Commands tagged strace (19)


  • 58
    strace -ff -e trace=write -e write=1,2 -p SOME_PID
    oernii2 · 2010-04-20 08:55:54 2
  • Can be run as a script `ftrace` if my_command is substrituted with "$@" It is useful when running a command that fails and you have the feeling it is accessing a file you are not aware of. Show Sample Output


    17
    strace -ff -e trace=file my_command 2>&1 | perl -ne 's/^[^"]+"(([^\\"]|\\[\\"nt])*)".*/$1/ && print'
    unixmonkey8046 · 2011-08-16 15:00:18 2
  • similar to the previous command, but with more friendly output (tested on linux)


    10
    strace -ff -e write=1,2 -s 1024 -p PID 2>&1 | grep "^ |" | cut -c11-60 | sed -e 's/ //g' | xxd -r -p
    systemj · 2010-04-23 16:22:17 0
  • Sometimes a program refuses to read a file and you're not sure why. You may have display_errors turned off for PHP or something. In this example, fopen('/var/www/test/foo.txt') was called but doesn't have read access to foo.txt. Strace can tell you what went wrong. E.g., if php doesn't have read access to the file, strace will say "EACCESS (Permission denied)". Or, if the file path you gave doesn't exist, strace will say "ENOENT (No such file or directory)", etc. This works for any program you can run from the command-line, e.g., strace python myapp.py -e open,access... Note: the above command uses php-cli, not mod_php, which is a different SAPI with diff configs, etc. Show Sample Output


    7
    strace php tias.php -e open,access 2>&1 | grep foo.txt
    rkulla · 2010-04-20 19:42:42 1
  • Especially for sysadmins when they don't want to waste time to add -p flag on the N processes of a processname. In the old school, you did ; pgrep processname and typing strace -f -p 456 -p 678 -p 974... You can add -f argument to the function. That way, the function will deal with pgrep to match the command-line. Example : processname -f jrockit


    3
    straceprocessname(){ x=( $(pgrep "$@") ); [[ ${x[@]} ]] || return 1; strace -vf ${x[@]/#/-p }; }
    sputnick · 2009-12-03 00:04:39 5
  • Depending on the TERM, the terminfo version, ncurses version, etc.. you may be using a varied assortment of terminal escape codes. With this command you can easily find out exactly what is going on.. This is terminal escape zen! ( 2>&2 strace -f -F -e write -s 1000 sh -c 'echo -e "initc\nis2\ncnorm\nrmso\nsgr0" | tput -S' 2>&1 ) | grep -o '"\\[^"]*"' --color=always "\33]4;%p1%d;rgb:%p2%{255}%*%{1000}%/%2.2X/%p3%{255}%*%{1000}%/%2.2X/%p4%{255}%*%{1000}%/%2.2X\33\\\33[!p\33[?3;4l\33[4l\33>\33[?12l\33[?25h\33[27m\33(B\33[m" Lets say you want to find out what you need to echo in order to get the text to blink.. echo -e "`tput blink`This will blink`tput sgr0` This wont" Now you can use this function instead of calling tput (tput is much smarter for portable code because it works differently depending on the current TERM, and tput -T anyterm works too.) to turn that echo into a much faster executing code. tput queries files, opens files, etc.. but echo is very strait and narrow. So now you can do this: echo -e "\33[5mThis will blink\33(B\33[m This wont" More at http://www.askapache.com/linux-unix/bash_profile-functions-advanced-shell.html Show Sample Output


    3
    termtrace(){( strace -s 1000 -e write tput $@ 2>&2 2>&1 ) | grep -o '"[^"]*"';}
    AskApache · 2010-03-17 08:53:41 1
  • Useful to recover a output(stdout and stderr) "disown"ed or "nohup"ep process of other instance of ssh. With the others options the stdout / stderr is intercepted, but only the first n chars. This way we can recover ALL text of stdout or stderr Show Sample Output


    3
    strace -e write=1,2 -p $PID 2>&1 | sed -un "/^ |/p" | sed -ue "s/^.\{9\}\(.\{50\}\).\+/\1/g" -e 's/ //g' | xxd -r -p
    glaudiston · 2010-10-06 19:37:39 1
  • Like the original version except it does not include the parent apache process or the grep process and adds "sudo" so it can be run by user.


    3
    ps h --ppid $(cat /var/run/apache2.pid) | awk '{print"-p " $1}' | xargs sudo strace
    colinmollenhour · 2012-03-21 01:59:41 0
  • Will open strace on all apache process, on systems using sbin/apache (debian) or sbin/httpd (redhat), and will follow threads newly created.


