Skip to main content

netcore/
process.rs

1//! Process ownership for sockets.
2//!
3//! The three-way distinction between "we know", "the kernel denied us", and
4//! "truly anonymous" matters: running `ss` without root hides the owners of
5//! sockets belonging to other users, and we want to surface that as one
6//! diagnostic rather than N question marks in a table.
7
8use serde::{Deserialize, Serialize};
9
10/// A reference to a specific process by PID and command name.
11#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
12pub struct ProcessRef {
13    /// Kernel process ID.
14    pub pid: u32,
15    /// Short command name from `/proc/<pid>/comm`.
16    pub comm: String,
17}
18
19/// Process ownership for a socket — three-way split so the diagnostician
20/// can surface permission failures as one aggregate finding rather than N
21/// question marks.
22#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize)]
23#[serde(tag = "kind", rename_all = "snake_case")]
24pub enum ProcessInfo {
25    /// We successfully resolved the owning process.
26    Known(ProcessRef),
27    /// We aren't privileged enough to read this socket's owner. Emit one
28    /// aggregate finding, not one per row.
29    PermissionDenied,
30    /// Kernel-owned or the namespace's PID is foreign.
31    Anonymous,
32}