lundi 23 septembre 2013

Remove tabs and spaces before # with sed

In order to remove leading spaces and tabs on Linux, i use following standard sed command :

cat aaa |sed 's/[ \t]*#/#/g'

but.... on AIX \t doesn't work ...

In order to run it on AIX, replace \t by Ctrl+v and tab (key tab)

cat aaaa |sed 's/^[ ]*#/#/g'

 

mercredi 11 septembre 2013

probevue to trace accesses to a file



Using probevue to trace who is accessing a file :

A lot of debugging can be done with truss, in order to see what system calls are called by programs.
While it can be a real time saver, it can only run on a pid or a specific command.
What if you want to see, who is doing that particular system call ?
The answer is probevue.
Probevue is a useful dynamic  tracing command, which can be used to trace specific system calls, and it allows to do some code, in order to get specific info.
I have used it for some time, now, and it helped a lot for debugging purposes.
In this example, I want to know, who is writing to a file, and even what it is writing :

darkstar:root:/home/moi# touch /tmp/myfile

darkstar:root:/home/moi#
this is the content of my probevue file

#!/bin/probevue

#

# PArametre : nom de fichier entre quotes : \"/tmp/tutu\"


int open(char *filename, int m, int p);

int kwrite(int fd, char *s, int size);

int write(int fd, char *s, int size);



@@BEGIN

{

        printf ("\n ==> Surveillance des ecritures sur %s <== \n",$1);


}


@@syscall:*:open:entry

{

        __auto String filename[256];

        filename = get_userstring(__arg1, -1);

        if (filename == $1)

        {

                printf("\n (%s) ouverture de %s par %s (pid: %d) \n",get_function(),filename,__pname,__pid);

                thread:open = 1;

        }

}


@@syscall:*:open:exit

when (thread:open == 1)

{

        thread:fd = __rv;

        //printf(" (%s) thread:fd = %d\n",get_function(),thread:fd);


}


@@syscall:*:write:entry

when (thread:open == 1)

{


                __auto String buffer[256];

                buffer = get_userstring(__arg2, 128);

                //printf("file descriptor : %ld \n",thread:fd);

                printf(" (%s) programme %s (%d) a ecrit ",get_function(),__pname, __pid);

                printf(" :  %s ",buffer);

                thread:write = 1;

                thread:open = 0;

}

@@syscall:*:write:exit

when (thread:write ==  1 )

{

                printf(" (%s) rc = %d \n",get_function(),__errno);

                thread:write = 0;

}
Execute it :

darkstar:root:/home/moi# ./pvwrite3 \"/tmp/myfile\"


 ==> Surveillance des ecritures sur /tmp/myfile <==
And try access in another window :

darkstar:root:/home/moi# echo AAAAAAAAAAAAAAAAAASSSSSDDDDDSQDaaa > /tmp/myfile

darkstar:root:/home/moi#
the result should be, in the first window :

darkstar:root:/home/moi# ./pvwrite3 \"/tmp/myfile\"


 ==> Surveillance des ecritures sur /tmp/myfile <==


 (kopen) ouverture de /tmp/myfile par ksh (pid: 53870698)

 (kwrite) programme ksh (53870698) a ecrit  :  AAAAAAAAAAAAAAAAAASSSSSDDDDDSQDaaa

  (kwrite) rc = 0
In order to work correctly, the system should be in AIX 6.1 TL7 minimum.  The script can work in lower AIX TL, but needs to be adapted.
I will post other useful scripts, asap.