    3
    ps auxw | grep -E 'sbin/(apache|httpd)' | awk '{print"-p " $2}' | xargs strace -F
    gormux · 2016-08-04 10:59:58 0
  • The stap script is : #! /usr/bin/env stap probe syscall.* { if (pid() == target()) printf("%s %s\n", name, argstr); } Show Sample Output


    2
    stap -v strace.stp -c /path/to/command
    gerard · 2011-10-07 08:27:57 11

  • 0
    pidof httpd | sed 's/ / -p /g' | xargs strace -fp
    daniele · 2011-06-28 09:53:19 0
  • Usefull tool for debug process. Show Sample Output


    0
    dtruss [ -p <pid> | -n <pname> ]
    Zulu · 2013-02-22 11:09:55 1
  • How to figure out what a program is doing. -tt detailed timestamps -f also strace any child processes -v be very verbose, even with common structures -o write output to file -s N capture up to N characters of strings, rather than abbreviating with ...


    0
    strace -ttvfo /tmp/logfile -s 1024 program
    ryanchapman · 2013-07-06 08:19:29 0

  • 0
    pgrep -f /usr/sbin/httpd | awk '{print"-p " $1}' | xargs strace
    savagemike · 2015-06-10 22:55:35 1
  • On debian parent process is running as root, workers as www-data. You can run strace in backgroud, get its PID, curl your webpage, kill strace and read your stats.


    0
    strace -c $(ps -u www-data o pid= | sed 's/^/-p/')
    brablc · 2015-11-25 08:10:52 0
  • Nginx (and other webservers like Apache) can be awkward to trace. They run as root, then switch to another user once they're ready to serve web pages. They also have a "master" process and multiple worker processes. The given command finds the process IDs of all Nginx processes, joins them together with a comma, then traces all of them at once with "sudo strace." System trace output can be overwhelming, so we only capture "networking" output. TIP: to kill this complex strace, do "sudo killall strace". Compare with a similar command: http://www.commandlinefu.com/commands/view/11918/easily-strace-all-your-apache-processes Show Sample Output


    0
    sudo strace -e trace=network -p `pidof nginx | sed -e 's/ /,/g'`
    shavenwarthog · 2016-01-28 18:48:16 0

  • 0
    strace -p "`pidof httpd`"
    weirdan · 2016-07-28 01:34:55 0
  • No need for grep or xargs


    0
    ps auxw | awk '/(apache|httpd)/{print"strace -F -p " $2}' | sh
    AdvancedThreat · 2017-11-26 17:34:41 0

  • -1
    ps -C apache o pid= | sed 's/^/-p /' | xargs strace
    depesz · 2011-03-15 08:46:33 0

What's this?

commandlinefu.com is the place to record those command-line gems that you return to again and again. That way others can gain from your CLI wisdom and you from theirs too. All commands can be commented on, discussed and voted up or down.

Share Your Commands


Check These Out

Display IPs accessing your Apache webserver.

Monitor logs in Linux using Tail
Works in Ubuntu, I hope it will work on all Linux machines. For Unixes, tail should be capable of handling more than one file with '-f' option. This command line simply take log files which are text files, and not ending with a number, and it will continuously monitor those files. Putting one alias in .profile will be more useful.

gpg encrypt a file
gpg command to encrypt a file on the command line.

list folders containing less than 2 MB of data
Just shortened the awk a bit and removed sed. Edit: I'm assuming there are no spaces in the path. To support white space in pathname try: $ awk '($1 < 2048) {sub(/^[0-9]+[ \t]+/,""); print $0}'

a function to create a box of '=' characters around a given string.
The function 'box' takes either one or two arguments. The first argument is a line of text to be boxed, the second argument (optional) is a character to use to draw the box. By default, the drawing character will be '='. The function 'n()' is a helper function used to draw the upper and lower lines of the box, its arguments are a length, and an character to print. (I used 'n' because 'line', 'ln' and 'l' are all commonly used)

Create a mirror of a local folder, on a remote server
Create a exact mirror of the local folder "/root/files", on remote server 'remote_server' using SSH command (listening on port 22) (all files & folders on destination server/folder will be deleted)

Rename files in batch

Quickly share code or text from vim to others.
Sprunge.us is a code/text sharing site like pastebin, but it is easy to post stuff from the command line. $ How it works: $ :w !command In vim, w writes the current tab to a file when a filename is given afterwards, but if !command is given, the output is piped to the stdin of command. $curl -F "sprunge=

list files recursively by size

Find size in kilobyte of files that are deleted but still in use and therefore consumes diskspace


Stay in the loop…

Follow the Tweets.

Every new command is wrapped in a tweet and posted to Twitter. Following the stream is a great way of staying abreast of the latest commands. For the more discerning, there are Twitter accounts for commands that get a minimum of 3 and 10 votes - that way only the great commands get tweeted.

» http://twitter.com/commandlinefu
» http://twitter.com/commandlinefu3
» http://twitter.com/commandlinefu10

Subscribe to the feeds.

Use your favourite RSS aggregator to stay in touch with the latest commands. There are feeds mirroring the 3 Twitter streams as well as for virtually every other subset (users, tags, functions,…):

Subscribe to the feed for: