGroup is true if SUDO_GID is set.
SudoEnvGroup bool
// SudoEnvCmd is true if SUDO_COMMAND is set.
SudoEnvCmd bool
// SudoEnvHome is true if SUDO_HOME is set.
SudoEnvHome bool
// SudoEnvVars is true if any of the "well-known" sudo environment variables are set.
SudoEnvVars bool
// PPIDUidMatch is true if the parent PID UID matches the current process UID (mismatch usually indicates sudo invocation).
PPIDUidMatch bool
// PPIDGidMatch is true if the parent PID GID matches the current process GID (mismatch usually indicates sudo invocation).
PPIDGidMatch bool
}