Hi!
I wrote this patch with the similar stuff like what FreeBSD got and
there it is. Please, if you want this fucntionally and more, let me
know so I can implement them for you.
Basically:
# sysctl -w kern.hide_others=1
and the most of other people's processes vanish, execpt for the root
user.
Thanks,
Bo Granlund
Index: kern/kern_sysctl.c
===================================================================
RCS file: /cvs/src/sys/kern/kern_sysctl.c,v
retrieving revision 1.369
diff -u -p -r1.369 kern_sysctl.c
--- kern/kern_sysctl.c 2 Jan 2020 08:52:53 -0000 1.369
+++ kern/kern_sysctl.c 23 Jan 2020 19:48:04 -0000
@@ -129,6 +129,7 @@ extern int audio_record_enable;
#endif
int allowkmem;
+int hide_others = 0;
int sysctl_diskinit(int, struct proc *);
int sysctl_proc_args(int *, u_int, void *, size_t *, struct proc *);
@@ -315,6 +316,7 @@ kern_sysctl(int *name, u_int namelen, vo
case KERN_WITNESS:
case KERN_AUDIO:
case KERN_CPUSTATS:
+ case KERN_HIDE_OTHERS:
break;
default:
return (ENOTDIR); /* overloaded */
@@ -336,6 +338,8 @@ kern_sysctl(int *name, u_int namelen, vo
return(sysctl_int(oldp, oldlenp, newp, newlen, &maxvnodes));
case KERN_MAXPROC:
return (sysctl_int(oldp, oldlenp, newp, newlen, &maxprocess));
+ case KERN_HIDE_OTHERS:
+ return (sysctl_int(oldp, oldlenp, newp, newlen, &hide_others));
case KERN_MAXFILES:
return (sysctl_int(oldp, oldlenp, newp, newlen, &maxfiles));
case KERN_NFILES:
@@ -1483,11 +1487,34 @@ sysctl_file(int *name, u_int namelen, ch
#define KERN_PROCSLOP 5
int
+p_cansee(struct process * pr, struct proc * p) {
+ struct ucred * u1, * u2;
+
+ u1 = pr->ps_ucred;
+ u2 = curproc->p_ucred;
+
+ /* Are we root? Root can see all proceses. */
+ if (u2->cr_uid == 0)
+ return (1);
+
+ //printf("p_cansee(): u1: %d u2: %d\n", u1->cr_uid, u2->cr_uid);
+
+ if (!hide_others)
+ return 1;
+ if (u1->cr_uid == u2->cr_uid) {
+ return 1;
+ }
+
+ return (0);
+}
+
+
+int
sysctl_doproc(int *name, u_int namelen, char *where, size_t *sizep)
{
struct kinfo_proc *kproc = NULL;
struct proc *p;
- struct process *pr;
+ struct process *pr, *t_pr;
char *dp;
int arg, buflen, doingzomb, elem_size, elem_count;
int error, needed, op;
@@ -1514,10 +1541,14 @@ sysctl_doproc(int *name, u_int namelen,
if (where != NULL)
kproc = malloc(sizeof(*kproc), M_TEMP, M_WAITOK);
- pr = LIST_FIRST(&allprocess);
+ t_pr = pr = LIST_FIRST(&allprocess);
doingzomb = 0;
again:
for (; pr != NULL; pr = LIST_NEXT(pr, ps_list)) {
+ if (hide_others && !p_cansee(pr, pr->ps_mainproc)) {
+ continue;
+ }
+
/* XXX skip processes in the middle of being zapped */
if (pr->ps_pgrp == NULL)
continue;
Index: sys/sysctl.h
===================================================================
RCS file: /cvs/src/sys/sys/sysctl.h,v
retrieving revision 1.199
diff -u -p -r1.199 sysctl.h
--- sys/sysctl.h 24 Dec 2019 13:13:54 -0000 1.199
+++ sys/sysctl.h 23 Jan 2020 19:48:04 -0000
@@ -189,7 +189,8 @@ struct ctlname {
#define KERN_PFSTATUS 86 /* struct: pf status and stats
*/
#define KERN_TIMEOUT_STATS 87 /* struct: timeout status and
stats */
#define KERN_UTC_OFFSET 88 /* int: adjust RTC time to UTC
*/
-#define KERN_MAXID 89 /* number of valid kern ids */
+#define KERN_HIDE_OTHERS 89 /* Show other people's processes */
+#define KERN_MAXID 90 /* number of valid kern ids */
#define CTL_KERN_NAMES { \
{ 0, 0 }, \
@@ -281,6 +282,7 @@ struct ctlname {
{ "pfstatus", CTLTYPE_STRUCT }, \
{ "timeout_stats", CTLTYPE_STRUCT }, \
{ "utc_offset", CTLTYPE_INT }, \
+ { "hide_others", CTLTYPE_INT }, \
}
/*
