Differences between revisions 2 and 3
Revision 2 as of 2007-10-12 11:53:20
Size: 2956
Editor: 202-156-12-12
Comment:
Revision 3 as of 2007-10-12 12:02:24
Size: 3331
Editor: 202-156-12-12
Comment:
Deletions are marked like this. Additions are marked like this.
Line 11: Line 11:
Someone asked if there is a Linux equivalent of the [http://www.scit.wlv.ac.uk/cgi-bin/mansec?1+pfiles Solaris pfiles] tool. pfiles basically report information of all open files by the process id. Eugene decided to write one with SystemTap.
Line 13: Line 14:
attachment:pfiles.stp The script is too long to be listed here. Please download the [attachment:pfiles.stp script] instead.
Line 67: Line 68:
You can start writing useful systems tools that are not available in Linux with SystemTap. pfiles and [http://sources.redhat.com/systemtap/wiki/WSPlimit plimit] are excellent examples. You can start writing useful systems tools that are not available in Linux with SystemTap. [http://sources.redhat.com/systemtap/wiki/WSPfiles pfiles] and [http://sources.redhat.com/systemtap/wiki/WSPlimit plimit] are excellent examples.

pfiles for Linux

Problem

Someone asked if there is a Linux equivalent of the [http://www.scit.wlv.ac.uk/cgi-bin/mansec?1+pfiles Solaris pfiles] tool. pfiles basically report information of all open files by the process id. Eugene decided to write one with SystemTap.

Scripts

The script is too long to be listed here. Please download the [attachment:pfiles.stp script] instead.

Output

$ ./pfiles.stp -g `pgrep pidgin`
4038:  -pidgin
  Current rlimit: 256 file descriptors
   0: S_IFCHR mode:0666 dev:0,16 ino:1971 uid:500 gid:500 rdev:1,3
        O_RDONLY|O_LARGEFILE 
   1: S_IFIFO mode:0600 dev:0,6 ino:13796 uid:0 gid:42 rdev:0,0
        O_WRONLY 
   2: S_IFIFO mode:0600 dev:0,6 ino:13796 uid:0 gid:42 rdev:0,0
        O_WRONLY 
   3: S_IFSOCK mode:0777 dev:0,5 ino:18645 uid:500 gid:500 rdev:0,0
        O_RDWR|O_NONBLOCK|O_NDELAY FD_CLOEXEC
   4: S_IFIFO mode:0600 dev:0,6 ino:18647 uid:500 gid:500 rdev:0,0
        O_RDONLY 
   5: S_IFIFO mode:0600 dev:0,6 ino:18647 uid:500 gid:500 rdev:0,0
        O_WRONLY 
   6: S_IFSOCK mode:0777 dev:0,5 ino:18648 uid:500 gid:500 rdev:0,0
        O_RDWR|O_NONBLOCK|O_NDELAY FD_CLOEXEC
   7: S_IFSOCK mode:0777 dev:0,5 ino:18722 uid:500 gid:500 rdev:0,0
        O_RDWR|O_NONBLOCK|O_NDELAY FD_CLOEXEC
   8: S_IFIFO mode:0600 dev:0,6 ino:18650 uid:500 gid:500 rdev:0,0
        O_RDONLY 
   9: S_IFIFO mode:0600 dev:0,6 ino:18650 uid:500 gid:500 rdev:0,0
        O_WRONLY 
  10: S_IFIFO mode:0600 dev:0,6 ino:18651 uid:500 gid:500 rdev:0,0
        O_RDONLY 
  11: S_IFIFO mode:0600 dev:0,6 ino:18651 uid:500 gid:500 rdev:0,0
        O_WRONLY|O_NONBLOCK|O_NDELAY 
  12: S_IFIFO mode:0600 dev:0,6 ino:18653 uid:500 gid:500 rdev:0,0
        O_RDONLY 
  13: S_IFIFO mode:0600 dev:0,6 ino:18653 uid:500 gid:500 rdev:0,0
        O_WRONLY 
  14: S_IFSOCK mode:0777 dev:0,5 ino:18654 uid:500 gid:500 rdev:0,0
        O_RDWR|O_NONBLOCK|O_NDELAY FD_CLOEXEC
  15: S_IFSOCK mode:0777 dev:0,5 ino:18658 uid:500 gid:500 rdev:0,0
        O_RDWR FD_CLOEXEC
  16: S_IFSOCK mode:0777 dev:0,5 ino:18674 uid:500 gid:500 rdev:0,0
        O_RDWR|O_NONBLOCK|O_NDELAY 
  18: S_IFIFO mode:0600 dev:0,6 ino:18677 uid:500 gid:500 rdev:0,0
        O_WRONLY 
  19: S_IFIFO mode:0600 dev:0,6 ino:18678 uid:500 gid:500 rdev:0,0
        O_RDONLY 
  20: S_IFSOCK mode:0777 dev:0,5 ino:18744 uid:500 gid:500 rdev:0,0
        O_RDWR|O_NONBLOCK|O_NDELAY FD_CLOEXEC

Lessons

You can start writing useful systems tools that are not available in Linux with SystemTap. [http://sources.redhat.com/systemtap/wiki/WSPfiles pfiles] and [http://sources.redhat.com/systemtap/wiki/WSPlimit plimit] are excellent examples.


WarStories

None: WSPfiles (last edited 2010-04-19 12:10:27 by 92)