The proc tools are utilities that exercise features of /proc (see proc(4)). Most of them take a list of process-ids (pid); those that do also accept /proc/nnn as a process-id, so the shell expansion /proc/* can be used to specify all processes in the system. Some of the proc tools can also be applied to core files (see core(4)); those that do accept a list of either process IDs or names of core files or both.
Print the /proc tracing flags, the pending and held signals, and other /proc status information for each lwp in each process.
Print the credentials (effective, real, saved UIDs and GIDs) of each process.
Print the address space map of each process.
List the signal actions of each process. See signal(3HEAD).
Print a hex+symbolic stack trace for each lwp in each process.
Report fstat(2) and fcntl(2) information for all open files in each process.
Print the current working directory of each process.
Stop each process (PR_REQUESTED stop).
Set each process running (inverse of pstop).
Wait for all of the specified processes to terminate.
Print the process trees containing the specified pids or users, with child processes indented from their respective parent processes. An argument of all digits is taken to be a process-id, otherwise it is assumed to be a user login name. Default is all processes.
Get the viewable process attribute flags. See the pattr(1) man page for more information.
Get the process clearance. See the pclear(1) man page for more information.
Get the label of a process. See the plabel(1) man page for more information.
Get the effective privileges of a process. See the ppriv(1) man page for more information.
Test the effective privilege set of a process. See the pprivtest(1) man page for more information.
See the individual Trusted Solaris process manual pages for the options that they support. The following options are supported for Solaris process utilities:
(pflags only) If the process is stopped, display its machine registers.
(pmap only) Print the process' reserved addresses.
(pmap only) Print resident/shared/private mapping details.
(pmap only) Print unresolved dynamic linker map names.
(ptree only) All; include children of process 0.
(pwait only) Verbose; report terminations to standard output.
Force; grab the target process even if another process has control.
These proc tools stop their target processes while inspecting them and reporting the results: pfiles, pldd, pmap, and pstack. A process can do nothing while it is stopped. A process can do nothing while it is stopped. Thus, for example, if the X server is inspected by one of these proc tools running in a window under the X server's control, the whole window system can become deadlocked because the proc tool would be attempting to print its results to a window that cannot be refreshed. Logging in from from another system using rlogin(1) and killing the offending proc tool would clear up the deadlock in this case.
Caution should be exercised when using the -F flag. Imposing two controlling processes on one victim process can lead to chaos. Safety is assured only if the primary controlling process, typically a debugger, has stopped the victim process and the primary controlling process is doing nothing at the moment of application of the proc tool in question.
Some of the proc tools can also be applied to core files, as shown by the synopsis above. A core file is a snapshot of a process's state and is produced by the kernel prior to terminating a process with a signal or by the gcore(1) utility. Some of the proc tools may need to derive the name of the executable corresponding to the process which dumped core or the names of shared libraries associated with the process. These files are needed, for example, to provide symbol table information for pstack. If the proc tool in question is unable to locate the needed executable or shared library, some symbol information will be unavailable for display. Similarly, if a core file from one operating system release is examined on a different operating system release, the run-time link-editor debugging interface (librtld_db) may not be able to initialize. In this case, symbol information for shared libraries will not be available.
See attributes(5) for descriptions of the following attributes:
|ATTRIBUTE TYPE||ATTRIBUTE VALUE|
The Trusted Solaris environment provides additional utilities for obtaining a process' security attributes. See their man pages for a full description: pattr(1), pclear(1), plabel(1), ppriv(1), and pprivtest(1).