Better detection of running executables

cmd/util.go

@@ -159,14 +159,14 @@ func verifyBin(bin string) bool {
 	proc := strings.Fields(bin)[0]
 	out := psFunc(proc)
 
-	if !strings.Contains(out, bin) {
+	// There could be multiple lines in the ps output
-		return false
+	// The binary needs to be the first word in the ps output, except that it could be preceded by a path
-	}
+	// e.g. /usr/bin/kubelet is a match for kubelet
-
+	// but apiserver is not a match for kube-apiserver
-	// Make sure we're not just matching on a partial word (e.g. if we're looking for apiserver, don't match on kube-apiserver)
+	reFirstWord := regexp.MustCompile(`^(\S*\/)*` + bin)
-	// This will give a false positive for matching "one two" against "zero one two-x" but it will do for now
+	lines := strings.Split(out, "\n")
-	for _, f := range strings.Fields(out) {
+	for _, l := range lines {
-		if f == proc {
+		if reFirstWord.Match([]byte(l)) {
 			return true
 		}
 	}

cmd/util_test.go

@@ -108,6 +108,11 @@ func TestVerifyBin(t *testing.T) {
 		{proc: "cmd", psOut: "cmd param1 param2", exp: true},
 		{proc: "cmd param", psOut: "cmd param1 param2", exp: true},
 		{proc: "cmd param", psOut: "cmd", exp: false},
+		{proc: "cmd", psOut: "cmd x \ncmd y", exp: true},
+		{proc: "cmd y", psOut: "cmd x \ncmd y", exp: true},
+		{proc: "cmd", psOut: "/usr/bin/cmd", exp: true},
+		{proc: "cmd", psOut: "kube-cmd", exp: false},
+		{proc: "cmd", psOut: "/usr/bin/kube-cmd", exp: false},
 	}
 
 	psFunc = fakeps