Skip to content

Allow Linux process command names longer than 15 chars #2062

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
lewisdoesstuff wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Allow Linux process command names longer than 15 chars #2062

lewisdoesstuff wants to merge 1 commit into from

Conversation

@lewisdoesstuff
Copy link

@lewisdoesstuff lewisdoesstuff commented May 20, 2025

Currently, ProcessSample data on Linux hosts has a 15 character limit on the commandName value.
This is a limitation of the kernel - the comm value read from /proc/<pid>/stat is limited to TASK_COMM_LEN (16, including null byte).

This isn't the end of the world when collecting all processes, but causes issues when trying to limit the collected samples via include_matching_metrics. You can't currently match some-long-process-name-1 without using a wildcard to cover everything after the 15th character. If some-long-process-name-2 is also running, both of these will be sampled.

I've updated the pw.Command() method (snapshot_linux.go) to handle this.
If the process name (from /proc/<pid>/stat) is less than 15 chars, then we return that.
If it's 15, it could be truncated, so we use pw.process.Exe() to read the link at /proc/<pid>/exe, returning the base name.

This requires read permissions on the linked executable, so if the agent isn't running as root, the (possibly truncated) value is returned.

Comparison in events in ProcessSample - Top: patched, bottom: 1.30.0
image

@lewisdoesstuff
Allow Linux process command names longer than 15 chars
2ceb50b 
 - snapshot_linux.go
  - `Command()` now checks the length of the processes `command` value
  - If less than 15 chars, or the agent is not running as root, returns the value read from `/proc/<pid>/stat`
  - If > 15, and we're running as root, returns the base name of the executable linked to `/proc/<pid>/exe`
@lewisdoesstuff lewisdoesstuff requested a review from a team as a code owner May 20, 2025 17:18
@rajrohanyadav
Copy link
Contributor

rajrohanyadav commented May 27, 2025

Hi @lewisdoesstuff
Thanks for your contribution. We will review and evaluate this PR soon for backwards compatibility and any potential breaking changes. We will try to merge this asap.
Thanks.

@rahulreddy15
Copy link
Contributor

rahulreddy15 commented Jul 16, 2025

Hi @lewisdoesstuff
Thanks for your contribution. We are not going ahead with merging this PR because it could cause alerts that customers have setup to break. To safely release this, we would want to put enabling command names longer than 15 characters behind a feature flag as an infrastructure agent config option.
We have planned to prioritize this task and will provide an update here once the feature is part of GA.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lewisdoesstuff @rajrohanyadav @rahulreddy15