Tuesday, August 31, 2010

Linux alternative to ‘truss’ command on Solaris

The topic may seem unclear to those unfamiliar with Linux operating system but no worries I can explain.  strace can help you troubleshoot any process on the system.  Generally, people look into tools such as strace because some process is acting funky and in order to understand better what it’s doing while it’s being funky is to watch it’s every move while it’s running.  strace is similar to truss on Solaris operating system and as you’ll see it’s a very handy tool for troubleshooting.


From the man pages…”In the simplest case strace runs the specified command until it exits. It intercepts and records the system calls which are called by a process and the signals which are received by a process.”
Furthremore, “strace is a useful diagnostic, instructional, and debugging tool. System administrators, diagnosticians and trouble-shooters will find it invaluable for solving problems with programs…”
Now that you have an idea how powerful strace can be…let’s jump directly into some examples which hopefully can assist you in troubleshooting issues on your system when there is one.
strace is not installed by default but you can fetch it from it’s project site at sourceforge.
TO INSTALL
$ apt-get install strace
$ yum install strace (fedora/redhat)
$ wget http://voxel.dl.sourceforge.net/sourceforge/strace/strace-4.5.18.tar.bz2  (other OS)
$ tar -xjvf strace-4.5.18.tar.bz2
$ cd strace-4.5.18
$ ./configure; make ; make install

NOW onto EXAMPLES
Run it against a simple ‘ps’ command:
$ strace ps
Send output to a file:
$ strace -o /tmp/strace_ps.log ps
- As you can see just how much goes on in
the UNIX machine just for a simple ps command!
Start the program under control of strace:
# strace -Ff -tt <program> <arguments> 2>&1 | tee strace-<program>.log
Start strace with the process ID -
(You can get PID of a process by typing pidof <program>): 

# strace -Ff -tt -p <PID> 2>&1 | tee strace-<program>.log
To see only a trace of the
connect, open, close, read, and write system calls, enter:
# strace -e trace=connect,open,close,read,write df > /tmp/out.txt
You get the idea.

at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)