Monitor how and when a process accesses files with opensnoop
October 6th, 2010 - Command Line, Mac OS X
You can watch what a process is doing with your filesystem by using the opensnoop command.
There’s two ways to specify which application to watch, you can use either the process name which is obviously easier, or use the processes numerical id:
sudo opensnoop -n applicationName
To track Safari, we’d use:
sudo opensnoop -n Safari
Or you can use the process ID:
sudo opensnoop -p PID
The PID is the process ID, you can get this by using the ps command with grep to grab a processes id:
ps aux|grep iTunes
Then use the resulting PID with opensnoop:
sudo opensnoop -p 4621
Likewise, you can monitor what processes are accessing a specific file with the same command:
sudo opensnoop -f filename
For example, watch what is accessing /etc/hosts
sudo opensnoop -f /etc/hosts
Compress all files in a directory, maintain original files
You can also use the above command to compress all of the files within a directory, but still maintain the original files or folders as uncompressed. The command is practically identical, just leave out the -m flag:
for item in *; do zip "${item}.zip" "${item}"; done
seeing your path:
echo $PATH
http://osxdaily.com/2010/08/22/install-watch-command-on-os-x/
We are using “curl” a command line “broswer”
curl -O http://ktwit.net/code/watch-0.2-macosx/watch
Make “watch” executable
By doing this we tell Mac OS that this is a program that can run
chmod +x watch
Test the program
Let’s make sure everything is in working order.
./watch
Install “watch”
Optional: By following this next step we are placing watch into a system location that will allow you to run it from any location in the Terminal (You will be prompted for your password)
sudo mv watch /usr/local/bin/
You can quickly merge any two directories within Mac OS X by using the command line tool ditto. Launch the Terminal and use the following syntax:
ditto directory1 directory2
http://cdto.googlecode.com/files/cdto_2.3.zip
MBA: Mostly bloody awful
No comments:
Post a Comment