لطفا منتظر باشید ...
inetd". One was the actual inetd process, the other was the systrace process managing inetd. Attach to the systrace process, not the actual program — in this case, process 12929. Also give the full path to the managed program as an argument.
# systrace -p 12929 /usr/sbin/inetdAt first, nothing will happen. When the program attempts to make an unauthorized system call, however, a GUI will pop up. You will have the options to allow the system call, deny the system call, always permit the call, or always deny it. The program will hang until you make a decision, however, so decide quickly!Note that these changes will only take effect so long as the current process is running! If you restart the program, you must also restart the attached systrace monitor, and any changes you set in the monitor are gone. You must add those rules to the policy if you want them to be permanent, so be sure to take notes.This requires that the people monitoring the system are willing to respond in real time. A program running under systrace without monitoring will just refuse unrecognized system calls and get on with life. If you use the GUI, however, the program will hang until you respond! Running interactive systrace monitoring on your high-throughput Web server may not be a good idea until you think you have all the bugs worked out.While systrace has a vast number of functions and abilities, this should be enough to get you started. Experiment with the tool, look at some existing policies, and be sure to read section 2 of the man pages when you're in doubt!
