replace /proc/self from bin paths

Sometimes we receive /proc/self/exe as the path of the process (electron apps). Since a couple of systemd versions ago, some processes spawned by systemd are reported as /proc/self/fd/<number>. In these cases reading the symbolic link /proc/<pid>/exe points to the file on disk.
2025-03-04 00:24:40 +01:00 · 2023-12-03 01:13:55 +01:00 · 2023-12-03 01:13:55 +01:00 · fb2c9893d0
commit fb2c9893d0
parent d3ba9d65ce
2 changed files with 3 additions and 3 deletions
--- a/daemon/procmon/details.go
+++ b/daemon/procmon/details.go
@ -239,7 +239,7 @@ func (p *Process) ReadCmdline() {
 // - AppImages cmdline reports the execuable launched as /proc/self/exe,
 //   instead of the actual path to the binary.
 func (p *Process) CleanArgs() {
-	if len(p.Args) > 0 && p.Args[0] == ProcSelfExe {
+	if len(p.Args) > 0 && p.Args[0] == ProcSelf {
 		p.Args[0] = p.Path
 	}
 }
@ -343,7 +343,7 @@ func (p *Process) CleanPath() {
 	// This is not useful to the user, and besides it's a generic path that can represent
 	// to any process.
 	// Therefore we cannot use /proc/self/exe directly, because it resolves to our own process.
-	if p.Path == ProcSelfExe {
+	if strings.HasPrefix(p.Path, ProcSelf) {
 		if link, err := os.Readlink(p.pathExe); err == nil {
 			p.Path = link
 			return
--- a/daemon/procmon/process.go
+++ b/daemon/procmon/process.go
@ -22,7 +22,7 @@ const (
 	MethodEbpf  = "ebpf"

 	KernelConnection = "Kernel connection"
-	ProcSelfExe      = "/proc/self/exe"
+	ProcSelf         = "/proc/self/"

 	HashMD5  = "process.hash.md5"
 	HashSHA1 = "process.hash.sha1"