System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Gather environment variables for arbitrary process

PalmerScott
Occasional Visitor

Gather environment variables for arbitrary process

More of a Perl programmer than HP-UX Sys Admin.

 

There are a few posts related to this, but, none of the answer work for me, yet.

 

I am in the situation of determining security compliance for a  number of machines.  The rule set I must check includes checking the environment variables for arbitrary processes.  I don't know what process will be the target until the rule is read.  So, I must collect the environment vars for a give process on the fly.

 

On other operating systems, this is trivial.  I don't see a direct way to do it on HP-UX.   I'm usually on 11.31, but, this chore needs to work on recent versions of HP-UX.

 

I hoped pstat_getproc would work, but, it does not return what would be considered the env vars.

 

Ideas?

 

5 REPLIES
Patrick Wallek
Honored Contributor

Re: Gather environment variables for arbitrary process

To do this you will have to use the 'gdb' command to query the process.

 

I elected to do this against PID 2965, which is an httpd process.

 

To invoke 'gdb'  against a specific PID you use the '-p' option.

 

# gdb -p 2965

 

Once you are at the "(gdb)" prompt you type in:

 

(gdb) p ((char**)_environ)[0]@30

 

The "@30" is the number of environment variables that it will return.  To increase the number of variables returned just increase the number.  If you get a "Error reading address" then there isn't an variable at that address.

 

Here is the complete log of my testing with gdb:

 

# gdb -p 2965
HP gdb 6.2 for HP Itanium (32 or 64 bit) and target HP-UX 11iv2 and 11iv3.
Copyright 1986 - 2011 Free Software Foundation, Inc.
Hewlett-Packard Wildebeest 6.2 (based on GDB) is covered by the
GNU General Public License. Type "show copying" to see the conditions to
change it and/or distribute copies. Type "show warranty" for warranty/support.

