ใช้คำสั่ง strace ดูการทำงานของ process

By | 04/07/2013
0 Comment

ใครไม่มีสามารถ yum install strace ได้เลยครับ
คู่มือและวิธีใช้ให้ส่ง strace -h

จะเจอ output ออกมาแบบนี้ขอให้ศึกษากันดูเองต่อไปนะครับ

[root@web01 ~]# strace -h
usage: strace [-dDffhiqrtttTvVxx] [-a column] [-e expr] … [-o file]
[-p pid] … [-s strsize] [-u username] [-E var=val] …
[command [arg …]]
or: strace -c [-D] [-e expr] … [-O overhead] [-S sortby] [-E var=val] …
[command [arg …]]
-c — count time, calls, and errors for each syscall and report summary
-f — follow forks, -ff — with output into separate files
-F — attempt to follow vforks, -h — print help message
-i — print instruction pointer at time of syscall
-q — suppress messages about attaching, detaching, etc.
-r — print relative timestamp, -t — absolute timestamp, -tt — with usecs
-T — print time spent in each syscall, -V — print version
-v — verbose mode: print unabbreviated argv, stat, termio[s], etc. args
-x — print non-ascii strings in hex, -xx — print all strings in hex
-a column — alignment COLUMN for printing syscall results (default 40)
-e expr — a qualifying expression: option=[!]all or option=[!]val1[,val2]…
options: trace, abbrev, verbose, raw, signal, read, or write
-o file — send trace output to FILE instead of stderr
-O overhead — set overhead for tracing syscalls to OVERHEAD usecs
-p pid — trace process with process id PID, may be repeated
-D — run tracer process as a detached grandchild, not as parent
-s strsize — limit length of print strings to STRSIZE chars (default 32)
-S sortby — sort syscall counts by: time, calls, name, nothing (default time)
-u username — run command as username handling setuid and/or setgid
-E var=val — put var=val in the environment for command
-E var — remove var from the environment for command
[root@web01 ~]#

ในที่นี้ผมจะลองใช้คำสั่ง strace ด้วย option -e open เพื่อดูว่า process นั้นได้ open ไฟล์ใดในระบบเข้ามาใช้บ้าง ในที่นี้ผมจะลองสั่ง strace squid -e open
หมายความว่าผมต้องการดูการทำงาน process ชื่อ squid และ option -e open คือการแสดง open ไฟล์ที่ process นั้นได้ดึงมาใ้ช้งาน มาลองดู output กันครับ

[root@web01 ~]# strace -e open squid
open(“/etc/ld.so.cache”, O_RDONLY)      = 3
open(“/lib64/librt.so.1”, O_RDONLY)     = 3
open(“/lib64/libpthread.so.0”, O_RDONLY) = 3
open(“/lib64/libcrypt.so.1”, O_RDONLY)  = 3
open(“/usr/local/lib/libxml2.so.2”, O_RDONLY) = 3
open(“/lib64/libexpat.so.1”, O_RDONLY)  = 3
open(“/usr/lib64/libssl.so.10”, O_RDONLY) = 3
open(“/usr/lib64/libcrypto.so.10”, O_RDONLY) = 3
open(“/lib64/libnsl.so.1”, O_RDONLY)    = 3
open(“/lib64/libcap.so.2”, O_RDONLY)    = 3
open(“/lib64/libdl.so.2”, O_RDONLY)     = 3
open(“/usr/lib64/libltdl.so.7”, O_RDONLY) = 3
open(“/usr/lib64/libstdc++.so.6”, O_RDONLY) = 3
open(“/lib64/libm.so.6”, O_RDONLY)      = 3
open(“/lib64/libgcc_s.so.1”, O_RDONLY)  = 3
open(“/lib64/libc.so.6”, O_RDONLY)      = 3
open(“/lib64/libfreebl3.so”, O_RDONLY)  = 3
open(“/usr/local/lib/libz.so.1”, O_RDONLY) = 3
open(“/usr/local/lib/libiconv.so.2”, O_RDONLY) = 3
open(“/lib64/libgssapi_krb5.so.2”, O_RDONLY) = 3
open(“/lib64/libkrb5.so.3”, O_RDONLY)   = 3
open(“/lib64/libcom_err.so.2”, O_RDONLY) = 3
open(“/lib64/libk5crypto.so.3”, O_RDONLY) = 3
open(“/lib64/libattr.so.1”, O_RDONLY)   = 3
open(“/lib64/libkrb5support.so.0”, O_RDONLY) = 3
open(“/lib64/libkeyutils.so.1”, O_RDONLY) = 3
open(“/lib64/libresolv.so.2”, O_RDONLY) = 3
open(“/lib64/libselinux.so.1”, O_RDONLY) = 3
open(“/proc/filesystems”, O_RDONLY)     = 3
open(“/etc/localtime”, O_RDONLY)        = 3
open(“/etc/squid/squid.conf”, O_RDONLY) = 3
2013/07/04 09:21:32| WARNING: (B) ‘::/0’ is a subnetwork of (A) ‘::/0’
2013/07/04 09:21:32| WARNING: because of this ‘::/0’ is ignored to keep splay tree searching predictable
2013/07/04 09:21:32| WARNING: You should probably remove ‘::/0’ from the ACL named ‘all’
2013/07/04 09:21:32| WARNING: Netmasks are deprecated. Please use CIDR masks instead.
2013/07/04 09:21:32| WARNING: IPv4 netmasks are particularly nasty when used to compare IPv6 to IPv4 ranges.
2013/07/04 09:21:32| WARNING: For now we will assume you meant to write /32
open(“/etc/nsswitch.conf”, O_RDONLY)    = 3
open(“/etc/ld.so.cache”, O_RDONLY)      = 3
open(“/lib64/libnss_files.so.2”, O_RDONLY) = 3
open(“/etc/passwd”, O_RDONLY|O_CLOEXEC) = 3
open(“/etc/group”, O_RDONLY|O_CLOEXEC)  = 3
open(“/proc/sys/crypto/fips_enabled”, O_RDONLY) = 3
open(“/dev/urandom”, O_RDONLY|O_NOCTTY|O_NONBLOCK) = 3
open(“/etc/pki/tls/cert.pem”, O_RDONLY) = 3
open(“/var/log/squid/cache.log”, O_RDWR|O_CREAT|O_APPEND, 0666) = 3
open(“/var/run/squid.pid”, O_RDONLY)    = 4
[root@web01 ~]#

คำสั่งนี้สามารถนำไปใช้ประโยชน์อย่างมากครับ กรณี process ทำงานผิดพลาดก็สามารถใช้คำสั่งนี้เพื่อดูการทำงานของ process นั้นได้เช่นกันครับ

ผิดพลาดประการใดขออภัยด้วยครับ

 

ใส่ความเห็น