[Systrace] (linux) new userland snapshot works better, but...
Caspar Clemens Mierau
lists at damokles.de
Sun Jan 11 18:16:37 EST 2004
On Sat, Jan 10, 2004 at 02:16:26PM -0500, marius aamodt eriksen wrote:
> i'll see if i can try this on a debian box. when testing against
> redhat (fedora), i was able to do both interactive and -A policy
> creation without any problems, including on mozilla.
here we go again. tried to strace as liked and noticed that systrace
behaves different during usage of strace. scratched my head twice and
googled around a bit and found that programs that work different with
strace often have "race conditions" - something like problems with
threads, eh?
so i got one association: preempt! made a new kernel, without success -
systrace still behaves strange.
without strace (all policies deleted):
---
#systrace -A ls
bin cdrom ...
(new policy file in ~/.systrace)
#systrace -a ls
Killed
#systrace -A ls
Killed
#rm ~/.systrace/bin_ls
#systrace -A ls
bin cdrom ...
(new policy file in ~/.systrace)
#systrace -A ls
Killed
---
with strace (all policies deleted):
---
#strace -o systrace.log systrace -A ls
bin cdrom ...
(no new policy file!)
#strace -o systrace.log systrace -a ls
bin cdrom ...
(though no policy file exists...)
---
I'm attaching you a systrace of "systrace -A ls" with (systrace.log) and
without (systrace2.log) an existing .systrace/bin_ls - though they don't
differ as far as i can see. Moreover I'm attaching a diff from the
changes i make for compiling systrace userland.
I'm using libevent0.7c.
Greetings,
ccm.
--
Caspar Clemens Mierau
Rosenthaler Straße 40/41h
10178 Berlin
Tel.: 0171-1408435
-------------- next part --------------
diff systrace-1.5/configure systrace-1.5_mod/configure
1077c1077
< am__api_version="1.4"
---
> am__api_version="1.5"
1276,1277c1276,1277
< if (autoconf --version) < /dev/null > /dev/null 2>&1; then
< AUTOCONF=autoconf
---
> if (autoconf2.50 --version) < /dev/null > /dev/null 2>&1; then
> AUTOCONF=autoconf2.50
3001,3013d3000
< *-*-openbsd*)
< LIBOBJS="$LIBOBJS openbsd-syscalls.$ac_objext"
< LIBOBJS="$LIBOBJS register-openbsd.$ac_objext"
< LIBOBJS="$LIBOBJS linux-translate.$ac_objext"
< SYSTR_HEADER="<dev/systrace.h>"
< ;;
< *-*-netbsd*)
< LIBOBJS="$LIBOBJS netbsd-syscalls.$ac_objext"
< LIBOBJS="$LIBOBJS register-openbsd.$ac_objext"
< LIBOBJS="$LIBOBJS linux-translate.$ac_objext"
< SYSTR_HEADER="<sys/systrace.h>"
< SYSTR_INC="-I/sys"
< ;;
3020,3024d3006
< ;;
< *-*-darwin*)
< LIBOBJS="$LIBOBJS darwin-syscalls.$ac_objext"
< LIBOBJS="$LIBOBJS register-darwin.$ac_objext"
< SYSTR_HEADER="<sys/systrace.h>"
diff systrace-1.5/configure.in systrace-1.5_mod/configure.in
32,44d31
< *-*-openbsd*)
< AC_LIBOBJ(openbsd-syscalls)
< AC_LIBOBJ(register-openbsd)
< AC_LIBOBJ(linux-translate)
< SYSTR_HEADER="<dev/systrace.h>"
< ;;
< *-*-netbsd*)
< AC_LIBOBJ(netbsd-syscalls)
< AC_LIBOBJ(register-openbsd)
< AC_LIBOBJ(linux-translate)
< SYSTR_HEADER="<sys/systrace.h>"
< SYSTR_INC="-I/sys"
< ;;
52,56d38
< ;;
< *-*-darwin*)
< AC_LIBOBJ(darwin-syscalls)
< AC_LIBOBJ(register-darwin)
< SYSTR_HEADER="<sys/systrace.h>"
Common subdirectories: systrace-1.5/sys and systrace-1.5_mod/sys
-------------- next part --------------
setsid() = 812
ioctl(3, 0x40047365, 0xbffffa58) = 0
kill(810, SIGUSR1) = 0
rt_sigaction(SIGCHLD, {0x80530a4, [CHLD], SA_RESTART|0x4000000}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
gettimeofday({1073841197, 44611}, NULL) = 0
gettimeofday({1073841197, 44739}, NULL) = 0
gettimeofday({1073841197, 44815}, NULL) = 0
gettimeofday({1073841197, 44885}, NULL) = 0
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 29999) = 1
gettimeofday({1073841197, 68113}, NULL) = 0
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, -1) = 1
read(3, "\0\0\0\0\4\0\0\0*\3\0\0\377\377\0\0\377\377\377\377\0\0"..., 292) = 292
gettimeofday({1073841197, 68465}, NULL) = 0
close(3) = 0
_exit(0) = ?
