Monitoring for a remote process

[tbttfox]

I'm pretty new to linux, but I know a bit of programming (Python and C++) and I'm no stranger to the command line.

There is a program that comes with linux called xeyes. You all know about it, and you know you can run it on another person's machine. Some guys found this program at work... It started getting annoying, so (with a tech guy's help) I wrote a python script that checked for xeyes using xlsclients and displayed the host of the process. However, my coworkers caught on quick and now kill the process seconds after scaring the CRAP out of me.

That said, I'm looking for a way to create an efficient background task that will monitor for xeyes, preferably in Python so I can just extend my current script.

[i92guboj]

I'm pretty new to linux, but I know a bit of programming (Python and C++) and I'm no stranger to the command line.

There is a program that comes with linux called xeyes. You all know about it, and you know you can run it on another person's machine. Some guys found this program at work... It started getting annoying, so (with a tech guy's help) I wrote a python script that checked for xeyes using xlsclients and displayed the host of the process. However, my coworkers caught on quick and now kill the process seconds after scaring the CRAP out of me.

That said, I'm looking for a way to create an efficient background task that will monitor for xeyes, preferably in Python so I can just extend my current script.

Just run that task as root. Regular users can only kill their own tasks.

[tbttfox]

Just run that task as root. Regular users can only kill their own tasks.

I just have no idea how to create the monitoring process in the first place.

Unfortunately I don't have root access on this network, so that won't work.
However, I can kill the process on my computer using xkill. That's why I use xlsclients, so I can get the correct ID to shut it down. The program still remains "running" on the assailant's machine, but it doesn't display on my machine anymore.

[Freston]

Wont this work?

Code:

#!/bin/bash
while true ; do
   check=`ps aux | grep -c xeyes`
      if [ $check -ge 2 ] ; then
      killall xeyes
      sleep 1
   fi
done

[tbttfox]

I'm sure that will most definitely work, and it is similar to my initial plan. I just thought it wise to check the hive mind to make sure there wasn't a better way, like checking for some magic OS call that says "I just started a new program" so I didn't have to run an infinite loop over grep, even if it was controlled.

So, if there are any other ways anybody knows off the top of their head, I would love to see them.

Thanks much for the suggestion!

[kadamcd]

In reference to above code
I want to check whether
specified process is running or not?

So I wrote like this
#!/bin/bash
while true ; do
check=`ps aux | grep -c xeyes`
echo "check = $check\n"
if [ "$check" -lt 2 ]; then
echo "$check isn't running\n"
else
echo "$check is running\n"
fi
sleep 2
done

But it gives value of check
sometimes 1
and sometimes 2
why this happening

where
at commandline
$ ps aux | grep -c xeyes
it gives always two when process in running

can't understand, why it is so?

[Freston]

I dunno??

It works on my machine. It gives a value of 2 when it's running, and 1 if it's not. That 1 is grep finding it's own query of 'grep xeyes', so that is to be expected.

So no I have no idea. When I copy&paste your code in my machine, it just works.

[kadamcd]

after reading manual for ps
"ps aux | grep -c pidgin"

ps displays status information of all active processes

so it displays 2 process are running with provided name (ex. pidgin)
1 is actual process "pidgin" itself
and another is "ps aux | grep -c pidgin"
which contain pidgin as parameter

so what was happening there
grep cuts output of ps aux by two lines
and with -c options line count is 2

when script was running the command "ps aux | grep -c pidgin"

then the count was 2
but sometimes if process (by the command "ps aux | grep -c pidgin")
goes out from memory
after execution completion
it was showing 1 when
it may happening sometimes
process remains in memory
and giving count 2
I tried it at home
my pc is also giving me 2 always
but in company it is varing 1 or 2
I think speed of my pc is less
process still remains in memory always
and showing 2 always

I tried for 'top'
it works more perfect than 'ps'
code is like this now

#!/bin/bash
while true ; do
check=`top -n 1 | grep -c ctpmServer`
echo "check = $check\n"
if [ "$check" -lt 1 ]; then
echo "$check isn't running\n"
else
echo "$check is running\n"
fi
sleep 1
done