Strace is a tool that allows you to trace system calls and signals. This is incredibly useful for investigating certain types of problems, but also, strace is slightly dangerous.
As strace intercepts and logs system calls, these can easily include api keys. It's not uncommon for people to post logs of strace output which include api keys.
The amount of output that strace generates can be gigantic. For the example below, where strace is generating output for a running PHP-FPM instance, it's quite easy to generate hundreds of megabytes of log data per second. This has a somewhat negative effect on the performance of the server.
For both of those reasons, it's generally a good idea to use strace on a test system in isolation, away from your production environment.
strace php debug.php > output.txt 2>&1
strace -s 4096 php weird.php > weird_output_7.txt 2>&1
https://man7.org/linux/man-pages/man2/ppoll.2.html
The timeout argument specifies the number of milliseconds that poll() should block waiting for a file descriptor to become ready.
#!/bin/bash
# If you get a syntax error, this script needs bash not sh.
# -etrace=!open means to trace every system call except open. In addition, the special values all and none have the obvious meanings.
#-etrace=!open
#-e trace=!write.
# Prevent strace from abbreviating arguments?
# You want the -s strsize option, which specifies the maximum length of a string to display (the default is 32).
# -s strsize
# Specify the maximum string size to print (the default is 32). Note that
# filenames are not considered strings and are always printed in full.
# comment in to show total of calls
summarise=""
#summarise="-c"
# Clean out previous run
rm -rf trc/*.trc
# Make sure output directory exists
mkdir trc
# Allow extra strace args to be passed in.
additional_strace_args="$1"
# Find the master process ID through a magic incantation.
# This works on Debian. Other distros may have slightly different
# output for `ps auwx` which may require some fiddling.
MASTER_PID=$(ps auwx | grep php-fpm | grep -v grep | grep 'master process' | cut -d ' ' -f 7)
# Start strace listening to the master PHP-FPM process
nohup strace -r $summarise -p $MASTER_PID -ff -o ./trc/master.follow.trc >"trc/master.$MASTER_PID.trc" 2>&1 &
# loop through all of the processes found from `pgrep php-fpm`
# and start strace listening to them
while read -r pid;
do
if [[ $pid != $MASTER_PID ]]; then
nohup strace -r $summarise -p "$pid" $additional_strace_args >"trc/$pid.summary.trc" 2>&1 &
fi
done < <(pgrep php-fpm)
# Tell the user
read -p "Strace running - press [Enter] to stop"
pkill strace