Search code, repositories, users, issues, pull requests...
submited by
Style Pass
It's useful for debugging build systems, understanding what shell scripts actually do, figuring out what programs does a proprietary software run, etc.
In TUI mode with a pseudo terminal, you can view the details of exec events and interact with the processes within the pseudo terminal at ease.
With root privileges, you can also trace setuid binaries and see how they work. But do note that this is not compatible with seccomp-bpf optimization so it is much less performant.
Nested setuid binary tracing is also possible: A real world use case is to trace extra-x86_64-build(Arch Linux's build tool that requires sudo):
Read more github.com/k...
/cdn.vox-cdn.com/uploads/chorus_asset/file/24748328/236706_Mac_Pro_AKrales_0094.jpg)
