trusty (4) filemon.4freebsd.gz

Provided by: freebsd-manpages_9.2+1-1_all bug

NAME
     filemon — the filemon device


SYNOPSIS
     #include <dev/filemon/filemon.h>


DESCRIPTION
     The filemon device allows a process to collect file operations data of its children.  The device
     /dev/filemon responds to two ioctl(2) calls.

     System calls are denoted using the following single letters:

     ‘C’     chdir(2)
     ‘D’     unlink(2)
     ‘E’     exec(2)
     ‘F’     fork(2), vfork(2)
     ‘L’     link(2), linkat(2), symlink(2), symlinkat(2)
     ‘M’     rename(2)
     ‘R’     open(2) for read
     ‘S’     stat(2)
     ‘W’     open(2) for write
     ‘X’     _exit(2)

     Note that ‘R’ following ‘W’ records can represent a single open(2) for R/W, or two seperate open(2) calls,
     one for ‘R’ and one for ‘W’.


IOCTLS
     User mode programs communicate with the filemon driver through a number of ioctls which are described
     below.  Each takes a single argument.

     FILEMON_SET_FD   Write the internal tracing buffer to the supplied open file descriptor.

     FILEMON_SET_PID  Child process ID to trace.


RETURN VALUES
     The ioctl() function returns the value 0 if successful; otherwise the value -1 is returned and the global
     variable errno is set to indicate the error.


FILES
     /dev/filemon


EXAMPLES
     #include <sys/types.h>
     #include <sys/stat.h>
     #include <sys/wait.h>
     #include <sys/ioctl.h>
     #include <dev/filemon/filemon.h>
     #include <fcntl.h>
     #include <err.h>

     static void
     open_filemon(void)
     {
             pid_t child;
             int fm_fd, fm_log;

             if ((fm_fd = open("/dev/filemon", O_RDWR)) == -1)
                     err(1, "open(\"/dev/filemon\", O_RDWR)");
             if ((fm_log = open("filemon.out",
                 O_CREAT | O_WRONLY | O_TRUNC, DEFFILEMODE)) == -1)
                     err(1, "open(filemon.out)");

             if (ioctl(fm_fd, FILEMON_SET_FD, &fm_log) == -1)
                     err(1, "Cannot set filemon log file descriptor");
             /* Set up these two fd's to close on exec. */
             (void)fcntl(fm_fd, F_SETFD, FD_CLOEXEC);
             (void)fcntl(fm_log, F_SETFD, FD_CLOEXEC);

             if ((child = fork()) == 0) {
                     child = getpid();
                     if (ioctl(fm_fd, FILEMON_SET_PID, &child) == -1)
                             err(1, "Cannot set filemon PID");
                     /* Do something here. */
                     return 0;
             } else {
                     wait(&child);
                     close(fm_fd);
             }
             return 0;
     }

     Creates a file named filemon.out and configures the filemon device to write the filemon buffer contents to
     it.


SEE ALSO
     dtrace(1), ktrace(1), truss(1)


HISTORY
     A filemon device appeared in FreeBSD 9.1.