如何让ss显示正在使用该套接字的用户?

如何让ss显示正在使用该套接字的用户?

我想知道哪个用户启动了使用 TCP 套接字的进程。

我尝试使用ss -nte,但它只显示 uid,而不显示用户名。有没有办法让用户ss显示用户名?这里的输出ss -nte

lucio@debian:~$ ss -nte
State            Recv-Q            Send-Q                        Local Address:Port                           Peer Address:Port                                                                                    
ESTAB            0                 0                              192.168.56.1:45414                        192.168.56.201:22               timer:(keepalive,46min,0) uid:1000 ino:711653 sk:4 <->                 
ESTAB            0                 0                              192.168.56.1:35544                        192.168.56.203:22               timer:(keepalive,46min,0) uid:1000 ino:713505 sk:12 <->                
ESTAB            0                 0                            192.168.178.70:55342                        151.101.193.69:443              uid:1000 ino:758973 sk:3a <->                                          
ESTAB            0                 0                            192.168.178.70:41212                        198.252.206.25:443              timer:(keepalive,7min4sec,0) uid:1000 ino:756177 sk:3b <->             
ESTAB            0                 0                              192.168.56.1:45542                        192.168.56.202:22               timer:(keepalive,46min,0) uid:1000 ino:715991 sk:1e <->                
ESTAB            0                 0                            192.168.178.70:41196                        198.252.206.25:443              timer:(keepalive,6min19sec,0) uid:1000 ino:756063 sk:3c <->            
ESTAB            0                 0                            192.168.178.70:43372                         216.58.205.78:443              uid:1000 ino:759631 sk:3d <->  

答案1

Hacky 尝试引入 Perl 来提供帮助。看看它如何替换uid:1001with user:bob

# ss -ntel
State          Recv-Q          Send-Q                    Local Address:Port                     Peer Address:Port
LISTEN         0               10                              0.0.0.0:12345                         0.0.0.0:*              uid:1001 ino:29109 sk:5e <->
LISTEN         0               100                           127.0.0.1:25                            0.0.0.0:*              ino:18771 sk:2 <->
LISTEN         0               128                             0.0.0.0:111                           0.0.0.0:*              ino:16606 sk:3 <->
LISTEN         0               128                             0.0.0.0:22                            0.0.0.0:*              ino:20128 sk:4 <->
LISTEN         0               10                                 [::]:12345                            [::]:*              uid:1001 ino:29108 sk:61 v6only:1 <->
LISTEN         0               128                                [::]:111                              [::]:*              ino:16609 sk:5 v6only:1 <->
LISTEN         0               128                                   *:80                                  *:*              ino:18314 sk:6 v6only:0 <->
LISTEN         0               128                                [::]:22                               [::]:*              ino:20130 sk:7 v6only:1 <->
# ss -ntel|perl -pne 'if(/uid:(\d+)/){@a=getpwuid($1);s/uid:(\d+)/user:$a[0]/}'
State    Recv-Q    Send-Q        Local Address:Port        Peer Address:Port
LISTEN   0         10                  0.0.0.0:12345            0.0.0.0:*        user:bob ino:29109 sk:5e <->
LISTEN   0         100               127.0.0.1:25               0.0.0.0:*        ino:18771 sk:2 <->
LISTEN   0         128                 0.0.0.0:111              0.0.0.0:*        ino:16606 sk:3 <->
LISTEN   0         128                 0.0.0.0:22               0.0.0.0:*        ino:20128 sk:4 <->
LISTEN   0         10                     [::]:12345               [::]:*        user:bob ino:29108 sk:61 v6only:1 <->
LISTEN   0         128                    [::]:111                 [::]:*        ino:16609 sk:5 v6only:1 <->
LISTEN   0         128                       *:80                     *:*        ino:18314 sk:6 v6only:0 <->
LISTEN   0         128                    [::]:22                  [::]:*        ino:20130 sk:7 v6only:1 <->
#

注意:我已经检查过来源而且似乎没有任何原生的东西ss可以实现这一点。

相关内容