Skip to main content
Unix & Linux

You are not logged in. Your edit will be placed in a queue until it is peer reviewed.

We welcome edits that make the post easier to understand and more valuable for readers. Because community members review edits, please try to make the post substantially better than how you found it, for example, by fixing grammar or adding additional resources and hyperlinks.

Required fields*

24
  • 1
    Don't forget strace -f to trace child threads / processes. There are options to split the output into separate files for each PID, or you can just /12345 in less to search for and highlight lines that start with the PID you're interested in. If things aren't too jumbled together (e.g. shell script starting other processes, not concurrent threads), this can be usable. But yeah, it's extremely helpful just to see what config / other files some confusing piece of software is trying to read, when trying to figure out why it's not happy with the way you installed it. Commented Jan 20, 2018 at 9:33
  • 4
    Great answer! I would just add radare2 to the list. Commented Jan 20, 2018 at 11:12
  • 2
    Cutter is a GUI wrapper around radare2, it looks like it may be similar to Hopper (but free). Commented Jan 20, 2018 at 18:59
  • 3
    wrt ldd: Be aware that in some circumstances (e.g., where the program specifies an ELF interpreter other than ld-linux.so), some versions of ldd may attempt to obtain the dependency information by attempting to directly execute the program (which may lead to the execution of whatever code is defined in the program's ELF interpreter, and perhaps to execution of the program itself). Thus, you should never employ ldd on an untrusted executable, since this may result in the execution of arbitrary code. A safer alternative when dealing with untrusted executables is: Commented Jan 27, 2018 at 1:27
  • 4
    $ objdump -p /path/to/program | grep NEEDED Commented Jan 27, 2018 at 1:28