-------------- next part --------------
brk(0x807f000) = 0x807f000
getuid32() = 1000
getgid32() = 1000
open("/etc/passwd", O_RDONLY) = 4
fcntl64(4, F_GETFD) = 0
fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=992, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
_llseek(4, 0, [0], SEEK_CUR) = 0
read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 992
close(4) = 0
munmap(0x40014000, 4096) = 0
rt_sigaction(SIGUSR1, {SIG_DFL}, {0x804ce94, [USR1], SA_RESTART|0x4000000}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [RTMIN], NULL, 8) = 0
fork() = 812
_exit(0) = ?
-------------- next part --------------
execve("/usr/local/bin/systrace", ["systrace", "-A", "ls"], [/* 18 vars */]) = 0
uname({sys="Linux", node="ccmvaio", ...}) = 0
brk(0) = 0x80797ac
open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=35011, ...}) = 0
old_mmap(NULL, 35011, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\30\222"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=1153784, ...}) = 0
old_mmap(NULL, 1166560, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4001d000
mprotect(0x40130000, 40160, PROT_NONE) = 0
old_mmap(0x40130000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x113000) = 0x40130000
old_mmap(0x40136000, 15584, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40136000
close(3) = 0
munmap(0x40014000, 35011) = 0
getuid32() = 1000
getuid32() = 1000
brk(0) = 0x80797ac
brk(0x8079bc4) = 0x8079bc4
brk(0x807a000) = 0x807a000
socket(PF_UNIX, SOCK_STREAM, 0) = 3
connect(3, {sin_family=AF_UNIX, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=465, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
read(3, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 465
brk(0x807b000) = 0x807b000
read(3, "", 4096) = 0
close(3) = 0
munmap(0x40014000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=35011, ...}) = 0
old_mmap(NULL, 35011, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000
close(3) = 0
open("/lib/libnss_compat.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\25"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=40152, ...}) = 0
old_mmap(NULL, 43256, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4013a000
mprotect(0x40144000, 2296, PROT_NONE) = 0
old_mmap(0x40144000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x9000) = 0x40144000
close(3) = 0
open("/lib/libnsl.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 ;\0\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=69472, ...}) = 0
old_mmap(NULL, 80988, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40145000
mprotect(0x40156000, 11356, PROT_NONE) = 0
old_mmap(0x40156000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x10000) = 0x40156000
old_mmap(0x40157000, 7260, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40157000
close(3) = 0
munmap(0x40014000, 35011) = 0
uname({sys="Linux", node="ccmvaio", ...}) = 0
open("/etc/passwd", O_RDONLY) = 3
fcntl64(3, F_GETFD) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=992, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
_llseek(3, 0, [0], SEEK_CUR) = 0
read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 992
close(3) = 0
munmap(0x40014000, 4096) = 0
getcwd("/", 4096) = 2
stat64("/home/ccm/.systrace", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
stat64("/home/ccm/.systrace/templates", 0xbfffe90c) = -1 ENOENT (No such file or directory)
stat64("/etc/systrace/templates", 0xbfffe90c) = -1 ENOENT (No such file or directory)
brk(0x807c000) = 0x807c000
brk(0x807d000) = 0x807d000
open("/dev/systrace", O_RDWR) = 3
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
fcntl64(3, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
rt_sigprocmask(SIG_BLOCK, [USR1], [RTMIN], 8) = 0
rt_sigaction(SIGUSR1, {0x804ce94, [USR1], SA_RESTART|0x4000000}, {SIG_DFL}, 8) = 0
getpid() = 810
fork() = 811
close(3) = 0
wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], 0, NULL) = 811
--- SIGCHLD (Child exited) ---
rt_sigsuspend([] <unfinished ...>
--- SIGUSR1 (User defined signal 1) ---
<... rt_sigsuspend resumed> ) = -1 EINTR (Interrupted system call)
sigreturn() = ? (mask now [USR1 RTMIN])
rt_sigaction(SIGUSR1, {SIG_DFL}, {0x804ce94, [USR1], SA_RESTART|0x4000000}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [RTMIN], NULL, 8) = 0
