Reputation: 21
can i catch the syscalls executed by linux program in an own c program?
I want to ask if there is any possibility for catching the syscalls executed by another program on linux? so i can monitor what the program is doing on the system.
I already looked at the /proc/pid/ files but dont found anything related to this.
I want to program this on my own using the language c.
Upvotes: 2
Views: 1380
Answers (1)
Reputation: 155323
For non-programmatic use, you'd want the strace command line utility, but for programmatic use, you probably want to look at the ptrace system call. Both of them can monitor processes that opt-in to monitoring (which can be done without that process's direct cooperation if they're launched by strace or by opt-ing in with ptrace after fork, before exec), or with sufficient privileges, existing processes.
Upvotes: 4
Related Questions
- How do I reimplement (or wrap) a syscall function on Linux?
- How to trace a process for system calls?
- Copying and executing a syscall in a C program
- Trigger the invocations of system call in Linux, C program?
- how could I intercept linux sys calls?
- How do I make syscalls from my C program
- How to detect if a syscall exists on linux programmatically?
- how to use programming way to intercept system calls invoked in a running process on linux?
- Can C be used to capture system calls on a machine?
- Capturing syscall stdout without writing to file in C/C++