how to monitor system calls for a process?
+7
A:
Check strace
In the simplest case strace runs the specified command until it exits. It intercepts and records the system calls which are called by a process and the signals which are received by a process. The name of each system call, its arguments and its return value are printed on standard error or to the file specified with the -o option.
Each line in the trace contains the system call name, followed by its arguments in parentheses and its return value.
nik
2009-06-18 03:00:56
Somehow I remember `strace` being relatively Linux-biased, though it appears to work on other platforms now. SunOS has a similar (and older) `truss` utility, inherited by Solaris; I believe that `truss` also runs on BSDs, which have their own `ktrace` utility. I've never used them, but I hear that Irix and Tru64 have `par` and `trace` respectively, all serving the same purpose.
ephemient
2009-06-18 03:19:34
For the most part, the programs all do the same thing. They have different output format, but mostly the same information. On HP-UX, the command is called tusc.
Rob Kennedy
2009-06-18 03:21:31