execve("/bin/ls", ["ls"], [/* 18 vars */]) = 0
uname({sys="Linux", node="ccmvaio", ...}) = 0
brk(0) = 0x80539a4
open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=35011, ...}) = 0
old_mmap(NULL, 35011, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000
close(3) = 0
open("/lib/librt.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\31"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=23388, ...}) = 0
old_mmap(NULL, 69012, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4001d000
mprotect(0x40023000, 44436, PROT_NONE) = 0
old_mmap(0x40023000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x5000) = 0x40023000
old_mmap(0x40024000, 40340, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40024000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\30\222"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=1153784, ...}) = 0
old_mmap(NULL, 1166560, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4002e000
mprotect(0x40141000, 40160, PROT_NONE) = 0
old_mmap(0x40141000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x113000) = 0x40141000
old_mmap(0x40147000, 15584, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40147000
close(3) = 0
open("/lib/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`C\0\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=102172, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4014b000
old_mmap(NULL, 81316, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4014c000
mprotect(0x40159000, 28068, PROT_NONE) = 0
old_mmap(0x40159000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xd000) = 0x40159000
close(3) = 0
munmap(0x40014000, 35011) = 0
getrlimit(0x3, 0xbffff96c) = 0
setrlimit(RLIMIT_STACK, {rlim_cur=2044*1024, rlim_max=RLIM_INFINITY}) = 0
getpid() = 810
uname({sys="Linux", node="ccmvaio", ...}) = 0
rt_sigaction(SIGRTMIN, {0x40154480, [], 0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x40154508, [], 0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_2, {0x40154608, [], 0x4000000}, NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [RTMIN], NULL, 8) = 0
_sysctl({{CTL_KERN, KERN_VERSION}, 2, 0xbffff774, 31, (nil), 0}) = 0
brk(0) = 0x80539a4
brk(0x80539d4) = 0x80539d4
brk(0x8054000) = 0x8054000
ioctl(1, SNDCTL_TMR_TIMEBASE, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, 0x5413, {ws_row=52, ws_col=119, ws_xpixel=0, ws_ypixel=0}) = 0
brk(0x8057000) = 0x8057000
open("/dev/null", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = -1 ENOTDIR (Not a directory)
open(".", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3
fstat64(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
brk(0x8059000) = 0x8059000
getdents64(0x3, 0x80567f8, 0x1000, 0) = 664
getdents64(0x3, 0x80567f8, 0x1000, 0) = 0
close(3) = 0
open("/etc/mtab", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=174, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
read(3, "/dev/hda2 / ext3 rw,errors=remou"..., 4096) = 174
close(3) = 0
munmap(0x40014000, 4096) = 0
open("/proc/meminfo", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
read(3, " total: used: free:"..., 1024) = 522
close(3) = 0
munmap(0x40014000, 4096) = 0
fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 0), ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
write(1, "bin cdrom\t debian2424 dev f"..., 79) = 79
write(1, "boot debian2423 debianbf24 et"..., 77) = 77
munmap(0x40014000, 4096) = 0
_exit(0) = ?
-------------- next part --------------
setsid() = 803
ioctl(3, 0x40047365, 0xbffffa58) = 0
kill(801, SIGUSR1) = 0
rt_sigaction(SIGCHLD, {0x80530a4, [CHLD], SA_RESTART|0x4000000}, {SIG_DFL}, 8) = 0
rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
gettimeofday({1073841183, 949486}, NULL) = 0
gettimeofday({1073841183, 949614}, NULL) = 0
gettimeofday({1073841183, 949689}, NULL) = 0
gettimeofday({1073841183, 949759}, NULL) = 0
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, 29999) = 1
gettimeofday({1073841183, 963129}, NULL) = 0
poll([{fd=3, events=POLLIN, revents=POLLIN}], 1, -1) = 1
read(3, "\0\0\0\0\4\0\0\0!\3\0\0\377\377\0\0\377\377\377\377\0\0"..., 292) = 292
gettimeofday({1073841183, 963489}, NULL) = 0
close(3) = 0
_exit(0) = ?
