From owner-svn-src-head@FreeBSD.ORG Thu Jul 31 23:19:02 2014 Return-Path: Delivered-To: svn-src-head@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 717AA25D; Thu, 31 Jul 2014 23:19:02 +0000 (UTC) Received: from svn.freebsd.org (svn.freebsd.org [IPv6:2001:1900:2254:2068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5EFC12811; Thu, 31 Jul 2014 23:19:02 +0000 (UTC) Received: from svn.freebsd.org ([127.0.1.70]) by svn.freebsd.org (8.14.9/8.14.9) with ESMTP id s6VNJ2j1073230; Thu, 31 Jul 2014 23:19:02 GMT (envelope-from gnn@svn.freebsd.org) Received: (from gnn@localhost) by svn.freebsd.org (8.14.9/8.14.9/Submit) id s6VNJ2pp073229; Thu, 31 Jul 2014 23:19:02 GMT (envelope-from gnn@svn.freebsd.org) Message-Id: <201407312319.s6VNJ2pp073229@svn.freebsd.org> From: "George V. Neville-Neil" Date: Thu, 31 Jul 2014 23:19:02 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r269360 - head/cddl/contrib/dtracetoolkit/Apps X-SVN-Group: head MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 31 Jul 2014 23:19:02 -0000 Author: gnn Date: Thu Jul 31 23:19:01 2014 New Revision: 269360 URL: http://svnweb.freebsd.org/changeset/base/269360 Log: Update shellsnoop to work on FreeBSD. Contributed by: skreuzer Modified: head/cddl/contrib/dtracetoolkit/Apps/shellsnoop Modified: head/cddl/contrib/dtracetoolkit/Apps/shellsnoop ============================================================================== --- head/cddl/contrib/dtracetoolkit/Apps/shellsnoop Thu Jul 31 23:17:59 2014 (r269359) +++ head/cddl/contrib/dtracetoolkit/Apps/shellsnoop Thu Jul 31 23:19:01 2014 (r269360) @@ -1,4 +1,4 @@ -#!/usr/bin/sh +#!/bin/sh # # shellsnoop - A program to print read/write details from shells, # such as keystrokes and command outputs. @@ -140,18 +140,14 @@ dtrace -n ' /* * Remember this PID is a shell child */ - syscall::exec:entry, syscall::exece:entry + syscall::execve:entry /execname == "sh" || execname == "ksh" || execname == "csh" || execname == "tcsh" || execname == "zsh" || execname == "bash"/ { child[pid] = 1; - /* debug */ - this->parent = (char *)curthread->t_procp->p_parent->p_user.u_comm; - OPT_debug == 1 ? printf("PID %d CMD %s started. (%s)\n", - pid, execname, stringof(this->parent)) : 1; } - syscall::exec:entry, syscall::exece:entry + syscall::execve:entry /(OPT_pid == 1 && PID != ppid) || (OPT_uid == 1 && UID != uid)/ { /* forget if filtered */ @@ -256,12 +252,12 @@ dtrace -n ' /* * Cleanup */ - syscall::rexit:entry + syscall::exit:entry { child[pid] = 0; /* debug */ - this->parent = (char *)curthread->t_procp->p_parent->p_user.u_comm; + this->parent = (char *)curthread->td_proc->p_pptr->p_comm; OPT_debug == 1 ? printf("PID %d CMD %s exited. (%s)\n", pid, execname, stringof(this->parent)) : 1; }