Q. Solaris and FreeBSD both provide the truss command to monitor and debug system calls. I’m unable to find this command or package. How can I install truss under Linux?

A. truss is a debugging utility in Solaris and FreeBSD to monitor the system calls used. It is used to trace call and useful debugging many problems. Linux provides strace command. This command is installed by default. strace is a useful diagnostic, instructional, and debugging tool. System administrators, diagnosticians and troubleshooters will find it invaluable for solving problems with programs for which the source is not readily available since they do not need to be recompiled in order to trace them.

strace for Linux, added many of the features of truss command from SVR4, and produced an strace that worked on both platforms.

strace examples

Run strace against /bin/bash and capture its output to a text file in /tmp/output.txt:
$ strace -o /tmp/output.txt /bin/bash
$ vi /tmp/output.txt
$ grep '^open' /tmp/output.txt


open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/lib/libncurses.so.5", O_RDONLY)  = 3
open("/lib/tls/i686/cmov/libdl.so.2", O_RDONLY) = 3
open("/lib/tls/i686/cmov/libc.so.6", O_RDONLY) = 3
open("/dev/tty", O_RDWR|O_NONBLOCK|O_LARGEFILE) = 3
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
open("/usr/lib/locale/en_IN/LC_IDENTIFICATION", O_R
open("/etc/inputrc", O_RDONLY|O_LARGEFILE) = 3
open("/proc/sys/kernel/ngroups_max", O_RDONLY) = 3

$ grep '^connect' /tmp/output.txt

connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = -1 ENOENT (No such file or directory)

To see only a trace of the open, close, read, and write system calls, enter:
$ strace -e trace=open,close,read,write df > output.txt

Another good option is ltrace – its use is very similar to strace command.

Refer strace man pages for all options:
man strace
man ltrace

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 1 comment so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf duf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Modern utilitiesbat exa
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg glances gtop jobs killall kill pidof pstree pwdx time vtop
Searchingag grep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
1 comment… add one
  • Tapas May 11, 2010 @ 6:50

    Can you give some more real world examples.The above article is short.
    As an example suppose you are running xen and xend fails
    then strace /etc/init.d/xend gives some output I see -1 ENONENT signal but how can I reach a conclusion.I mean what you wrote tell what strace does.But if an example can be there as how some one solved their problem using strace that will be even better.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum