0

I am using a build system(waf) which is a wrapper around python. There are some programs(perl scripts,exe's etc) calling the python build system. When I execute the build scripts from cmd.exe, I need to find out the program that called it. My OS is windows 7. I tried getting the parent PID in a python module and it returns "cmd" as PPID and "python.exe" as PID, so that approach did not help me in finding what I am looking for.

I believe I should be looking at some stacktraces on a OS level, but am not able to find how to do it. Please help me with the approach I should take or a possible code snippet. I just need to know the name of the script or program that called the system, example caller.perl, callload.exe

Thank you

Improve this question
3
  • 3
    if your program needs to do something different depending on who ran it ... you're probably doing it wrong. Just pass an argument saying what you want it to do. Commented Oct 19, 2012 at 15:57
  • I am curious why you need this? may be X/Y problem. Commented Oct 19, 2012 at 16:14
  • Need this to get data like which scripts called the builds etc. Commented Oct 19, 2012 at 17:50

3 Answers 3

Reset to default
2

Though I am not sure why it would be needed but this is a fun problem in itself, so here are few tips, once you have parent PID loop thru processes and get name e.g.

using WMI

import wmi
c = wmi.WMI ()

for process in c.Win32_Process ():
    if process.ProcessId == ppid:
      print process.ProcessId, process.Name

I think you can do same thing using win32 API, e.g. 

processes = win32process.EnumProcesses()
for pid in processes:
    if pid == ppid:
       handle = win32api.OpenProcess(win32con.PROCESS_ALL_ACCESS,
False, pid)
       exe = win32process.GetModuleFileNameEx(handle, 0)

This will work for simple cases when progA directly executes progB but if there is a long chain of child process in between, it may not be good solution. Best way for a generic case would be for calling program to tell his identity by passing it as argument e.g.

progB --calledfrom progA
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

This will return "cmd.exe" as the name. I am looking for the actual program name that was run in that command window.
@user1759821 why would that return cmd.exe, isn't cmd.exe grand daddy?
In my command window I have c:\something.exe /command"c:\Python\python waf -j1 proj" The sequence of process fork is explorer->cmd.exe->cmd.exe->python.exe. So our parent and grandpa is "cmd.exe" in our case.
so follow the chain, which can be a futile exercise to do for a generic case, that why better way is for the calling program to tell his identity by passing it as argumeny
0

modify the python script to add an argument to it, stating which file called it. then log it into a logger file. all scripts calling it will have to identify themselves to the python script via the argument vector.

For example:

foo.pl calls yourfile.py as: 

yourfile.py /path/to/foo.pl

yourfile.py:

def main(argv):
   logger.print(argv[1])
Improve this answer

1 Comment

In my command window I have c:\something.exe /command"c:\Python\python waf -j1 proj" This will not work as the sequence of process fork is explorer->cmd.exe->cmd.exe->python.exe. I am limited to make any changes in the something.exe as I do not have the source, also limited to make changes in the wscript(waf) unless necessary.
0

I was able to use process explorer to see the chain of processes called and was able to retrieve the name by just traversing the parent. Thanks for all who replied.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.