But, usually, we want a few more things, for example, a timestamp of every system call, larger amount of data passed to each, and we want the output to go to a file we can examine later.
So, the ultimate strace command line is:
sudo strace -f -tt -o /tmp/php.trace -s1024 -p `pidof php5-fpm | tr ' ' ','`
The options used are:
-f follow children
-tt timestamps, with microseconds
-o output file
-p process IDs
Tracing a running command
But, there are cases when the above is not possible. For example, you are tracing a running command.
In this case, you need to use the -p command with the process ID as an argument, so the following command is what you use. Note that we use sudo, since most daemons will not be running with the same user as yours.
sudo strace -p process_id
If that process forks other children, and you need to trace those as well, then you use the -f argument:
sudo strace -f -p process_id
Simple command as argument
However, its common use cases is when you have a single process running. Usually, you would run strace and your command as an argument, like so:
strace your_program
Leave a Reply