Professional Web Applications Themes

Any way to log all process launches? - FreeBSD

Hi! I'm trying to track down an odd problem, for which it would be very useful to be able to have the computer keep track of every process that gets created -- ie, keep a list of every fork / exec that occurs. Is this possible? Thanks, Ricky Morse...

  1. #1

    Default Any way to log all process launches?

    Hi! I'm trying to track down an odd problem, for which it would be
    very useful to be able to have the computer keep track of every process
    that gets created -- ie, keep a list of every fork / exec that occurs.
    Is this possible?

    Thanks,
    Ricky Morse

    Richard Guest

  2. #2

    Default Re: Any way to log all process launches?

    On 2005-04-08 10:32, Richard Morse <org> wrote: 

    Yes, it is possible. This is part of what `process accounting' does.

    Look at the manpages of accton(8), lastcomm(1); then check the
    accounting_enable knob in rc.conf(5) and /etc/defaults/rc.conf

    Giorgos Guest

  3. #3

    Default Re: Any way to log all process launches?

    On Fri, 8 Apr 2005 10:32:34 -0400
    Richard Morse <org> wrote:
     

    take a look at the manpages of accton, sa, and perhaps also lsof

    see also here :
    http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/security-accounting.html

    albi@scii.nl Guest

  4. #4

    Default Re: Any way to log all process launches?

    On 8 Apr 2005, at 10:41 AM, Giorgos Keramidas wrote:
     
    >
    > Yes, it is possible. This is part of what `process accounting' does.
    >
    > Look at the manpages of accton(8), lastcomm(1); then check the
    > accounting_enable knob in rc.conf(5) and /etc/defaults/rc.conf[/ref]

    Thanks! I was looking under logging and auditing and tracing -- not
    accounting...

    Ricky

    Richard Guest

  5. #5

    Default Re: Any way to log all process launches?

    Richard Morse wrote: 
    > >
    > > Yes, it is possible. This is part of what `process accounting' does.
    > >
    > > Look at the manpages of accton(8), lastcomm(1); then check the
    > > accounting_enable knob in rc.conf(5) and /etc/defaults/rc.conf[/ref]
    >
    > Thanks! I was looking under logging and auditing and tracing -- not
    > accounting...[/ref]

    If you need more detailed information some patches at garage.freebsd.pl
    might be interesting - especially lrexec. It may be a bit outdated but
    it provides you with the information standard utilities don't.

    Michal


    Michal Guest

  6. #6

    Default Re: Any way to log all process launches?

    > If you need more detailed information some patches at garage.freebsd.pl 

    Thanks for the interesting link. How much of this is committed to the
    tree (perhaps -CURRENT)? Quite a few of those patches seem to provide
    zero-cost security (like the setgid crontab) and I for one would
    certainly like to see them in FreeBSD in the future...

    Mark

    --
    PGP: http://www.darklogik.org/pub/pgp/pgp.txt
    B776 43DC 8A5D EAF9 2126 9A67 A7DA 390F DEFF 9DD1

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.4.0 (FreeBSD)

    iQIVAwUBQlbRJafaOQ/e/53RAQpKsg/9Fgu0y3RDP/5sVqseFSP34Yqg8pMOGkFo
    MEv0+kyfx41k5PjS2/+PU5R4ah6wOii9LThzIxB5piWV80ynziwgJxE2vTHWpkLV
    4F1QqEFX4c0ve2XUpQwASUzTBsbEOUDlmYr1o80oflUxMlp7z6 2M4AuDa0Kq2ws9
    eE/oUixftiO4OmpJ4eLlkJSDx0lEqMuWHR+47wnNAsQ2oYpE16Tjx xgKTkCYQkcd
    WHgSSk+kXMR8PxcQevAnOvRnPJfKFeQxn7ZMMvLeEdn/GgwiaGEe5DuvKOG7w0Fq
    smNyKJCJE3K1ncD+/Ryvxv2BI8HjPVz2yp3leENBYpEAc+rcDB4wNUnqelsmaeWG
    kjucUjLnse+l8iZUTBzOMFPNE2ZHqDGwqOYAPiJBX3e8iKsEz9 lkOOq89moukSvA
    1LmjjHSVSfMr7qvtZJw+uZ1UqnYUR96I/612eQRI/58SS0+WYZ0tLqwtQNoPHY/c
    tUOtRQ+EhAE+lv+QurNRxkXAPkiuW7r6astijefKwHokJSGJ9o RF+IVHJ4I00kcz
    luX2o3J5W2VmAe2mQejTr93AGSZtpusmiwlk+j75r0klOFJMe0 kxNKmSIfBlM/HE
    rc2b/sJg9ElTTdHuF+sodB+Mi8eb2iwifqa600zS8ft9JGsGweNkgGK SbZ8UVyJW
    hxiL6fgqHNg=
    =O7pg
    -----END PGP SIGNATURE-----

    markzero Guest

  7. #7

    Default Re: Any way to log all process launches?

    markzero píše v pá 08. 04. 2005 v 19:44 +0100: 
    >
    > Thanks for the interesting link. How much of this is committed to the
    > tree (perhaps -CURRENT)? Quite a few of those patches seem to provide
    > zero-cost security (like the setgid crontab) and I for one would
    > certainly like to see them in FreeBSD in the future...[/ref]

    Not much. His GEOM modules, jailfsstat and kern.msgbuf in some form or
    other as far as I can tell.

    The author of the patches became FreeBSD committer so you'd better ask
    him. Lot's of people would love to see some more it the tree. I like and
    would use mijail and privipc for sure. There were some discussions about
    the patches on the mailing lists in the past. E.g. everyone likes the
    idea of privipc but it seems to be almost impossible to do really
    correctly. Try to ask org.

    Michal

    Michal Guest

Similar Threads

  1. [OT NEWS] Apple launches Bootcamp
    By mmmmark in forum Windows Vista
    Replies: 6
    Last Post: April 6th, 02:41 AM
  2. Sigma launches a slew of new lenses
    By Siddhartha in forum Photography
    Replies: 13
    Last Post: February 16th, 02:42 PM
  3. New window from IE .swf launches Netscape
    By miguel0933 webforumsuser@macromedia.com in forum Macromedia Flash Actionscript
    Replies: 2
    Last Post: January 24th, 11:43 AM
  4. PSE launches, but doesn't open file
    By Pasta_Prince@adobeforums.com in forum Adobe Photoshop Elements
    Replies: 3
    Last Post: October 28th, 02:31 AM
  5. PSE 1.0 crashes every time the app launches
    By Jason Brumbaugh in forum Adobe Photoshop Elements
    Replies: 1
    Last Post: August 23rd, 03:30 AM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139