代码拉取完成,页面将自动刷新
Demonstrations of mountsnoop.
mountsnoop traces the mount() and umount syscalls system-wide. For example,
running the following series of commands produces this output:
# mount --bind /mnt /mnt
# umount /mnt
# unshare -m
# mount --bind /mnt /mnt
# umount /mnt
# ./mountsnoop.py
COMM PID TID MNT_NS CALL
mount 710 710 4026531840 mount("/mnt", "/mnt", "", MS_MGC_VAL|MS_BIND, "") = 0
umount 714 714 4026531840 umount("/mnt", 0x0) = 0
unshare 717 717 4026532160 mount("none", "/", "", MS_REC|MS_PRIVATE, "") = 0
mount 725 725 4026532160 mount("/mnt", "/mnt", "", MS_MGC_VAL|MS_BIND, "") = 0
umount 728 728 4026532160 umount("/mnt", 0x0) = 0
# ./mountsnoop.py -P
COMM PID TID PCOMM PPID MNT_NS CALL
mount 51526 51526 bash 49313 3222937920 mount("/mnt", "/mnt", "", MS_MGC_VAL|MS_BIND, "", "") = 0
umount 51613 51613 bash 49313 3222937920 umount("/mnt", 0x0) = 0
The output shows the calling command, its process ID and thread ID, the mount
namespace the call was made in, and the call itself.
The mount namespace number is an inode number that uniquely identifies the
namespace in the running system. This can also be obtained from readlink
/proc/$PID/ns/mnt.
Note that because of restrictions in BPF, the string arguments to either
syscall may be truncated.
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
马建仓 AI 助手