I need to watch a program which modifies some files. I don't know which files the process is modifying_. So I'm looking for a tool that basically outputs a PID, and lista the files being accessed/modified, and what's being done to them (both read and write).
The closest thing I've found so far is iotop, which is definitely on the right track.
iotop -o -b -qqq
That gets me the process and the read/write, but it doesn't indicate the file being accessed. Alternately, I think I could try something like
inotifywatch -r /
but that just runs out of allowed inotify watches.
What is the magic tool I'm looking for?