tags:

views:

356

answers:

3
+4  Q: 

How to trace a program from its very beginning without running it as root

I'm writing a tool that calls through to DTrace to trace the program that the user specifies.

If my tool uses dtrace -c to run the program as a subprocess of DTrace, not only can I not pass any arguments to the program, but the program runs with all the privileges of DTrace—that is, as root (I'm on Mac OS X). This makes certain things that should work break, and obviously makes a great many things that shouldn't work possible.

The other solution I know of is to start the program myself, pause it by sending it SIGSTOP, pass its PID to dtrace -p, then continue it by sending it SIGCONT. The problem is that either the program runs for a few seconds without being traced while DTrace gathers the symbol information or, if I sleep for a few seconds before continuing the process, DTrace complains that objc<pid>:<class>:<method>:entry matches no probes.

Is there a way that I can run the program under the user's account, not as root, but still have DTrace able to trace it from the beginning?

+2  A: 

Create a launcher program that will wait for a signal of some sort (not necessarily a literal signal, just an indication that it's ready), then exec() your target. Now dtrace -p the launcher program, and once dtrace is up, let the launcher go.

bdonlan  2009-07-30 03:13:29
Even better: roll it all into one. Create a pipe, fork, have the child wait on the pipe, dtrace -p CHILD_PID, write to the pipe, child wakes up and calls exec.
bstpierre  2009-07-30 03:41:27
Sounds promising. I don't know that it will work, though: My tool is written in Python, and it's designed to trace Cocoa programs. Without any Cocoa in my tool, I think I'll still get the error that the objc provider matches no probes. But I'll try it tomorrow.
Peter Hosey  2009-07-30 06:19:11
+2  A: 

If the other answer doesn't work for you, can you run the program in gdb, break in main (or even earlier), get the pid, and start the script? I've tried that in the past and it seemed to work.

kperryua  2009-07-30 07:12:09
+2  A: 

Something like sudo dtruss -f sudo -u <original username> <command> has worked for me, but I felt bad about it afterwards.

I filed a Radar bug about it and had it closed as a duplicate of #5108629.

alex strange  2009-12-05 07:43:04

related questions

Any ReSharper equivalent for Xcode?
Rich GUI OS X Frameworks?
Best UML Application for MAC OSX / Cross Platform
Developer Setup for Starting Out with Cocoa/Mac Programming
Python Sound ("Bell")
In Cocoa do I need to remove an Object from receiving KVO notifications when deallocating it?
Is there a good GUI SVN app for Mac (better than XCode)
Oracle SQL Developer not responsive when trying to view tables (or suggest an Oracle Mac client)
How can I improve performance when adding InDesign XMLElements via AppleScript?
Cocoa - best way to capture key events in NSTextView?
Reading Other Process' Memory in Mac OS / BSD
Accessing iSight programatically?
SharePoint WSS 3.0 Integration with Mac OSX (either Safari or Firefox)
Not showing Dialog when opening file in Acrobat Pro using Applescript
Cocoa and Objective-C resources?
Source control for web projects.
x86 Assembly on a mac...
Upload form does not work in Firefox 3 with Mac OS X
I have some RAM to burn - any suggestions?
How to tab between buttons on an Mac OS X dialog box
How to tab focus onto a dropdown field in Mac OSX
How do I turn on line numbers by default in TextWrangler on the Mac?
What are the preferred versions of Vim and Emacs on Mac OS X?
Best subversion client for Mac OS
How can I find the full path to a font from its display name on a Mac?