С помощью «lsof» я могу проверить список открытых файлов, есть ли какая-либо команда или любой другой способ, с помощью которого я могу определить, где файлы, к которым осуществляется доступ. Вывод команды «lsof» выглядит следующим образом:
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
init 1 ??? cwd ??? ??? ??? ??? /proc/1/cwd (readlink: Permission denied)
init 1 ??? exe ??? ??? ??? ??? /proc/1/exe (readlink: Permission denied)
init 1 ??? root ??? ??? ??? ??? /proc/1/root (readlink: Permission denied)
init 1 ??? FDS /proc/1/fd/ (opendir: Permission denied)
init 2 ??? cwd ??? ??? ??? ??? /proc/2/cwd (readlink: Permission denied)
init 2 ??? exe ??? ??? ??? ??? /proc/2/exe (readlink: Permission denied)
init 2 ??? root ??? ??? ??? ??? /proc/2/root (readlink: Permission denied)
init 2 ??? FDS /proc/2/fd/ (opendir: Permission denied)
init 3 ??? cwd ??? ??? ??? ??? /proc/3/cwd (readlink: Permission denied)
init 3 ??? exe ??? ??? ??? ??? /proc/3/exe (readlink: Permission denied)
init 3 ??? root ??? ??? ??? ??? /proc/3/root (readlink: Permission denied)
init 3 ??? FDS /proc/3/fd/ (opendir: Permission denied)
init 4 ??? cwd ??? ??? ??? ??? /proc/4/cwd (readlink: Permission denied)
init 4 ??? exe ??? ??? ??? ??? /proc/4/exe (readlink: Permission denied)
init 4 ??? root ??? ??? ??? ??? /proc/4/root (readlink: Permission denied)
init 4 ??? FDS /proc/4/fd/ (opendir: Permission denied)
init 5 ??? cwd ??? ??? ??? ??? /proc/5/cwd (readlink: Permission denied)
init 5 ??? exe ??? ??? ??? ??? /proc/5/exe (readlink: Permission denied)
init 5 ??? root ??? ??? ??? ??? /proc/5/root (readlink: Permission denied)
init 5 ??? FDS /proc/5/fd/ (opendir: Permission denied)
init 6 ??? cwd ??? ??? ??? ??? /proc/6/cwd (readlink: Permission denied)
init 6 ??? exe ??? ??? ??? ??? /proc/6/exe (readlink: Permission denied)
init 6 ??? root ??? ??? ??? ??? /proc/6/root (readlink: Permission denied)
init 6 ??? FDS /proc/6/fd/ (opendir: Permission denied)
init 7 ??? cwd ??? ??? ??? ??? /proc/7/cwd (readlink: Permission denied)
init 7 ??? exe ??? ??? ??? ??? /proc/7/exe (readlink: Permission denied)
init 7 ??? root ??? ??? ??? ??? /proc/7/root (readlink: Permission denied)
init 7 ??? FDS /proc/7/fd/ (opendir: Permission denied)
init 8 ??? cwd ??? ??? ??? ??? /proc/8/cwd (readlink: Permission denied)
init 8 ??? exe ??? ??? ??? ??? /proc/8/exe (readlink: Permission denied)
init 8 ??? root ??? ??? ??? ??? /proc/8/root (readlink: Permission denied)
init 8 ??? FDS /proc/8/fd/ (opendir: Permission denied)
init 9 ??? cwd ??? ??? ??? ??? /proc/9/cwd (readlink: Permission denied)
init 9 ??? exe ??? ??? ??? ??? /proc/9/exe (readlink: Permission denied)
init 9 ??? root ??? ??? ??? ??? /proc/9/root (readlink: Permission denied)
init 9 ??? FDS /proc/9/fd/ (opendir: Permission denied)
init 10 ??? cwd ??? ??? ??? ??? /proc/10/cwd (readlink: Permission denied)
Для каждого pid я получаю три местоположения, например, для pid "9", я получаю следующие местоположения: - "/proc/1/cwd (ссылка для чтения: Отказано в доступе)","/proc/9/exe","/proc/ 9/fd/ (opendir: Отказано в доступе)"
Теперь, как я могу узнать, какой именно файл используется? Я новичок, поэтому недостаточно знаю. Любое предложение будет большим подспорьем с вашей стороны.