X

What's happening

Guest Author

Been isolating a behaviour difference, used a couple of techniques to get traces of process activity. First off tracing bash scripts by explicitly starting them with bash -x. For example here's some tracing of xzless:

$ bash -x xzless
+ xz='xz --format=auto'
+ version='xzless (XZ Utils) 5.0.1'
+ usage='Usage: xzless [OPTION]... [FILE]...
...

Another favourite tool is truss, which does all kinds of amazing tracing. In this instance all I needed to do was to see what other commands were started using -f to follow forked processes and -t execve to show calls to execve:

$ truss -f -t execve jcontrol
29211: execve("/usr/bin/bash", 0xFFBFFAB4, 0xFFBFFAC0) argc = 2
...

Join the discussion

Comments ( 1 )
  • Carlos Azevedo Tuesday, June 24, 2014

    That's a good approach to narrowing down an analysis scope.

    Simple yet effective; usually provides clues.

    Regards.


Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.