On August 2, 2021 6:22 AM: Ævar Arnfjörð Bjarmason wroteL
>On Wed, Jul 21 2021, Emily Shaffer wrote:
>
>> Git for Windows also gathers information about more than one
>> generation of parent. In Linux further ancestry info can be gathered
>> with procfs, but it's unwieldy to do so.
>
>Having read the win32 get_processes() implementation and read proc(5) I don't get how it's unweildy to do so on Linux? Perhaps I'm
>missing some special-case but this rather simple patch-on-top seems to do the job for me. This includes the unrelated enum/switch/case
>change I suggested.
>
>I can submit it as a patch-on-top with SOB etc, but maybe there's some subtle reason it won't work properly. It works for me, I get e.g.:
>
> {
> "event": "cmd_ancestry",
> "sid": "20210802T102731.879424Z-Hc2f5b994-P00001acc",
> "thread": "main",
> "time": "2021-08-02T10:27:31.879618Z",
> "file": "compat/linux/procinfo.c",
> "line": 66,
> "ancestry": [
> "bash",
> "screen",
> "systemd"
> ]
> }
Should not the subfields of "ancestry" also have field names? I get that they are a list, but it seems a bit restrictive.
My preference here would be:
"ancestry": [
"ancestor": [
"program": "bash",
"pid" : 1234 ],
"ancestor": [
"program": "screen"],
"ancestor": [
"program" : "systemd"],
]
With more richness available in the ancestor.