Attaching to process 2965
Reading symbols from /opt/hpws/apache/bin/httpd...done.
0xc000000000552650:0 in _accept_sys+0x30 () from /usr/lib/hpux64/libc.so.1
(gdb) p ((char**)_environ)[0]@30
$1 = {0x9ffffffffffffc38 "_=/opt/hpws/apache/bin/httpd",
  0x9ffffffffffffc55 "SENDMAIL_SERVER=1", 0x9ffffffffffffc67 "DDFA=0",
  0x9ffffffffffffc6e "SNMP_MASTER_START=0",
  0x9ffffffffffffc82 "MROUTED_ARGS=",
  0x9ffffffffffffc90 "SHLIB_PATH=/opt/hpws/apache/lib:/opt/hpws/apache/lib/LDAP:", 0x9ffffffffffffccb "PATH=/usr/sbin:/usr/bin:/sbin",
  0x9ffffffffffffce9 "XNTPD_ARGS=-l /var/adm/xntpd.log",
  0x9ffffffffffffd0a "DHCPV6CLNTD_ARGS=", 0x9ffffffffffffd1c "XNTPD=1",
  0x9ffffffffffffd24 "SNMP_TRAPDEST_START=0",
  0x9ffffffffffffd3a "INETD_ARGS=",
  0x9ffffffffffffd46 "MIPARMS=-fileio_traces -p",
  0x9ffffffffffffd60 "TFTPD_STANDALONE_START=0",
  0x9ffffffffffffd79 "MROUTED=0", 0x9ffffffffffffd83 "SNMP_MIB2_START=0",
  0x9ffffffffffffd95 "ERASE=^H", 0x9ffffffffffffd9e "STOPEMAIL=1",
  0x9ffffffffffffdaa "INIT_STATE=3", 0x9ffffffffffffdb7 "SENDMAIL_SENDONLY=0",
  0x9ffffffffffffdcb "RWHOD=0", 0x9ffffffffffffdd3 "SNMP_CMDVW_START=0",
  0x9ffffffffffffde6 "DHCPV6D=0", 0x9ffffffffffffdf0 "SNMP_HPUNIX_START=0",
  0x9ffffffffffffe04 "STARTEMAIL=1",
  0x9ffffffffffffe11 "TFTPD_STANDALONE_OPTIONS= -l -s -S -i",
  0x9ffffffffffffe37 "PRE_U95=true",
  0x9ffffffffffffe44 "STARTSTOPADDR=bhassell@sourcedirect.com",
  0x9ffffffffffffe6c "SNMP_NAA_START=0",
  0x9ffffffffffffe7d "SNMP_IPv6_START=0"}
(gdb) p ((char**)_environ)[0]@60 $3 = {0x9ffffffffffffc38 "_=/opt/hpws/apache/bin/httpd", 0x9ffffffffffffc55 "SENDMAIL_SERVER=1", 0x9ffffffffffffc67 "DDFA=0", 0x9ffffffffffffc6e "SNMP_MASTER_START=0", 0x9ffffffffffffc82 "MROUTED_ARGS=", 0x9ffffffffffffc90 "SHLIB_PATH=/opt/hpws/apache/lib:/opt/hpws/apache/lib/LDAP:", 0x9ffffffffffffccb "PATH=/usr/sbin:/usr/bin:/sbin", 0x9ffffffffffffce9 "XNTPD_ARGS=-l /var/adm/xntpd.log", 0x9ffffffffffffd0a "DHCPV6CLNTD_ARGS=", 0x9ffffffffffffd1c "XNTPD=1", 0x9ffffffffffffd24 "SNMP_TRAPDEST_START=0", 0x9ffffffffffffd3a "INETD_ARGS=", 0x9ffffffffffffd46 "MIPARMS=-fileio_traces -p", 0x9ffffffffffffd60 "TFTPD_STANDALONE_START=0", 0x9ffffffffffffd79 "MROUTED=0", 0x9ffffffffffffd83 "SNMP_MIB2_START=0", 0x9ffffffffffffd95 "ERASE=^H", 0x9ffffffffffffd9e "STOPEMAIL=1", 0x9ffffffffffffdaa "INIT_STATE=3", 0x9ffffffffffffdb7 "SENDMAIL_SENDONLY=0", 0x9ffffffffffffdcb "RWHOD=0", 0x9ffffffffffffdd3 "SNMP_CMDVW_START=0", 0x9ffffffffffffde6 "DHCPV6D=0", 0x9ffffffffffffdf0 "SNMP_HPUNIX_START=0", 0x9ffffffffffffe04 "STARTEMAIL=1", 0x9ffffffffffffe11 "TFTPD_STANDALONE_OPTIONS= -l -s -S -i", 0x9ffffffffffffe37 "PRE_U95=true", 0x9ffffffffffffe44 "STARTSTOPADDR=bhassell@sourcedirect.com", 0x9ffffffffffffe6c "SNMP_NAA_START=0", 0x9ffffffffffffe7d "SNMP_IPv6_START=0", ---Type <return> to continue, or q <return> to quit--- 0x9ffffffffffffe8f "PHPRC=/opt/hpws/apache/conf", 0x9ffffffffffffeab "HPWS_APACHE_HOME=/opt/hpws/apache", 0x9ffffffffffffecd "SENDMAIL_RECVONLY=0", 0x9ffffffffffffee1 "DHCPV6SRVRD_ARGS=", 0x9ffffffffffffef3 "LD_LIBRARY_PATH=/opt/hpws/apache/lib:", 0x9fffffffffffff19 "TERM=unknown", 0x9fffffffffffff26 "PWD=/", 0x9fffffffffffff2c "PERL5LIB=/opt/hpws/apache/lib/perl/lib/site_perl/5.8.8/IA64.ARCHREV_0-thread-multi-LP64:/opt/hpws/apache/lib/perl/lib:", 0x9fffffffffffffa3 "TZ=EST5EDT", 0x9fffffffffffffae "INETD=1", 0x9fffffffffffffb6 "SENDMAIL_SERVER_NAME=", 0x9fffffffffffffcc "NTPDATE_SERVER=0.north-america.pool.ntp.org", 0x0, 0x2f6f70742f687077 <Error reading address 0x2f6f70742f687077: Bad address>, 0x732f617061636865 <Error reading address 0x732f617061636865: Bad address>, 0x2f62696e2f687474 <Error reading address 0x2f62696e2f687474: Bad address>, 0x7064002d64002f6f <Error reading address 0x7064002d64002f6f: Bad address>, 0x70742f687077732f <Error reading address 0x70742f687077732f: Bad address>, 0x617061636865002d <Error reading address 0x617061636865002d: Bad address>, 0x6b00737461727400 <Error reading address 0x6b00737461727400: Bad address>, 0x5f3d2f6f70742f68 <Error reading address 0x5f3d2f6f70742f68: Bad address>, 0x7077732f61706163 <Error reading address 0x7077732f61706163: Bad address>, 0x68652f62696e2f68 <Error reading address 0x68652f62696e2f68: Bad address>, 0x747470640053454e <Error reading address 0x747470640053454e: Bad address>, 0x444d41494c5f5345 <Error reading address 0x444d41494c5f5345: Bad address>, ---Type <return> to continue, or q <return> to quit--- 0x525645523d310044 <Error reading address 0x525645523d310044: Bad address>, 0x4446413d3000534e <Error reading address 0x4446413d3000534e: Bad address>, 0x4d505f4d41535445 <Error reading address 0x4d505f4d41535445: Bad address>, 0x525f53544152543d <Error reading address 0x525f53544152543d: Bad address>, 0x30004d524f555445 <Error reading address 0x30004d524f555445: Bad address>} (gdb) quit The program is running. Quit anyway (and detach it)? (y or n) y Detaching from program: /opt/hpws/apache/bin/httpd, process 2965