-------------- next part --------------
brk(0x807f000) = 0x807f000
getuid32() = 1000
getgid32() = 1000
open("/etc/passwd", O_RDONLY) = 4
fcntl64(4, F_GETFD) = 0
fcntl64(4, F_SETFD, FD_CLOEXEC) = 0
fstat64(4, {st_mode=S_IFREG|0644, st_size=992, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
_llseek(4, 0, [0], SEEK_CUR) = 0
read(4, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 992
close(4) = 0
munmap(0x40014000, 4096) = 0
rt_sigaction(SIGUSR1, {SIG_DFL}, {0x804ce94, [USR1], SA_RESTART|0x4000000}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [RTMIN], NULL, 8) = 0
fork() = 803
_exit(0) = ?
-------------- next part --------------
execve("/usr/local/bin/systrace", ["systrace", "-A", "ls"], [/* 18 vars */]) = 0
uname({sys="Linux", node="ccmvaio", ...}) = 0
brk(0) = 0x80797ac
open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=35011, ...}) = 0
old_mmap(NULL, 35011, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\30\222"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=1153784, ...}) = 0
old_mmap(NULL, 1166560, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4001d000
mprotect(0x40130000, 40160, PROT_NONE) = 0
old_mmap(0x40130000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x113000) = 0x40130000
old_mmap(0x40136000, 15584, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40136000
close(3) = 0
munmap(0x40014000, 35011) = 0
getuid32() = 1000
getuid32() = 1000
brk(0) = 0x80797ac
brk(0x8079bc4) = 0x8079bc4
brk(0x807a000) = 0x807a000
socket(PF_UNIX, SOCK_STREAM, 0) = 3
connect(3, {sin_family=AF_UNIX, path="/var/run/.nscd_socket"}, 110) = -1 ENOENT (No such file or directory)
close(3) = 0
open("/etc/nsswitch.conf", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=465, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
read(3, "# /etc/nsswitch.conf\n#\n# Example"..., 4096) = 465
brk(0x807b000) = 0x807b000
read(3, "", 4096) = 0
close(3) = 0
munmap(0x40014000, 4096) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=35011, ...}) = 0
old_mmap(NULL, 35011, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000
close(3) = 0
open("/lib/libnss_compat.so.2", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340\25"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=40152, ...}) = 0
old_mmap(NULL, 43256, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4013a000
mprotect(0x40144000, 2296, PROT_NONE) = 0
old_mmap(0x40144000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x9000) = 0x40144000
close(3) = 0
open("/lib/libnsl.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 ;\0\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=69472, ...}) = 0
old_mmap(NULL, 80988, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40145000
mprotect(0x40156000, 11356, PROT_NONE) = 0
old_mmap(0x40156000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x10000) = 0x40156000
old_mmap(0x40157000, 7260, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40157000
close(3) = 0
munmap(0x40014000, 35011) = 0
uname({sys="Linux", node="ccmvaio", ...}) = 0
open("/etc/passwd", O_RDONLY) = 3
fcntl64(3, F_GETFD) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
fstat64(3, {st_mode=S_IFREG|0644, st_size=992, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
_llseek(3, 0, [0], SEEK_CUR) = 0
read(3, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 992
close(3) = 0
munmap(0x40014000, 4096) = 0
getcwd("/", 4096) = 2
stat64("/home/ccm/.systrace", {st_mode=S_IFDIR|0700, st_size=4096, ...}) = 0
stat64("/home/ccm/.systrace/templates", 0xbfffe90c) = -1 ENOENT (No such file or directory)
stat64("/etc/systrace/templates", 0xbfffe90c) = -1 ENOENT (No such file or directory)
brk(0x807c000) = 0x807c000
brk(0x807d000) = 0x807d000
open("/dev/systrace", O_RDWR) = 3
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
fcntl64(3, F_SETFL, O_RDONLY|O_NONBLOCK) = 0
rt_sigprocmask(SIG_BLOCK, [USR1], [RTMIN], 8) = 0
rt_sigaction(SIGUSR1, {0x804ce94, [USR1], SA_RESTART|0x4000000}, {SIG_DFL}, 8) = 0
getpid() = 801
fork() = 802
close(3) = 0
