Linux strace指令的妙用

由于所使用Linux系統進行了裁減，出現了無法解析域名的情況

并且由于tcpdump和service的缺失，對于定位問題帶來了一定的麻煩，不過還好strace指令可以用，下面就以解決dns無法解析為例，來說明strace妙用。

strace指令是一個集診斷、調試、統計與一體的工具，我們可以使用strace對應用的系統調用和信号傳遞的跟蹤結果來對應用進行分析，以達到解決問題或者是了解應用工作過程的目的。strace的最簡單的用法就是執行一個指定的指令，在指定的指令結束之後它也就退出了。在指令執行的過程中，strace會記錄和解析指令程序的所有系統調用以及這個程序所接收到的所有的信号值。

1.strace+shell指令

strace nslookup www.baidu.com

/etc/waf/sites//nginx # strace nslookup www.baidu.com
execve("/usr/bin/nslookup", ["nslookup", "www.baidu.com"], [/*  vars */]) = 
brk()                                  = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
access("/etc/ld.so.preload", R_OK)      = - ENOENT (No such file or directory)
open("/usr/local/lib/tls/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib/tls/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/local/lib/tls/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib/tls", ) = - ENOENT (No such file or directory)
open("/usr/local/lib/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/local/lib/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib", {st_mode=S_IFDIR|, st_size=, ...}) = 
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/tls/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/lib64/tls/x86_64", ) = - ENOENT (No such file or directory)
open("/lib64/tls/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/lib64/tls", )      = - ENOENT (No such file or directory)
open("/lib64/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/lib64/x86_64", )   = - ENOENT (No such file or directory)
open("/lib64/libm.so.6", O_RDONLY|O_CLOEXEC) = 
read(, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260T\0\0\0\0\0\0"..., ) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, , ) = 
mprotect(, , PROT_NONE) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, , ) = 
close()                                = 
open("/usr/local/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 
read(, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\34\2\0\0\0\0\0"..., ) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
mmap(NULL, , PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, , ) = 
mprotect(, , PROT_NONE) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, , ) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -, ) = 
close()                                = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
arch_prctl(ARCH_SET_FS, ) = 
mprotect(, , PROT_READ) = 
mprotect(, , PROT_READ) = 
mprotect(, , PROT_READ)     = 
mprotect(, , PROT_READ) = 
getpid()                                = 
getuid()                                = 
brk()                                  = 
brk()                           = 
brk()                                  = 
brk()                           = 
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "options timeout:5 attempts:2\nnam"..., ) = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
brk()                                  = 
brk()                                  = 
brk()                           = 
brk()                                  = 
uname({sys="Linux", node="vefa", ...})  = 
fstat(, {st_mode=S_IFCHR|, st_rdev=makedev(, ), ...}) = 
ioctl(, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
write(, "Server:    10.188.7.10\n", 23Server:    
) = 
socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, ) = 
connect(, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, ) = - ENOENT (No such file or directory)
close()                                = 
socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, ) = 
connect(, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, ) = - ENOENT (No such file or directory)
close()                                = 
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/usr/local/lib/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/usr/lib64/tls/x86_64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64/tls/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/lib64/tls/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64/tls", )  = - ENOENT (No such file or directory)
open("/usr/lib64/x86_64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/lib64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64", {st_mode=S_IFDIR|, st_size=, ...}) = 
open("/usr/local/lib/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/usr/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 
read(, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\"\0\0\0\0\0\0"..., ) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, , ) = 
mprotect(, , PROT_NONE) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, , ) = 
close()                                = 
mprotect(, , PROT_READ) = 
open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "order hosts,bind\n", )     = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "127.0.0.1\tlocalhost\n", ) = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
write(, "Address 1: 10.188.7.10\n", 23Address : 
) = 
write(, "\n", 
)                       = 
open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "127.0.0.1\tlocalhost\n", ) = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
write(, "nslookup: can't resolve 'www.bai"..., 40nslookup: can't resolve 'www.baidu.com'
) = 40
exit_group(1)                           = ?
           

從上面看到open(“/usr/lib64/libnss_dns.so.2”, O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)，說明libnss_dns.so.2缺失。通過查資料找到dns解析主要依賴三個庫libnss_dns.so.2 libnss_files.so.2 libresolv.so.2，在本地檢視獨缺libnss_dns.so.2，故從網絡上下載下傳了libnss_dns-2.17.so。

2.ln -s軟連結

ln -s libnss_dns-2.17.so libnss_dns.so.2

由于nslookup指令實際通路的檔案是libnss_dns.so.2，是以libnss_dns-2.17.so下載下傳下來還不能直接用，需要做個軟連結，具體什麼是軟連結可參考http://www.cnblogs.com/joeblackzqq/archive/2011/03/20/1989625.html

3.nslookup www.baidu.com

重新運作nslooup www.baidu.com，此時應能正确解析域名。

/usr/lib64 # nslookup www.baidu.com
Server:    
Address :  

Name:      www.baidu.com
Address : 
Address : 
           

4.其他情況

1. 如還不能解析，請檢查/etc/resolv.conf檔案，如果設定了timeout和attempts，檢視其數值，将其适當增大。
2. 檢視環境變量或重新strace nslookup www.baidu.com確定動态庫路徑正确，或繼續排查其他問題。