1

I've been studying UNIX and system calls and I came across a low-level and tricky questions. The question asks what system calls are called for this command:

grep word1 word2 > file.txt

I did some research and I was unable to find a huge number of resources on the underlying UNIX calls.

However, it seems to me that the answer would be open (to open and the file descriptor for the file file.txt), then dup2 (to change the STDOUT of grep to the file descriptor of open), then write to write the STDOUT of grep (which is now the file descriptor of file.txt), and finally close(), to close the file descriptor of file.txt...

However, I have no idea if I am right or on the correct path, can anyone with experience in UNIX enlighten me on this topic?

Gilles 'SO- stop being evil'
  • 829,060
q.Then
  • 113

1 Answers1

3

In Linux, you have strace:

strace -f sh -c 'grep word1 file > file.txt'

Here we use -f to tell strace to trace child process.

In *BSD, you have dtruss (which use dtrace underlying):

dtruss -f sh -c 'grep word1 file > file.txt'

OSX has trace. Historical Unix systems have truss (Solaris, AIX, etc.).

Gilles 'SO- stop being evil'
  • 829,060
cuonglm
  • 153,898
  • In the case of OpenBSD, where dtruss/dtrace is not available, there is ktrace -- which is also available on the other *BSDs. – Barefoot IO Apr 13 '16 at 04:24