diff --git a/README.md b/README.md index 30d8cf0..c800a03 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,8 @@ Because of the ever changing features on macOS, since macOS 11 some features don --standard -> Print the standard Unix tree instead of TrueTree --sources -> Print the source of where each processes parent came from --nonetwork -> Do not print network connection +--nopid -> Do not print the pid next to each process +--nopath -> Print process name only instead of full paths --version -> Print the TrueTree version number -o -> output to file diff --git a/Src/args.swift b/Src/args.swift index 797955b..9446337 100644 --- a/Src/args.swift +++ b/Src/args.swift @@ -17,8 +17,10 @@ class ArgManager { var sources = false var timelineMode = true var network = true + var showpid = true + var showpath = true var toFile: String? - let availableArgs = ["--nocolor", "--timeline", "--timestamps", "-o", "--standard", "--version", "--sources", "--nonetwork"] + let availableArgs = ["--nocolor", "--timeline", "--timestamps", "-o", "--standard", "--version", "--sources", "--nonetwork", "--nopid", "--nopath"] init(suppliedArgs: [String]) { setArgs(suppliedArgs) @@ -42,9 +44,13 @@ class ArgManager { timelineMode.toggle() } else if arg == "--nonetwork" { network.toggle() + } else if arg == "--nopid" { + showpid.toggle() + } else if arg == "--nopath" { + showpath.toggle() } else if arg == "--version" { print(version) - exit(1) + exit(0) } else if arg == "-o" { if args.count > x+1 && !availableArgs.contains(args[x+1]) { toFile = args[x+1] @@ -65,8 +71,10 @@ class ArgManager { print("--standard Print the standard Unix tree instead of TrueTree") print("--sources Print the source of where each processes parent came from") print("--nonetwork Do not print network connection") + print("--nopid Do not print the pid next to each process") + print("--nopath Print process name only instead of full paths") print("--version Print the TrueTree version number") print("-o Output to file") - exit(1) + exit(0) } } diff --git a/Src/launchdXPC/launchdXPC.m b/Src/launchdXPC/launchdXPC.m index e46f09d..200b8f9 100644 --- a/Src/launchdXPC/launchdXPC.m +++ b/Src/launchdXPC/launchdXPC.m @@ -31,7 +31,7 @@ int getSubmittedPid(int pid) { long long lo = (temp >> 0) & 0x00000000FFFFFFFFLL; ProcessSerialNumber parentPSN = {(unsigned long)hi, (unsigned long)lo}; - NSDictionary* parentDict = (__bridge NSDictionary*)ProcessInformationCopyDictionary (&parentPSN, kProcessDictionaryIncludeAllInformationMask); + //NSDictionary* parentDict = (__bridge NSDictionary*)ProcessInformationCopyDictionary (&parentPSN, kProcessDictionaryIncludeAllInformationMask); //NSLog(@"real parent info: %@", parentDict); //NSLog(@"real parent pid: %@", parentDict[@"pid"]); diff --git a/Src/main.swift b/Src/main.swift index 36f2e42..7499b12 100644 --- a/Src/main.swift +++ b/Src/main.swift @@ -8,7 +8,7 @@ import Foundation -let version = 0.7 +let version = 0.8 // Go through command line arguments and set accordingly let argManager = ArgManager(suppliedArgs:CommandLine.arguments) @@ -43,14 +43,14 @@ if argManager.standardMode { parentNode?.add(child: proc.node) } rootNode?.printTree() - exit(1) + exit(0) } // If timeline mode is active if argManager.timelineMode == false { pc.printTimeline(outputFile: argManager.toFile) - exit(1) + exit(0) } // Create a TrueTree diff --git a/Src/node.swift b/Src/node.swift index 5d989a4..6ecf6fa 100644 --- a/Src/node.swift +++ b/Src/node.swift @@ -18,6 +18,14 @@ final class Node { let displayString: String private(set) var children: [Node] + var fileName: String { + if let fileName = path.components(separatedBy: "/").last { + return fileName + } + + return path + } + init(_ pid: Int, path: String, timestamp: String, source: String, displayString: String) { self.pid = pid self.path = path @@ -59,7 +67,12 @@ extension Node { } else { if argManager.color { - text = "\(displayString) \(String(pid).magenta)" + if argManager.showpath { + text = "\(displayString)" + } else { + text = "\(fileName)" + } + if argManager.showpid { text += " \(String(pid).magenta)"} if argManager.timestamps { text += " \(timestamp.cyan)"} if argManager.sources { text += " Aquired parent from -> \(source)".red } } else { diff --git a/Src/process.swift b/Src/process.swift index 342fdac..4699a74 100644 --- a/Src/process.swift +++ b/Src/process.swift @@ -84,7 +84,10 @@ class ProcessCollector { // Get true parent. Plist parents will be handled elsewhere let trueParent: Int - if submittedPid > 1 { + if ppid != 1 { + trueParent = ppid + source = "parent_process" + } else if submittedPid > 1 { trueParent = submittedPid source = "application_services" } else if responsiblePid != pid { diff --git a/TrueTree.xcodeproj/project.pbxproj b/TrueTree.xcodeproj/project.pbxproj index f194ddb..d5861aa 100644 --- a/TrueTree.xcodeproj/project.pbxproj +++ b/TrueTree.xcodeproj/project.pbxproj @@ -302,13 +302,13 @@ CLANG_ENABLE_MODULES = YES; CLANG_USE_OPTIMIZATION_PROFILE = NO; CODE_SIGN_IDENTITY = "Apple Development"; - "CODE_SIGN_IDENTITY[sdk=macosx*]" = "Developer ID Application"; + "CODE_SIGN_IDENTITY[sdk=macosx*]" = "-"; CODE_SIGN_INJECT_BASE_ENTITLEMENTS = NO; CODE_SIGN_STYLE = Manual; DEVELOPMENT_TEAM = ""; - "DEVELOPMENT_TEAM[sdk=macosx*]" = C793NB2B2B; + "DEVELOPMENT_TEAM[sdk=macosx*]" = ""; ENABLE_HARDENED_RUNTIME = YES; - INSTALL_PATH = ""; + INSTALL_PATH = /usr/local/bin/; MACOSX_DEPLOYMENT_TARGET = 10.13; "OTHER_CODE_SIGN_FLAGS[sdk=*]" = "--timestamp"; PRODUCT_BUNDLE_IDENTIFIER = truetree; @@ -328,13 +328,13 @@ CLANG_ENABLE_MODULES = YES; CLANG_USE_OPTIMIZATION_PROFILE = NO; CODE_SIGN_IDENTITY = "Apple Development"; - "CODE_SIGN_IDENTITY[sdk=macosx*]" = "Developer ID Application"; + "CODE_SIGN_IDENTITY[sdk=macosx*]" = "-"; CODE_SIGN_INJECT_BASE_ENTITLEMENTS = NO; CODE_SIGN_STYLE = Manual; DEVELOPMENT_TEAM = ""; - "DEVELOPMENT_TEAM[sdk=macosx*]" = C793NB2B2B; + "DEVELOPMENT_TEAM[sdk=macosx*]" = ""; ENABLE_HARDENED_RUNTIME = YES; - INSTALL_PATH = ""; + INSTALL_PATH = /usr/local/bin/; MACOSX_DEPLOYMENT_TARGET = 10.13; ONLY_ACTIVE_ARCH = NO; PRODUCT_BUNDLE_IDENTIFIER = truetree;