Last active
October 11, 2023 15:43
-
-
Save randomvariable/bb62bbde78e7138fa491c7a618e9e8d5 to your computer and use it in GitHub Desktop.
test.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
declare -A seenNamespaces | |
declare -A containerInfo | |
# Ensure ipcs command is available | |
ipcsPath=$(which ipcs) | |
if [ -z "$ipcsPath" ]; then | |
echo "ipcs command could not be found" | |
exit | |
fi | |
# Get the IPC namespace inodes of all running containers | |
while IFS= read -r containerID; do | |
nsInode=$(crictl inspect "$containerID" | jq -r '.info.runtimeSpec.linux.namespaces[] | select(.type=="ipc") | .path' | xargs stat -c %i 2>/dev/null) | |
containerName=$(crictl inspect "$containerID" | jq -r '.info.metadata.name') | |
if [ -n "$nsInode" ] && [ -n "$containerName" ]; then | |
containerInfo["$nsInode"]="ID: $containerID, Name: $containerName" | |
fi | |
done < <(crictl ps -q) | |
# Iterate over all processes | |
for pid in $(ps -e -o pid=); do | |
ipc_ns="/proc/$pid/ns/ipc" | |
# If ipc namespace file exists and is readable | |
if [ -r "$ipc_ns" ]; then | |
inode=$(stat -c %i "$ipc_ns" 2>/dev/null) | |
# If the inode number is valid and not seen yet | |
if [ -n "$inode" ] && [ -z "${seenNamespaces[$inode]}" ]; then | |
containerDetails=${containerInfo["$inode"]} | |
# Only proceed if this process is part of a container | |
if [ -n "$containerDetails" ]; then | |
# Mark this namespace as seen | |
seenNamespaces["$inode"]=1 | |
echo "IPCS for PID $pid, Container $containerDetails, Namespace (inode: $inode):" | |
echo "=====================================" | |
# Execute ipcs command from the host filesystem in the namespace of the PID | |
nsenter -t $pid -i "$ipcsPath" | |
echo "=====================================" | |
echo "" | |
fi | |
fi | |
fi | |
done |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment