Menu
If I have a process that receives signals from other processes, is there a way for me to somehow tell which process (if any) sent a signal?
strace lets me trace which signals a process has received, but doesn't allow me to trace who issued them.
610
For Linux users, there is a very easy way to identify the source of a signal. For example, the following is to find which task sends SIGKILL to others.
cd /sys/kernel/debug/tracing
echo 'sig==9' > events/signal/signal_generate/filter
echo 1 > events/signal/signal_generate/enable
: > trace
echo 1 > tracing_on
tail -f trace
One instance, when I used 'pkill -9 sleep'.
# cat trace
[...]
pkill-2982 [001] d... 750347.835838: signal_generate: sig=9 errno=0 code=0 comm=sleep pid=2981 grp=1 res=0
Without above 'sig==9' filter, 'trace' will show all signals sent among tasks.
151
Not from outside the process. The second argument to the signal handler is a siginfo_t structure which contains the PID of the sending process as one of its members. See sigaction(2) for more details.
9
Ptrace can be used to detect sender too. There is an ptrace(GETSIGINFO) call, which will give a debugger a chance to read (and, possibly, change) siginto_t struct.
2
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
