Skip to main content

DTrace one-liners

В очередной раз задолбался искать в плюсике…
What writing in directory:

dtrace -qn 'syscall::write*:entry /pid!=$pid && fds[arg0].fi_fs=="zfs" && fds[arg0].fi_mount == "/export/home/ilyxa" / { printf("Process %s \t PID %d \t write to %s \n", execname, pid, fds[arg0].fi_pathname); }'

What writing in file:

dtrace -qn 'syscall::write*:entry /fds[arg0].fi_pathname=="/etc/hosts~"/ { printf("Process %s \t PID %d \t write to %s \n", execname, pid, fds[arg0].fi_pathname); }'