Snippets Groups Projects

7 years ago
e8ebbf33

Add licence and readme. · e8ebbf33
Dominik George authored 7 years ago

Verified
e8ebbf33

History

Add licence and readme.
Dominik George authored 7 years ago

README.md 1.54 KiB

Universal strace wrapper for debugging

stracify is a universal strace wrapper for debugging purposes. It replaces an arbitrary binary with itself, ensuring it will be called as close to the original as possible, and also includes some management code to wrap or unwrap binaries.

Installation

Install mksh as a dependency, then install the stracify script into the PATH.

Wrapping a binary

Wrapping a binary is done using the command sudo stracify /usr/bin/foo.

An optional strace filter expression can be passed, like sudo stracify /usr/bin/foo open,write.

On Debian systems, care is taken to register the diversion with dpkg.

Finding the strace output of calls

The output fiels are stored in a directory structure organised like this:

/var/log/stracify/
 |- usr_bin_foo/
     |- root/
         |- strace_2017-09-08T14:19:57+02:00_11911.log.11924
     |- user1/
         |- ...

This structure was chosen so all users can run the wrapped binary, but without opening up the strace outputs from one user's calls to others. The template for the log file names is strace_$date_$pif.$childpid.

Please note that due to the architecture of stracify, the logs will contain quite a bit of trace from stracify and mksh themselves. This is not very pretty, but better than losing functionality in the wrapped binary due to a crooked call.

Unwrapping a binary

A binary can be unwrapped using the command stracify unwrap /usr/bin/foo.