Linux strace命令的妙用

由于所使用Linux系统进行了裁减，出现了无法解析域名的情况

并且由于tcpdump和service的缺失，对于定位问题带来了一定的麻烦，不过还好strace命令可以用，下面就以解决dns无法解析为例，来说明strace妙用。

strace命令是一个集诊断、调试、统计与一体的工具，我们可以使用strace对应用的系统调用和信号传递的跟踪结果来对应用进行分析，以达到解决问题或者是了解应用工作过程的目的。strace的最简单的用法就是执行一个指定的命令，在指定的命令结束之后它也就退出了。在命令执行的过程中，strace会记录和解析命令进程的所有系统调用以及这个进程所接收到的所有的信号值。

1.strace+shell命令

strace nslookup www.baidu.com

/etc/waf/sites//nginx # strace nslookup www.baidu.com
execve("/usr/bin/nslookup", ["nslookup", "www.baidu.com"], [/*  vars */]) = 
brk()                                  = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
access("/etc/ld.so.preload", R_OK)      = - ENOENT (No such file or directory)
open("/usr/local/lib/tls/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib/tls/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/local/lib/tls/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib/tls", ) = - ENOENT (No such file or directory)
open("/usr/local/lib/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/local/lib/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/local/lib", {st_mode=S_IFDIR|, st_size=, ...}) = 
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/tls/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/lib64/tls/x86_64", ) = - ENOENT (No such file or directory)
open("/lib64/tls/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/lib64/tls", )      = - ENOENT (No such file or directory)
open("/lib64/x86_64/libm.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/lib64/x86_64", )   = - ENOENT (No such file or directory)
open("/lib64/libm.so.6", O_RDONLY|O_CLOEXEC) = 
read(, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260T\0\0\0\0\0\0"..., ) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, , ) = 
mprotect(, , PROT_NONE) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, , ) = 
close()                                = 
open("/usr/local/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/libc.so.6", O_RDONLY|O_CLOEXEC) = 
read(, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\34\2\0\0\0\0\0"..., ) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
mmap(NULL, , PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, , ) = 
mprotect(, , PROT_NONE) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, , ) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -, ) = 
close()                                = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
arch_prctl(ARCH_SET_FS, ) = 
mprotect(, , PROT_READ) = 
mprotect(, , PROT_READ) = 
mprotect(, , PROT_READ)     = 
mprotect(, , PROT_READ) = 
getpid()                                = 
getuid()                                = 
brk()                                  = 
brk()                           = 
brk()                                  = 
brk()                           = 
open("/etc/resolv.conf", O_RDONLY|O_CLOEXEC) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "options timeout:5 attempts:2\nnam"..., ) = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
brk()                                  = 
brk()                                  = 
brk()                           = 
brk()                                  = 
uname({sys="Linux", node="vefa", ...})  = 
fstat(, {st_mode=S_IFCHR|, st_rdev=makedev(, ), ...}) = 
ioctl(, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
write(, "Server:    10.188.7.10\n", 23Server:    
) = 
socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, ) = 
connect(, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, ) = - ENOENT (No such file or directory)
close()                                = 
socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, ) = 
connect(, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, ) = - ENOENT (No such file or directory)
close()                                = 
open("/etc/nsswitch.conf", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/usr/local/lib/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/usr/lib64/tls/x86_64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64/tls/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/lib64/tls/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64/tls", )  = - ENOENT (No such file or directory)
open("/usr/lib64/x86_64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64/x86_64", ) = - ENOENT (No such file or directory)
open("/usr/lib64/libnss_dns.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
stat("/usr/lib64", {st_mode=S_IFDIR|, st_size=, ...}) = 
open("/usr/local/lib/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = - ENOENT (No such file or directory)
open("/usr/lib64/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 
read(, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\"\0\0\0\0\0\0"..., ) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, , ) = 
mprotect(, , PROT_NONE) = 
mmap(, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, , ) = 
close()                                = 
mprotect(, , PROT_READ) = 
open("/etc/host.conf", O_RDONLY|O_CLOEXEC) = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "order hosts,bind\n", )     = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "127.0.0.1\tlocalhost\n", ) = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
write(, "Address 1: 10.188.7.10\n", 23Address : 
) = 
write(, "\n", 
)                       = 
open("/etc/hosts", O_RDONLY|O_CLOEXEC)  = 
fstat(, {st_mode=S_IFREG|, st_size=, ...}) = 
mmap(NULL, , PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -, ) = 
read(, "127.0.0.1\tlocalhost\n", ) = 
read(, "", )                       = 
close()                                = 
munmap(, )            = 
write(, "nslookup: can't resolve 'www.bai"..., 40nslookup: can't resolve 'www.baidu.com'
) = 40
exit_group(1)                           = ?
           

从上面看到open(“/usr/lib64/libnss_dns.so.2”, O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)，说明libnss_dns.so.2缺失。通过查资料找到dns解析主要依赖三个库libnss_dns.so.2 libnss_files.so.2 libresolv.so.2，在本地查看独缺libnss_dns.so.2，故从网络上下载了libnss_dns-2.17.so。

2.ln -s软链接

ln -s libnss_dns-2.17.so libnss_dns.so.2

由于nslookup命令实际访问的文件是libnss_dns.so.2，所以libnss_dns-2.17.so下载下来还不能直接用，需要做个软链接，具体什么是软链接可参考http://www.cnblogs.com/joeblackzqq/archive/2011/03/20/1989625.html

3.nslookup www.baidu.com

重新运行nslooup www.baidu.com，此时应能正确解析域名。

/usr/lib64 # nslookup www.baidu.com
Server:    
Address :  

Name:      www.baidu.com
Address : 
Address : 
           

4.其他情况

1. 如还不能解析，请检查/etc/resolv.conf文件，如果设置了timeout和attempts，查看其数值，将其适当增大。
2. 查看环境变量或重新strace nslookup www.baidu.com确保动态库路径正确，或继续排查其他问题。