说下pidof这个方法,挺好用的
root@tb:/usr/share/nginx/html# pidof nginx
1034 1033 1032 1031 1030
root@tb:/usr/share/nginx/html# ps -aux|grep nginx
root 1030 0.0 0.0 85892 2880 ? Ss 09:00 0:00 nginx: master process /usr/sbin/nginx
www-data 1031 0.0 0.1 86572 4688 ? S 09:00 0:00 nginx: worker process
www-data 1032 0.0 0.0 86280 3604 ? S 09:00 0:01 nginx: worker process
www-data 1033 0.0 0.0 86280 3604 ? S 09:00 0:01 nginx: worker process
www-data 1034 0.0 0.0 86280 3604 ? S 09:00 0:01 nginx: worker process
root 4393 0.0 0.0 15964 2248 pts/0 S+ 16:44 0:00 grep --color=autonginx
root@tb:/usr/share/nginx/html# pidof php5-fpm
1051 1050 1041
root@tb:/usr/share/nginx/html# ps -aux|grep php-fpm
root 1041 0.0 0.5 240308 21192 ? Ss 09:00 0:00 php-fpm: master process (/etc/php5/fpm/php-fpm.conf)
www-data 1050 0.0 0.3 240420 12456 ? S 09:00 0:00 php-fpm: pool www
www-data 1051 0.0 0.3 240476 12780 ? S 09:00 0:00 php-fpm: pool www
root 4399 0.0 0.0 15964 2232 pts/0 S+ 16:45 0:00 grep --color=auto php-fpm
具体说下strace
这个是跟踪的php执行fuck.php所跟踪的strace
strace -o fuck.strace.txt -tt php -f fuck.php
fuck.strace.txt部分内容如下:
16:42:18.124016 execve("/usr/bin/php", ["php", "-f", "fuck.php"], [/* 36 vars */]) = 0
16:42:18.124472 brk(0) = 0x2b8f000
16:42:18.124549 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
16:42:18.124623 mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f96febd3000
16:42:18.124695 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
16:42:18.124767 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
16:42:18.124829 fstat(3, {st_mode=S_IFREG|0644, st_size=94715, ...}) = 0
16:42:18.124886 mmap(NULL, 94715, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f96febbb000
16:42:18.124939 close(3) = 0
16:42:18.124991 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
16:42:18.125048 open("/lib/x86_64-linux-gnu/libz.so.1", O_RDONLY|O_CLOEXEC) = 3
16:42:18.125105 read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\36\0\0\0\0\0\0"..., 832) = 832
16:42:18.125165 fstat(3, {st_mode=S_IFREG|0644, st_size=100728, ...}) = 0
16:42:18.125222 mmap(NULL, 2195784, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f96fe79a000
这是跟踪某个进程
strace -o php-fpm.strace.txt -tt -p 1041
-o 输出到文件-tt显示毫秒级别时间-p指定跟踪进程pid-s 当系统调用的某个参数是字符串时,最多输出指定长度的内容,默认是32个字节-e 这个用的应该比较多,虽然我还不会用 功能为 控制要跟踪的事件和跟踪行为,比如指定要跟踪的系统调用名称
简单列下strace中`-e`的选项
-e trace=file 跟踪和文件访问相关的调用,即参数中有文件名
-e trace=process 和进程管理相关的调用,比如fork/exec/exit_group
-e trace=ipc 进程间通信相关 ,比如shmget
-e trace=desc 和文件描述符相关,比如write/read/select/epoll
-e trace=network 和网络通信相关调用,比如socket/sendto/connect
-f 跟踪目标进程,以及目标集成创建的所有子进程-v 对于某些相关调用,把完整的幻境变量,文件stat结构打印出来-T显示每次系统调用所花费时间
关于更多linux中系统调用函数等,可以参考这篇文章linux系统调用
对-o的文件可以用less查看具体内容
演示:
strace -tt -T -f -e trace=file -o nginx_strace.txt -s 1024 nginx
看上面的,nginx_strace.txt的部分内容如下:
4526 17:00:11.384699 execve("/usr/sbin/nginx", ["nginx"], [/* 36 vars */]) = 0 <0.000234>
4526 17:00:11.385161 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) <0.000020>
4526 17:00:11.385278 access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory) <0.000018>
4526 17:00:11.385346 open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3 <0.000041>
4526 17:00:11.385515 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) <0.000018>
4526 17:00:11.385578 open("/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3 <0.000020>
4526 17:00:11.385871 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory) <0.000019>
其中4526为pid
后面17:00:11点后面的数字为毫秒级时间
最后面的<0.000041>为调用所花时间,为-T造出来的
这里的输出只显示和文章访问有相关的内容,因为-e trace =file了