How to get process path from PID when process launches?

Asked Dec 26 '18 at 12:46

Active Dec 26 '18 at 12:54

Viewed 467 times

In macOS X , I am monitoring all process launch event. When process launches I am getting PID from kernel. And using that PID I am retrieving full process Path in user mode.

I am using proc_pidpath() for process lauch event only. If I try to get process path of already running process it works .

 #define MAX_PROCESS_PATH_LEN 1024
 int iReturn;
 char ProcessPath[MAX_PROCESS_PATH_LEN];
 iReturn = proc_pidpath(processID , processPath , sizeof(ProcessPath));
 if(0 == iReturn)
 {
      // proc_pidpath failed
 }
 else
 {
      NSLog(@"My Process Path = %s" , ProcessPath);
 }

Input Task : launch Chess.app from /Application/Chess.app

Actual Output : My Process Path = /sbin/launchd

Expected output is /Application/Chess.app or /Applications/Chess.app/Contents/MacOS/Chess.

Can anyone please help me how to get process path when process is fork but may be not initialised ?

edited Dec 26 '18 at 12:54

asked Dec 26 '18 at 12:46

Brinda

Define what is the process path. Do you think of [working directory](https://en.wikipedia.org/wiki/Working_directory) ? – Basile Starynkevitch Dec 26 '18 at 12:52
I am refering https://stackoverflow.com/questions/7511864/get-real-path-of-application-from-pid , but it is not working when Process is just launched. – Brinda Dec 26 '18 at 12:59

How to get process path from PID when process launches?

0 Answers0