wait4(-1, [WIFEXITED(s) && WEXITSTATUS(s) == 0], 0, NULL) = 802
--- SIGCHLD (Child exited) ---
rt_sigsuspend([] <unfinished ...>
--- SIGUSR1 (User defined signal 1) ---
<... rt_sigsuspend resumed> ) = -1 EINTR (Interrupted system call)
sigreturn() = ? (mask now [USR1 RTMIN])
rt_sigaction(SIGUSR1, {SIG_DFL}, {0x804ce94, [USR1], SA_RESTART|0x4000000}, 8) = 0
rt_sigprocmask(SIG_SETMASK, [RTMIN], NULL, 8) = 0
execve("/bin/ls", ["ls"], [/* 18 vars */]) = 0
uname({sys="Linux", node="ccmvaio", ...}) = 0
brk(0) = 0x80539a4
open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=35011, ...}) = 0
old_mmap(NULL, 35011, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40014000
close(3) = 0
open("/lib/librt.so.1", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\300\31"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=23388, ...}) = 0
old_mmap(NULL, 69012, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4001d000
mprotect(0x40023000, 44436, PROT_NONE) = 0
old_mmap(0x40023000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x5000) = 0x40023000
old_mmap(0x40024000, 40340, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40024000
close(3) = 0
open("/lib/libc.so.6", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\30\222"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=1153784, ...}) = 0
old_mmap(NULL, 1166560, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4002e000
mprotect(0x40141000, 40160, PROT_NONE) = 0
old_mmap(0x40141000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x113000) = 0x40141000
old_mmap(0x40147000, 15584, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40147000
close(3) = 0
open("/lib/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0`C\0\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=102172, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4014b000
old_mmap(NULL, 81316, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4014c000
mprotect(0x40159000, 28068, PROT_NONE) = 0
old_mmap(0x40159000, 28672, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xd000) = 0x40159000
close(3) = 0
munmap(0x40014000, 35011) = 0
getrlimit(0x3, 0xbffff96c) = 0
setrlimit(RLIMIT_STACK, {rlim_cur=2044*1024, rlim_max=RLIM_INFINITY}) = 0
getpid() = 801
uname({sys="Linux", node="ccmvaio", ...}) = 0
rt_sigaction(SIGRTMIN, {0x40154480, [], 0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x40154508, [], 0x4000000}, NULL, 8) = 0
rt_sigaction(SIGRT_2, {0x40154608, [], 0x4000000}, NULL, 8) = 0
rt_sigprocmask(SIG_BLOCK, [RTMIN], NULL, 8) = 0
_sysctl({{CTL_KERN, KERN_VERSION}, 2, 0xbffff774, 31, (nil), 0}) = 0
brk(0) = 0x80539a4
brk(0x80539d4) = 0x80539d4
brk(0x8054000) = 0x8054000
ioctl(1, SNDCTL_TMR_TIMEBASE, {B38400 opost isig icanon echo ...}) = 0
ioctl(1, 0x5413, {ws_row=52, ws_col=119, ws_xpixel=0, ws_ypixel=0}) = 0
brk(0x8057000) = 0x8057000
open("/dev/null", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = -1 ENOTDIR (Not a directory)
open(".", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3
fstat64(3, {st_mode=S_IFDIR|0755, st_size=4096, ...}) = 0
fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
brk(0x8059000) = 0x8059000
getdents64(0x3, 0x80567f8, 0x1000, 0) = 664
getdents64(0x3, 0x80567f8, 0x1000, 0) = 0
close(3) = 0
open("/etc/mtab", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=174, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
read(3, "/dev/hda2 / ext3 rw,errors=remou"..., 4096) = 174
close(3) = 0
munmap(0x40014000, 4096) = 0
open("/proc/meminfo", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0444, st_size=0, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
read(3, " total: used: free:"..., 1024) = 522
close(3) = 0
munmap(0x40014000, 4096) = 0
fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 0), ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40014000
write(1, "bin cdrom\t debian2424 dev f"..., 79) = 79
write(1, "boot debian2423 debianbf24 et"..., 77) = 77
munmap(0x40014000, 4096) = 0
_exit(0) = ?
More information about the systrace
mailing list