Is there a way to redirect/see the stdin/stdout/stderr of a given running process(By PID) in a simple way ?
是否有一种方法可以简单地重定向/查看给定运行进程(通过PID)的stdin/stdout/stderr ?
I tried the following (Assume that 'pid' contains a running user process):
我尝试了以下方法(假设‘pid’包含一个正在运行的用户进程):
int foo(const void* data, struct file* file, unsigned fd)
{
printf("Fd = %x\n", fd);
return 0;
}
struct task_struct* task = pid_task(find_vpid(pid), PIDTYPE_PID);
struct files_struct* fs = task->files;
iterate_fd(fs, 0, foo, NULL);
I get 3 calls to foo (This process probably has 3 opened files, makes sense) but I can't really read from them (from the file pointers).
我得到3个对foo的调用(这个过程可能有3个打开的文件,这是有道理的)但是我不能从它们(从文件指针)中读取。
It prints:
它打印:
0
1
2
Is it possible to achieve what I asked for in a fairly simple way ?
是否有可能以一种相当简单的方式实现我所要求的?
thanks
谢谢
2 个解决方案
#1
2
First, if you can change your architecure, you run it under something like screen, tmux, nohup, or dtach which will make your life easier.
首先,如果您可以更改您的架构,您可以在屏幕、tmux、nohup或dtach之类的东西下运行它,这将使您的生活更加轻松。
But if you have a running program, you can use strace to monitor it's kernel calls, including all reads/writes. You will need to limit what it sees (try -e), and maybe filter the output for just the first 3 FDs. Also add -s because the default is to limit the size of data recorded. Something like: strace -p <PID> -e read,write -s 1000000
但是如果您有一个正在运行的程序,您可以使用strace监视它的内核调用,包括所有的读/写。您将需要限制它看到的内容(尝试-e),并可能只过滤前3个FDs的输出。还要添加-s,因为默认情况是限制记录的数据的大小。比如:strace -p
#2
1
You can achieve it via gdb
您可以通过gdb实现它
Check the file handles process() has open :
检查文件句柄进程()是否打开:
$ ls -l /proc/6760/fd
total 3
lrwx—— 1 rjc rjc 64 Feb 27 15:32 0 -> /dev/pts/5
l-wx—— 1 rjc rjc 64 Feb 27 15:32 1 -> /tmp/foo1
lrwx—— 1 rjc rjc 64 Feb 27 15:32 2 -> /dev/pts/5
Now run GDB:
现在运行GDB:
$ gdb -p 6760 /bin/cat
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
[lots more license stuff snipped]
Attaching to program: /bin/cat, process 6760
[snip other stuff that’s not interesting now]
(gdb) p close(1)
$1 = 0
Provide a new file name to get output - process_log
提供一个新的文件名来获取输出- process_log
(gdb) p creat(“/tmp/process_log″, 0600)
$2 = 1
(gdb) q
The program is running. Quit anyway (and detach it)? (y or n) y
Detaching from program: /bin/cat, process 6760
After that verify the result as:
然后验证结果为:
ls -l /proc/6760/fd/
total 3
lrwx—— 1 rjc rjc 64 2008-02-27 15:32 0 -> /dev/pts/5
l-wx—— 1 rjc rjc 64 2008-02-27 15:32 1 -> /tmp/process_log <====
lrwx—— 1 rjc rjc 64 2008-02-27 15:32 2 -> /dev/pts/5
In the similar way, you can redirect stdin, stderr too.
同样,您也可以重定向stdin、stderr。
#1
2
First, if you can change your architecure, you run it under something like screen, tmux, nohup, or dtach which will make your life easier.
首先,如果您可以更改您的架构,您可以在屏幕、tmux、nohup或dtach之类的东西下运行它,这将使您的生活更加轻松。
But if you have a running program, you can use strace to monitor it's kernel calls, including all reads/writes. You will need to limit what it sees (try -e), and maybe filter the output for just the first 3 FDs. Also add -s because the default is to limit the size of data recorded. Something like: strace -p <PID> -e read,write -s 1000000
但是如果您有一个正在运行的程序,您可以使用strace监视它的内核调用,包括所有的读/写。您将需要限制它看到的内容(尝试-e),并可能只过滤前3个FDs的输出。还要添加-s,因为默认情况是限制记录的数据的大小。比如:strace -p
#2
1
You can achieve it via gdb
您可以通过gdb实现它
Check the file handles process() has open :
检查文件句柄进程()是否打开:
$ ls -l /proc/6760/fd
total 3
lrwx—— 1 rjc rjc 64 Feb 27 15:32 0 -> /dev/pts/5
l-wx—— 1 rjc rjc 64 Feb 27 15:32 1 -> /tmp/foo1
lrwx—— 1 rjc rjc 64 Feb 27 15:32 2 -> /dev/pts/5
Now run GDB:
现在运行GDB:
$ gdb -p 6760 /bin/cat
GNU gdb (Ubuntu 7.7.1-0ubuntu5~14.04.2) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
[lots more license stuff snipped]
Attaching to program: /bin/cat, process 6760
[snip other stuff that’s not interesting now]
(gdb) p close(1)
$1 = 0
Provide a new file name to get output - process_log
提供一个新的文件名来获取输出- process_log
(gdb) p creat(“/tmp/process_log″, 0600)
$2 = 1
(gdb) q
The program is running. Quit anyway (and detach it)? (y or n) y
Detaching from program: /bin/cat, process 6760
After that verify the result as:
然后验证结果为:
ls -l /proc/6760/fd/
total 3
lrwx—— 1 rjc rjc 64 2008-02-27 15:32 0 -> /dev/pts/5
l-wx—— 1 rjc rjc 64 2008-02-27 15:32 1 -> /tmp/process_log <====
lrwx—— 1 rjc rjc 64 2008-02-27 15:32 2 -> /dev/pts/5
In the similar way, you can redirect stdin, stderr too.
同样,您也可以重定向stdin、stderr。