Is it possible in linux to somehow read the output (from stdout and stderr) of another process without it knowing about it? So lets say I have a process A running in the background and process B wants to read its output - is it possible? I can't use pipes or the screen program. I tried reading from /proc/xxx/fd or from /pts/x consoles and so on, but nothing worked so far.
views:
101answers:
3
+1
A:
In the kernel I guess you could write a driver that hooks the reads and writes to get what you want.
In User space you could compile a modified glibc which logs out stdout & stderr output to some file along with the process and thread ID for example. But that's risky if you break something. (assuming applications you want to trace are not linked statically or make direct syscalls to the kernel)
jdehaan
2010-06-30 11:51:55
A:
By simply using the dup2 function :
int b_fd; /* This is the B process File descriptor*/
int a_fd /* This is the A process File descriptor*/
int main (int argc, char*argv[]){
/** I suppose that you can init the file descriptor for A*/
dup2( b_fd, a_fd);
/**Now everything that A will output will be written in B file descriptor*/
}
Dimitri
2010-06-30 13:21:32
A:
I read the implication of your question that you're not about to write kernel code, and that the idea is not to modify the executable that you are spying upon.
Given those constraints, the answer is simple. No. You cannot. The process calls write(1, or write(2, and those could go anywhere, and there's no 'wiretap' provision built into the system to help you see the traffic on the way.
bmargulies
2010-07-02 02:38:00