> I've got a mystery process writing to my /etc/inet/hosts file. I'd like to
> find a dtrace script that can monitor the file and do a "ps -ef" or
> equivalent to capture the process that's writing to > the file. I'm a dtrace
> newbie, and was hoping someone here could point me in the right
> direction. I've googled it and found some scripts that apply to zfs, this
> is just ufs.
If you just want to see writes to hosts you can try the fsinfo provider.
#pragma D option quiet
fsinfo:genunix::write /strstr(args[0]->fi_pathname,"hosts") != NULL/ {
printf("%d %s %s\n", pid, execname, args[0]->fi_pathname)
}
This will work with either UFS or ZFS.
Since its UFS the io:: provider could do something similar.
-Alex
_______________________________________________
dtrace-discuss mailing list
dtrace-discuss@opensolaris.org
