How can a process intercept stdout and stderr of another process on Linux?

by

Since I’m not allowed to edit Jauco’s answer, I’ll give the full answer that worked for me (Russell’s page relies on un-guaranteed behaviour that, if you close file descriptor 1 for STDOUT, the next creat call will open FD 1.

So, run a simple endless script like this:

import time

while True:
    print 'test'
    time.sleep(1)

Save it to test.py, run with

$ python test.py

Get the PID:

$ ps auxw | grep test.py

Now, attach gdb:

$ gdb -p (pid)

and do the fd magic:

(gdb) call creat("/tmp/stdout", 0600)
$1 = 3
(gdb) call dup2(3, 1)
$2 = 1

Now you can tail /tmp/stdout and see the output that used to go to STDOUT.

More Related Contents:

  1. How to redirect output to a file and stdout
  2. Confused about stdin, stdout and stderr?
  3. pass stdout as file name for command line util?
  4. Why should eval be avoided in Bash, and what should I use instead?
  5. How to fix ‘sudo: no tty present and no askpass program specified’ error?
  6. Deploying Yesod to Heroku, can’t build statically
  7. How to add a default include path for GCC in Linux?
  8. “Failed to load platform plugin “xcb” ” while launching qt5 app on linux without qt installed
  9. Add a prefix string to beginning of each line
  10. The ‘eval’ command in Bash and its typical uses
  11. How can I get Docker Linux container information from within the container itself?
  12. Is there a way to ‘uniq’ by column?
  13. Linux: copy and create destination dir if it does not exist
  14. Can awk patterns match multiple lines?
  15. vscode “#include errors detected. Please update your includePath
  16. How to run a process with a timeout in Bash? [duplicate]
  17. How to copy files from dockerfile to host?
  18. Accurate calculation of CPU usage given in percentage in Linux?
  19. What is the ‘soname’ option for building shared libraries for?
  20. What is the overhead of a context-switch?
  21. Escape filenames the same way Bash does it
  22. what does “-sh: executable_path:not found” mean
  23. Comparing Unix/Linux IPC
  24. Difference between PID and TID
  25. Doesn’t sh support process substitution
  26. Linux removing folders older than 1 year and more than 3 files
  27. Forking vs Threading
  28. Bash `wait` command, waiting for more than 1 PID to finish execution
  29. Linux x64: why does r10 come before r8 and r9 in syscalls?
  30. How can I get position of cursor in terminal?

Leave a Comment