The linux lsof when run with no options lists all open files used by all linux processes running on the linux system.
As per the lsof man page the open file can be:
"An open file may be a regular file, a directory, a block special file, a character special file, an executing text reference, a library, a stream or a network file (Internet socket, NFS file or UNIX domain socket.) A specific file or all the files in a file system may be selected by path.
"
Thus, the output of lsof would almost always be a super set of the process open file descriptors that are limited by linux kernel open files limit.
Lets take the below example for the running terminal emulator:
sherif@fingolfin:~$ ps -ef |grep terminal|grep -v grep
sherif 17612 1 0 18:45 ? 00:00:08 /usr/bin/xfce4-terminal
sherif@fingolfin:~$ lsof -p 17612 |wc -l
182
sherif@fingolfin:~$ ls -l /proc/17612/fd/* |wc -l
16
sherif@fingolfin:~$ lsof -p 17612 |egrep " [0-9]+[rwu] "
xfce4-ter 17612 sherif 0r CHR 1,3 0t0 6 /dev/null
xfce4-ter 17612 sherif 1w CHR 1,3 0t0 6 /dev/null
xfce4-ter 17612 sherif 2w REG 8,1 7452 3805497 /home/sherif/.xsession-errors
xfce4-ter 17612 sherif 3u a_inode 0,13 0 9863 [eventfd]
xfce4-ter 17612 sherif 4u a_inode 0,13 0 9863 [eventfd]
xfce4-ter 17612 sherif 5u unix 0x0000000000000000 0t0 59770 type=STREAM
xfce4-ter 17612 sherif 6u a_inode 0,13 0 9863 [eventfd]
xfce4-ter 17612 sherif 7u unix 0x0000000000000000 0t0 59772 type=STREAM
xfce4-ter 17612 sherif 8u a_inode 0,13 0 9863 [eventfd]
xfce4-ter 17612 sherif 9u unix 0x0000000000000000 0t0 59773 type=STREAM
xfce4-ter 17612 sherif 10r a_inode 0,13 0 9863 inotify
xfce4-ter 17612 sherif 11u unix 0x0000000000000000 0t0 59774 type=STREAM
xfce4-ter 17612 sherif 12u CHR 5,2 0t0 88 /dev/ptmx
xfce4-ter 17612 sherif 13u REG 8,1 0 2228246 /tmp/#2228246 (deleted)
xfce4-ter 17612 sherif 14u REG 8,1 0 2241053 /tmp/#2241053 (deleted)
xfce4-ter 17612 sherif 15u REG 8,1 0 2241055 /tmp/#2241055 (deleted)
sherif@fingolfin:~$ ls -l /proc/17612/fd/*
lr-x------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/0 -> /dev/null
l-wx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/1 -> /dev/null
lr-x------ 1 sherif sherif 64 mrt 29 18:50 /proc/17612/fd/10 -> anon_inode:inotify
lrwx------ 1 sherif sherif 64 mrt 29 18:50 /proc/17612/fd/11 -> 'socket:[59774]'
lrwx------ 1 sherif sherif 64 mrt 29 18:50 /proc/17612/fd/12 -> /dev/ptmx
lrwx------ 1 sherif sherif 64 mrt 29 18:51 /proc/17612/fd/13 -> '/tmp/#2228246 (deleted)'
lrwx------ 1 sherif sherif 64 mrt 29 18:51 /proc/17612/fd/14 -> '/tmp/#2241053 (deleted)'
lrwx------ 1 sherif sherif 64 mrt 29 18:53 /proc/17612/fd/15 -> '/tmp/#2241055 (deleted)'
l-wx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/2 -> /home/sherif/.xsession-errors
lrwx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/3 -> 'anon_inode:[eventfd]'
lrwx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/4 -> 'anon_inode:[eventfd]'
lrwx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/5 -> 'socket:[59770]'
lrwx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/6 -> 'anon_inode:[eventfd]'
lrwx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/7 -> 'socket:[59772]'
lrwx------ 1 sherif sherif 64 mrt 29 18:45 /proc/17612/fd/8 -> 'anon_inode:[eventfd]'
lrwx------ 1 sherif sherif 64 mrt 29 18:50 /proc/17612/fd/9 -> 'socket:[59773]'
sherif@fingolfin:~$
As you can see, the output of un-customized lsof forms a super set of the actual file descriptors that fall under the Linux openfile limit.
For more information about lsof and how to tweak the output, please check: https://www.thegeekstuff.com/2012/08/lsof-command-examples
No comments:
Post a Comment