AIX5.1 begins to provide TRUSS tools, but there is no tool in common AIX4.3 and previous versions. I found it online. I found the following information:
Re: How to TRACE SYSTEM Level Call in Aix
TO: VULN-DEV
There's A Third-Party Product for Aix 4 (AND 3) Which is Similar To Truss:
SCTRACE, From Sevone Software. It's quite good, but you do since ing to pay for
IT.
AIX's Trace Facility Is Actually Quite Powerful (You Can do Some Interesting
Things if you dig into its innards and rebide the template file, but it's
Not Nearly As Convenient for Quick Tracing of a Single Process AS
Truss / LTRACE / SCTRACE.
Michael wojcik 402 438-7842
Software Systems Developer Micro Focus
> ----- Original Message -----
> From: Valdis.kletnieks@vt.edu [way: valdi ketnieks@vt.edu]
> SENT: TESDAY, DECEMBER 18, 2001 4:13 PM
> TO: Minchu Mo
> Cc: Vuln-dev@securityfocus.com
> Subject: Re: How to TRACE SYSTEM Level Call in Aix>
>
> ON MON, 17 DEC 2001 20:36:12 GMT, MINCHU MO
>
>> Somthing Like Truss in Solaris, LTRACE IN Linux. Anybody
>> KNOW THE COMMAND Used to TRACE SYSTEM CALL IN AIX?
>
> AIX 5.1 HAS 'TRUSS'.
>
> AIX 4.3.3 and earlier you can use the 'trace' Command - But
> It's a pain
> BECAUSE I'S A System-Level Trace from Which You Can IEXTRACT THE
> Information for the process you have.
>
> -
> Valdis Kletnieks
> Operating Systems Analyst
> Virginia Tech
>
>
And then to find this, but run error truss CommandAudience: Administrators Date:. June 22, 2001 The "truss" utility traces system calls It's a popular System V tool that allows administrators to identify performance bottlenecks within applications The truss command is available in AIX. Starting in at Version 5.1. The Following Shell Script Emulates The Truss FunctionAlity In Aix 4.3.
#! / bin / ksh
# Name: trus.sh
# Purpose: To make Aix TRACE LOOK LIKE TRUSS Command
# Caveat: Unsupported Tool. Use at your own risk.
Show_usage ()
{
echo "USAGE: $ 0 [-p] [-n] [-p pid] [-t tempfile] [- s sleeptime | command]"
echo "-p show process id's in the output"
Echo "-n show process name in the output"
echo "-p pid trcrpt only for this pid"
echo "-s seconds traon
Period of Time
echo "-t tempfile path name to file what will be used for trace"
Echo "Command Execute this Command and Stop Trace / C"
echo "After Command IS Done./n "Exit 0
}
["$ #" = 0] && show_usage
Set - `Getopt T: S: P: NP" $ @ "` || Show_usage
While:; do
Case $ 1 in
-s) SleepTime = $ 2
SHIFT 2 ;;
-p) pid = $ 2
SHIFT 2 ;;
-n) EXEC = "EXEC = ON,"
SHIFT ;;
-P) pidnum = "pid = ON,"
SHIFT ;;
-) SHIFT
Break ;;
ESAC
DONE
Command = "$ *"
[-n "$ comMMand" -a -n "$ sleeptime"] && show_usage
[-N "$ PID"] && pid = "- p $ pid"
Hooks = "101, 104, 107, 106, 134, 139, 15b, 130, 19c, 163, 169, 120, 122, 108, 12e, 14c, 154, /
152, 15f, 14e, 137, 135, 13a, 19b, 13e, 174, 175, 176, 177, 178, 179, 17a, 17b, 17d, 17e, / /
17F, 1A7, 1A8, 1A4, 1A5, 1A6, 140, 18F, 195, 18E, 1A9, 1AA, 1A, 1Ab, 1F0, 1AF, 1AE, 1AD "
Do_trace ()
{
Logsize = $ 1; bufsize = $ 2;
TRACE -N -A -L $ logsize -t $ bufsize -j $ hooks -do trace.out || RETURN $?
}
Do_Trace 8000000 4000000 || {
Echo "Do Not Have Privilege as this uid to allocate a large trace buffer"
Echo "Trying with a smaller buffer, but you may lose data"
Do_Trace 8000000 1000000 || {
Echo "Do Not Have Privilege as this uid to allocate a large trace buffer"
Trcstop
EXIT 1
}
}
TRCON
IF [-n "$ sleeptime"]; then
Sleep $ SLEEPTIME
Else
$ comMMAND # run the commit
Fi
# do wherever you want here
Trcstop
Trcrpt -k 106 $ {pid} -h -o $ {exec} $ {pidnum} ids = 0, timestamp = 3 trace.out #> trcrpt.out