 

Here's a sample from the 'lpsched' process:

# gdb -p 1836
HP gdb 6.2 for HP Itanium (32 or 64 bit) and target HP-UX 11iv2 and 11iv3.
Copyright 1986 - 2011 Free Software Foundation, Inc.
Hewlett-Packard Wildebeest 6.2 (based on GDB) is covered by the
GNU General Public License. Type "show copying" to see the conditions to
change it and/or distribute copies. Type "show warranty" for warranty/support.

Attaching to process 1836
Reading symbols from /usr/sbin/lpsched...(no debugging symbols found)...done.
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...
0x60000000c056afd0:0 in _select_sys+0x30 () from /usr/lib/hpux32/libc.so.1
(gdb) p ((char**)_environ)[0]@60
$1 = {0x200000007efcd9b0 "PATH=/usr/bin", 0x200000007fffff9e "TZ=EST5EDT",
  0x0 <repeats 36 times>,
  0x2f757372 <Error reading address 0x2f757372: Bad address>,
  0x2f736269 <Error reading address 0x2f736269: Bad address>,
  0x200000006e2f6c70 <Error reading address 0x200000006e2f6c70: Bad address>,
  0x2000000073636865 <Error reading address 0x2000000073636865: Bad address>,
  0x2000000064000000 <Error reading address 0x2000000064000000: Bad address>,
  0x0 <repeats 17 times>}

(gdb) p ((char**)_environ)[0]@10
$2 = {0x200000007efcd9b0 "PATH=/usr/bin", 0x200000007fffff9e "TZ=EST5EDT",
  0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}
(gdb) quit
The program is running.  Quit anyway (and detach it)? (y or n) y
Detaching from program: /usr/sbin/lpsched, process 1836
#

 

If you do not have GDB loaded you can get it for 11.11, 11.23 and 11.31 here:

http://hpux.connect.org.uk/hppd/hpux/Gnu/gdb-7.6.2/

 

 

PalmerScott
Occasional Visitor

Re: Gather environment variables for arbitrary process

Patrick,

Thanks very much for the detailed response.

 

However, I do not have the ability to require gdb on all target machines.  Consequently, I must stay within the tools available on a base plan-vanilla OS install.

 

 

Patrick Wallek
Honored Contributor

Re: Gather environment variables for arbitrary process

>>I do not have the ability to require gdb on all target machines. 

 

Then it likely won't be possible to get the information you need.  I know of no other way query a process to that level.

PalmerScott
Occasional Visitor

Re: Gather environment variables for arbitrary process

After reading quite and few man pages, white papers, and forum posts, that's my conclusion, also.

 

Thanks for your time and input.

Patrick Wallek
Honored Contributor

Re: Gather environment variables for arbitrary process

The 'gdb' program may be installed by default on 11.31.  It would be worth a shot to try it on those servers at least.

 

It would/should be in the /opt/langtools/bin directory if it's there.