[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 380
  • Last Modified:

How to trace the Linux command rm

Would like to trace the command "rm" or "cp" as deep as possible. For example,
rm /usb/file.txt

Remove a file file.txt from USB stick.

What kind of operations are involved in this removal? As a user we know when we issue "rm", the file will be removed. OS kernel takes care of that.
Can any gurus shed some light on how the kernel does it, any code for it, or any links talking about it?
0
jl66
Asked:
jl66
  • 3
  • 2
2 Solutions
 
PapertripCommented:
strace rm /usb/file.txt

Open in new window

0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
You can add -v to strace for verbose output or use ltrace -S to trace system and library calls::

strace -v rm /usb/file.txt

Open in new window

or
ltrace -S rm /usb/file.txt

Open in new window

0
 
jl66Author Commented:
Thanks for both of you. I will test them and get back to you.
0
Transaction-level recovery for Oracle database

Veeam Explore for Oracle delivers low RTOs and RPOs with agentless transaction log backup and transaction-level recovery of Oracle databases. You can restore the database to a precise point in time, even to a specific transaction.

 
jl66Author Commented:
I ran the commands and got the following outputs:

...
SYS_brk(NULL)                                                      = 0x9128000
SYS_access(0x529ec6, 4, 0x52ffc4, 0x530660, 0x529ec6)              = -2
SYS_open("/etc/ld.so.cache", 0, 00)                                = 3
SYS_fstat64(3, 0xbfc53d84, 0x52ffc4, 0x5305e8, 3)                  = 0
SYS_mmap2(0, 90150, 1, 2, 3)                                       = 0xb7856000
SYS_close(3)                                                       = 0
SYS_open("/lib/libc.so.6", 0, 00)                                  = 3
SYS_read(3, "\177ELF\001\001\001", 512)                            = 512
SYS_fstat64(3, 0xbfc53dc8, 0x52ffc4, 0xb7869210, 0x8057cd4)        = 0
SYS_mmap2(0, 4096, 3, 34, -1)                                      = 0xb7855000
SYS_mmap2(0x533000, 0x16f928, 5, 2050, 3)                          = 0x533000
SYS_mmap2(0x69d000, 12288, 3, 2066, 3)                             = 0x69d000
SYS_mmap2(0x6a0000, 10536, 3, 50, -1)                              = 0x6a0000
SYS_close(3)                                                       = 0
SYS_mmap2(0, 4096, 3, 34, -1)      
....

Could you please tell me those functions belong to which *.cpp or *.h? Is thtere any way to show the info too?
 
0
 
Gerwin Jansen, EE MVETopic Advisor Commented:
Well, I guess you'd have to start digging in the Linux source code. I'm no expert at that, sorry.
0
 
jl66Author Commented:
Thanks a lot.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now