Hide

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again.

Delete that bloated snippets file you've been using and share your personal repository with the world. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.


If you have a new feature suggestion or find a bug, please get in touch via http://commandlinefu.uservoice.com/

Get involved!

You can sign-in using OpenID credentials, or register a traditional username and password.

First-time OpenID users will be automatically assigned a username which can be changed after signing in.

Hide

Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for:

Hide

News

2011-03-12 - Confoo 2011 presentation
Slides are available from the commandlinefu presentation at Confoo 2011: http://presentations.codeinthehole.com/confoo2011/
2011-01-04 - Moderation now required for new commands
To try and put and end to the spamming, new commands require moderation before they will appear on the site.
2010-12-27 - Apologies for not banning the trolls sooner
Have been away from the interwebs over Christmas. Will be more vigilant henceforth.
2010-09-24 - OAuth and pagination problems fixed
Apologies for the delay in getting Twitter's OAuth supported. Annoying pagination gremlin also fixed.
Hide

Tags

Hide

Functions

Commands using strace from sorted by
Terminal - Commands using strace - 16 results
strace -ttvfo /tmp/logfile -s 1024 program
2013-07-06 08:19:29
User: ryanchapman
Functions: strace
Tags: Linux strace
0

How to figure out what a program is doing.

-tt detailed timestamps

-f also strace any child processes

-v be very verbose, even with common structures

-o write output to file

-s N capture up to N characters of strings, rather than abbreviating with ...

ps auxw | grep sbin/apache | awk '{print"-p " $2}' | xargs strace -f
2013-02-19 19:14:57
User: msealand
Functions: awk grep ps strace xargs
1

This version also attaches to new processes forked by the parent apache process. That way you can trace all current and *future* apache processes.

# strace ... | perl -lne '@F=split(/\\/, $_);for(@F){push @ddd, sprintf("%x", oct("0" . $_))}END{shift @ddd; print pack("H*", join("", @ddd));}'
strace -ff -e trace=file my_command 2>&1 | perl -ne 's/^[^"]+"(([^\\"]|\\[\\"nt])*)".*/$1/ && print'
2011-08-16 15:00:18
Functions: perl strace
16

Can be run as a script `ftrace` if my_command is substrituted with "$@"

It is useful when running a command that fails and you have the feeling it is accessing a file you are not aware of.

pidof httpd | sed 's/ / -p /g' | xargs strace -fp
strace -e open zim 2>&1 1>/dev/null | fgrep ~ | fgrep -v "= -1" | cut -d'"' -f2
2011-01-31 22:46:51
Functions: cut fgrep strace
0

Locate config files of the program. May not be used for interactive programs like vim.

strace -e write=1,2 -p $PID 2>&1 | sed -un "/^ |/p" | sed -ue "s/^.\{9\}\(.\{50\}\).\+/\1/g" -e 's/ //g' | xxd -r -p
2010-10-06 19:37:39
User: glaudiston
Functions: sed strace
3

Useful to recover a output(stdout and stderr) "disown"ed or "nohup"ep process of other instance of ssh.

With the others options the stdout / stderr is intercepted, but only the first n chars.

This way we can recover ALL text of stdout or stderr

strace -ff -e write=1,2 -s 1024 -p PID 2>&1 | grep "^ |" | cut -c11-60 | sed -e 's/ //g' | xxd -r -p
2010-04-23 16:22:17
User: systemj
Functions: cut grep sed strace
10

similar to the previous command, but with more friendly output (tested on linux)

strace php tias.php -e open,access 2>&1 | grep foo.txt
2010-04-20 19:42:42
User: rkulla
Functions: grep strace
7

Sometimes a program refuses to read a file and you're not sure why. You may have display_errors turned off for PHP or something. In this example, fopen('/var/www/test/foo.txt') was called but doesn't have read access to foo.txt.

Strace can tell you what went wrong. E.g., if php doesn't have read access to the file, strace will say "EACCESS (Permission denied)". Or, if the file path you gave doesn't exist, strace will say "ENOENT (No such file or directory)", etc.

This works for any program you can run from the command-line, e.g., strace python myapp.py -e open,access...

Note: the above command uses php-cli, not mod_php, which is a different SAPI with diff configs, etc.

strace -ff -e trace=write -e write=1,2 -p SOME_PID
termtrace(){( strace -s 1000 -e write tput $@ 2>&2 2>&1 ) | grep -o '"[^"]*"';}
2010-03-17 08:53:41
User: AskApache
Functions: grep strace tput write
3

Depending on the TERM, the terminfo version, ncurses version, etc.. you may be using a varied assortment of terminal escape codes. With this command you can easily find out exactly what is going on.. This is terminal escape zen!

( 2>&2 strace -f -F -e write -s 1000 sh -c 'echo -e "initc\nis2\ncnorm\nrmso\nsgr0" | tput -S' 2>&1 ) | grep -o '"\\[^"]*"' --color=always

"\33]4;%p1%d;rgb:%p2%{255}%*%{1000}%/%2.2X/%p3%{255}%*%{1000}%/%2.2X/%p4%{255}%*%{1000}%/%2.2X\33\\\33[!p\33[?3;4l\33[4l\33>\33[?12l\33[?25h\33[27m\33(B\33[m"

Lets say you want to find out what you need to echo in order to get the text to blink..

echo -e "`tput blink`This will blink`tput sgr0` This wont"

Now you can use this function instead of calling tput (tput is much smarter for portable code because it works differently depending on the current TERM, and tput -T anyterm works too.) to turn that echo into a much faster executing code. tput queries files, opens files, etc.. but echo is very strait and narrow.

So now you can do this:

echo -e "\33[5mThis will blink\33(B\33[m This wont"

More at http://www.askapache.com/linux-unix/bash_profile-functions-advanced-shell.html

straceprocessname(){ x=( $(pgrep "$@") ); [[ ${x[@]} ]] || return 1; strace -vf ${x[@]/#/-p }; }
2009-12-03 00:04:39
User: sputnick
Functions: return strace
3

Especially for sysadmins when they don't want to waste time to add -p flag on the N processes of a processname.

In the old school, you did ;

pgrep processname

and typing strace -f -p 456 -p 678 -p 974...

You can add -f argument to the function. That way, the function will deal with pgrep to match the command-line.

Example :

processname -f jrockit
sudo strace -pXXXX -e trace=file
x=1; while [ $x = 1 ]; do process=`pgrep -u username`; if [ $process ]; then x=0; fi; done; strace -vvtf -s 256 -p $process
2009-09-22 16:46:27
User: dimentox
Functions: strace
4

It sits there in a loop waiting for a proccess from that user to spawn.

When it does it will attach strace to it

strace <name of the program>
strace -f -s 512 -v ls -l
2009-02-06 02:45:33
User: mkc
Functions: ls strace
5

strace can be invaluable in trying to figure out what the heck some misbehaving program is doing. There are number of useful flags to limit and control its output, and to attach to already running programs. (See also 'ltrace'.)