ps command behavior in Redhat is such that it outputs all the output(of long lengths). In Unix the ps command output was limited to only 80 chars. In that if you pipe its output to another command hen the 80 chars restriction wouldn't be there. This 80 char limitation will only be there for the screen output.
Is there any property/setup file for ps command on redhat which we may tweak to curtail the output to some specific characters?
There is an option --cols n which can curtail the output to n specific chars. But if we use this and pipe to another command, the another command will only get n chars as input from ps command.
args COMMAND command with all its arguments as a string.
Modifications to the arguments may be shown. The
output in this column may contain spaces. A
process marked <defunct> is partly dead, waiting
to be fully destroyed by its parent. Sometimes
the process args will be unavailable; when this
happens, ps will instead print the executable
name in brackets. (alias cmd, command). See
also the comm format keyword, the -f option, and
the c option.
When specified last, this column will extend to
the edge of the display. If ps can not determine
display width, as when output is redirected
(piped) into a file or another command, the
output width is undefined (it may be 80,
unlimited, determined by the TERM variable, and
so on). The COLUMNS environment variable or
--cols option may be used to exactly determine
the width in this case. The w or -w option may
be also be used to adjust width.
So if ps isn't abiding by your terminal width, be sure the COLUMNS variable is set to a sane value in the user environment and exported, etc.
Thanks but its not working, changed the COLUMNS variable. One thing which works is command line option of --cols which is not desirable as already stated by me in my original question. The value of COLUMNS is 168 but I see that ps command is showing output of much higher width.
Did you just change the columns variable or actually export it? Show me exactly what you did, word for word, letter for letter, keystroke for keystroke.
Hi Corona, it worked but not fully, if we pipe the output of this ps command to another command, such as grep, the grep wont get the full output of ps command which it would have got if COLUMNS var would not be set to our value
Even if we set COLUMNS=50 and then export it, any user can come around this restriction using ps -ww
Also, in unix, by default the output of ps command is curtailed to I think 70 chars and that does not go away even if you use ps -ww. But unix provides full output to the user who actually ran that particular command. Its just that other users can only see the curtailed output.
e.g if an user say albert ran a program having a long param chain. If albert himself runs ps command, he can see the full length of his command under ps list, but say another user jim runs the ps command, he can only see the curtailed output of the command (which albert had put to run). Even -ww option used by jim wont enable him to get the full command output.
Having said this, jim can see full output(more than 70 chars) of his programs under ps output list.
Are you attempting to stop other users from seeing sensitive things in ps listings? If so, curtailing ps won't stop them, there are other ways to obtain the commandline of a process.
Yes I agree, but the same stuff was smartly handled in Solarix, in which, they had truncated the output to 80 chrs. Thus all the sensitive info was cut off. So was wondering if that can be done in Linux.
Also, the use of columns env variable can not be a fool prof solution as its value can be changed. Even if we make it a readonly, its value can be changed in child processes and the readonly attribute does not hold true there.
Long answer: Obscurity is not security. ps is not a security tool. Even if you convinced ps to block the information, users could just get it direct from the source in /proc/####/comm.
Do you know for a fact that the first 80 chars never contains sensitive information, anyway? Commandline arguments were never a particularly safe place to put such things.