Unix Miscellaneous

1. ipcs provides information on the ipc facilities for which the calling process has read acccess.
The -i option allows a specific resource id to be specified. Only information on this id will be printed.

Options:
-m : shared memory segments
-q : message queues
-s : semaphore arrays
-a : all (this is the default)

2. ipcrm - remove a message queue, semaphore set or shared memory id

Options:
-M shmkey : removes the shared memory segment created with shmkey after the last detach is performed.
-m shmid : removes the shared memory segment identified by shmid after the last detach is performed.
-Q msgkey : removes the message queue created with msgkey.
-q msgid : removes the message queue identified by msgid.
-S semkey : removes the semaphore created with semkey.
-s semid : removes the semaphore identified by semid.

3. swab - swap adjacent bytes (Useful during Porting on Unix Platforms)

#include <unistd.h>
void swab(const void *from, void *to, ssize_t n);

Description:
The swab() function copies n bytes from the array pointed to by from to the array pointed to by to, exchanging adjacent even and odd bytes. This function is used to exchange data between machines that have different low/high byte ordering.

This function does nothing when n is negative. When n is positive and odd, it handles n-1 bytes as above, and does something unspecified with the last byte. (In other words, n should be even.)

4. lsof - A utility which lists open files on a Linux/UNIX system.
glsof - GUI for lsof.

A command meaning "list open files", which is used in many Unix-like systems to report a list of all open files and the processes that opened them.

Open files in the system include disk files, pipes, network sockets and devices opened by all processes. One use for this command is when a disk cannot be unmounted because (unspecified) files are in use. The listing of open files can be consulted (suitably filtered if necessary) to identify the process that is using the files.

5. netstat (network statistics) - A command-line tool that displays network connections (both incoming and outgoing), routing tables, and a number of network interface statistics. It is available on Unix, Unix-like, and Windows NT-based operating systems.

Parameters used with this command must be prefixed with a hyphen (-) rather than a slash (/).

-a : Displays all active TCP connections and the TCP and UDP ports on which the computer is listening.

-b : Displays the binary (executable) program's name involved in creating each connection or listening port. (Windows only)

-e : Displays ethernet statistics, such as the number of bytes and packets sent and received. This parameter can be combined with -s.

-f : Displays fully qualified domain names for foreign addresses.(not available under Windows)

-i : Displays network interfaces and their statistics (not available under Windows)

-n : Displays active TCP connections, however, addresses and port numbers are expressed numerically and no attempt is made to determine names.

-o : Displays active TCP connections and includes the process ID (PID) for each connection. You can find the application based on the PID on the Processes tab in Windows Task Manager. This parameter can be combined with -a, -n, and -p. This parameter is available on Microsoft Windows XP, 2003 Server (not Microsoft Windows 2000)).

-p Windows: Protocol : Shows connections for the protocol specified by Protocol. In this case, the Protocol can be tcp, udp, tcpv6, or udpv6. If this parameter is used with -s to display statistics by protocol, Protocol can be tcp, udp, icmp, ip, tcpv6, udpv6, icmpv6, or ipv6.

-p Linux: Process : Show which processes are using which sockets (similar to -b under Windows) (you must be root to do this)

-r : Displays the contents of the IP routing table. (This is equivalent to the route print command under Windows.)

-s : Displays statistics by protocol. By default, statistics are shown for the TCP, UDP, ICMP, and IP protocols. If the IPv6 protocol for Windows XP is installed, statistics are shown for the TCP over IPv6, UDP over IPv6, ICMPv6, and IPv6 protocols. The -p parameter can be used to specify a set of protocols.

-v : When used in conjunction with -b it will display the sequence of components involved in creating the connection or listening port for all executables.

Interval : Redisplays the selected information every Interval seconds. Press CTRL+C to stop the
redisplay. If this parameter is omitted, netstat prints the selected information only once.

/? : Displays help at the command prompt. (only on Windows)

6. ptrace - process trace
#include <sys/ptrace.h>long ptrace(enum __ptrace_request request, pid_t pid, void*addr, void *data);

The ptrace() system call provides a means by which a parent process may observe and control the execution of another process, and examine and change its core image and registers. It is primarily used to implement breakpoint debugging and system call tracing.

Have you ever wondered how system calls can be intercepted? Have you ever tried fooling the kernel by changing system call arguments? Have you ever wondered how debuggers stop a running process and let you take control of the process?

If you are thinking of using complex kernel programming to accomplish tasks, think again. Linux provides an elegant mechanism to achieve all of these things: the ptrace (Process Trace) system call. ptrace provides a mechanism by which a parent process may observe and control the execution of another process. It can examine and change its core image and registers and is used primarily to implement breakpoint debugging and system call tracing.

Links:
Playing with PTrace Part1 - http://www.linuxjournal.com/article/6100
Playing with PTrace Part2 - http://www.linuxjournal.com/article/6210

7. strace - System Call Trace
Tracing the system calls of a program, we have a very good tool in strace. What is unique about strace is that, when it is run in conjunction with a program, it outputs all the calls made to the kernel by the program.

In many cases, a program may fail because it is unable to open a file or because of insufficient memory. And tracing the output of the program will clearly show the cause of either problem.
The use of strace is quite simple and takes the following form:$ strace

For example, I can run a trace on 'ls' as follows : $ strace ls

And this will output a great amount of data on to the screen. If it is hard to keep track of the scrolling mass of data, then there is an option to write the output of strace to a file instead which is done using the -o option.

For example: $ strace -o strace_ls_output.txt ls
Links
http://linuxhelp.blogspot.com/2006/05/strace-very-powerful-troubleshooting.html
http://www.redhat.com/magazine/010aug05/features/strace/