how to tell what ran what
Tim Utschig
tim at tetro.net
Wed Feb 15 18:32:22 PST 2006
On Wed, Feb 15, 2006 at 03:31:46PM -0500, Glenn McCalley wrote:
> If I can get a list of what programs, path and file name, called
> sendmail over (say) the last 24 hours, one of them should jump off the
> page with an unreasonable level of activitiy.
A dirty hack would be to replace the sendmail binary with a script (or
program) which records info about the parent process to some world-
writable file or directory (perhaps create a unique file under a dir
with perms 1773 owned by root:staff) before exec'ing the "real" sendmail
binary.
--
- Tim Utschig <tim at tetro.net>
More information about the freebsd-questions
mailing list