Mon Jan 11 06:21:23 2016 UTC ()
Use more markup.


(wiz)
diff -r1.18 -r1.19 src/share/man/man4/filemon.4
cvs diff -r1.18 -r1.19 src/share/man/man4/Attic/filemon.4 (expand / switch to unified diff)

--- src/share/man/man4/Attic/filemon.4 2016/01/11 01:45:27 1.18
+++ src/share/man/man4/Attic/filemon.4 2016/01/11 06:21:23 1.19
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1.\" $NetBSD: filemon.4,v 1.18 2016/01/11 01:45:27 pgoyette Exp $ 1.\" $NetBSD: filemon.4,v 1.19 2016/01/11 06:21:23 wiz Exp $
2.\" 2.\"
3.\" Copyright (c) 2011, Juniper Networks, Inc. 3.\" Copyright (c) 2011, Juniper Networks, Inc.
4.\" 4.\"
5.\" Redistribution and use in source and binary forms, with or without 5.\" Redistribution and use in source and binary forms, with or without
6.\" modification, are permitted provided that the following conditions 6.\" modification, are permitted provided that the following conditions
7.\" are met: 7.\" are met:
8.\" 1. Redistributions of source code must retain the above copyright 8.\" 1. Redistributions of source code must retain the above copyright
9.\" notice, this list of conditions and the following disclaimer. 9.\" notice, this list of conditions and the following disclaimer.
10.\" 2. Redistributions in binary form must reproduce the above copyright 10.\" 2. Redistributions in binary form must reproduce the above copyright
11.\" notice, this list of conditions and the following disclaimer in the 11.\" notice, this list of conditions and the following disclaimer in the
12.\" documentation and/or other materials provided with the distribution. 12.\" documentation and/or other materials provided with the distribution.
13.\" 13.\"
14.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 14.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
@@ -144,27 +144,27 @@ for read or read-write. @@ -144,27 +144,27 @@ for read or read-write.
144for writing or read-write. 144for writing or read-write.
145.It Dv X 145.It Dv X
146.Xr exit 3 ; 146.Xr exit 3 ;
147.Ar data 147.Ar data
148is the exit status. 148is the exit status.
149.It Dv V 149.It Dv V
150indicates the version of 150indicates the version of
151.Nm . 151.Nm .
152.El 152.El
153.Pp 153.Pp
154A 154A
155.Nm 155.Nm
156instance is created by opening 156instance is created by opening
157.Dv /dev/filemon . 157.Pa /dev/filemon .
158Then use 158Then use
159.Fn ioctl filemon_fd FILEMON_SET_PID &pid 159.Fn ioctl filemon_fd FILEMON_SET_PID &pid
160to identify the target process to monitor, and 160to identify the target process to monitor, and
161.Fn ioctl filemon_fd FILEMON_SET_FD &output_fd 161.Fn ioctl filemon_fd FILEMON_SET_FD &output_fd
162to direct the event log to an already-opened output file. 162to direct the event log to an already-opened output file.
163.Sh FILES 163.Sh FILES
164.Bd -literal 164.Bd -literal
165/dev/filemon 165/dev/filemon
166.Ed 166.Ed
167.Sh EXAMPLES 167.Sh EXAMPLES
168The following example demonstrates the basic usage of 168The following example demonstrates the basic usage of
169.Nm : 169.Nm :
170.Pp 170.Pp
@@ -209,38 +209,40 @@ The output of @@ -209,38 +209,40 @@ The output of
209.Nm 209.Nm
210is intended to be simple to parse. 210is intended to be simple to parse.
211It is possible to achieve almost equivalent results with 211It is possible to achieve almost equivalent results with
212.Xr dtrace 1 212.Xr dtrace 1
213though on many systems this requires elevated privileges. 213though on many systems this requires elevated privileges.
214Also, 214Also,
215.Xr ktrace 1 215.Xr ktrace 1
216can capture similar data, but records failed system calls as well as 216can capture similar data, but records failed system calls as well as
217successful, and is thus more complex to post-process. 217successful, and is thus more complex to post-process.
218.Sh HISTORY 218.Sh HISTORY
219.Nm 219.Nm
220was contributed by Juniper Networks. 220was contributed by Juniper Networks.
221.Sh SECURITY CONSIDERATIONS 221.Sh SECURITY CONSIDERATIONS
222If the monitored process exits, and its pid gets reused, filemon will 222If the monitored process exits, and its pid gets reused,
223continue to report events for the new process (and its descendants) 223.Nm
224without any authorization checks. 224will continue to report events for the new process (and its
 225descendants) without any authorization checks.
225.Pp 226.Pp
226Monitoring of a process enables the target process to write to the 227Monitoring of a process enables the target process to write to the
227tracking process's file descriptor. 228tracking process's file descriptor.
228.Sh RESTRICTIONS 229.Sh RESTRICTIONS
229The 230The
230.Nm 231.Nm
231facility can only be used to track processes running in the system's 232facility can only be used to track processes running in the system's
232native emulation. 233native emulation.
233Neither processes using any of the 234Neither processes using any of the
234.Dv COMPAT_xxx 235.Dv COMPAT_xxx
235compatibility layers nor 236compatibility layers nor
236any descendants of such processes can be tracked. 237any descendants of such processes can be tracked.
237.Pp 238.Pp
238If two processes are monitored, and one is a descendant of the other, events 239If two processes are monitored, and one is a descendant of the other, events
239related to the descendant process and its further descendants are delivered 240related to the descendant process and its further descendants are delivered
240only to the descendant process's monitor. 241only to the descendant process's monitor.
241If a process is being monitored by two instances of filemon, events will be 242If a process is being monitored by two instances of
242delivered only to the first instance created (when 243.Nm ,
 244events will be delivered only to the first instance created (when
243.Pa /dev/filemon 245.Pa /dev/filemon
244was opened), regardless of the order in which the monitoring processes 246was opened), regardless of the order in which the monitoring processes
245called 247called
246.Fn ioctl fd FILEMON_SET_PID pid . 248.Fn ioctl fd FILEMON_SET_PID pid .