cerisier
Reputation: 1201
How to monitor execution of new root process?
I want to exec a script when a new root process starts (on Linux). How can I simply do that ?
Upvotes: 1
Views: 271
Answers (2)
Shnatsel
Reputation: 4209
This answer explains how to get notified about creation of new processes and will tell you process IDs.
Given the process ID you can trivially determine whether the process belongs to UID 0, i.e. user root.
Upvotes: 0
smilingthax
Reputation: 5734
I guess this will be tricky, as the script would probably also be spawned as root -- and then even every external command in it.
But I think it is possible with SystemTap.
Upvotes: 1
Related Questions
- Linux / CentOS - Need to monitor a specific process
- Detect new process creation instantly in linux
- tracking all child process spawned by a root process
- How to monitor process creation and exit, and module loading on linux?
- How to continuously monitor process creation in Linux?
- Monitor a process that is already running
- Monitor multiple instances of same process
- In Unix, how can I register to know when a process is launched?
- Process tree, how to find if a said process is the root one?
- Linux: how to detect how a process was started