FSTAT(1) | General Commands Manual | FSTAT(1) |
fstat
—
fstat |
[-Afnv ] [-M
core] [-N
system] [-p
pid] [-u
user] [file ...] |
fstat
identifies open files. A file is considered open
by a process if it was explicitly opened, is the working directory, root
directory, active pure text, or kernel trace file for that process. If no
options are specified, fstat
reports on all open files
in the system.
Options:
-A
-f
fstat -f /var/log
”. Please see the
BUGS section for issues with this
option.-M
-N
-n
-p
-u
-v
fstat
is running. This is
normal and unavoidable since the rest of the system is running while
fstat
itself is running.The following fields are printed:
USER
CMD
PID
FD
If the file number is followed by an asterisk (“*”), the file is not an inode, but rather a socket, FIFO, or there is an error. In this case the remainder of the line doesn't correspond to the remaining headers -- the format of the line is described later under SOCKETS.
MOUNT
-n
flag wasn't specified, this header is
present and is the pathname that the file system the file resides in is
mounted on.DEV
-n
flag is specified, this header is
present and is the major/minor number of the device that this file resides
in.INUM
MODE
-n
flag isn't
specified, the mode is printed using a symbolic format (see
strmode(3)); otherwise, the
mode is printed as an octal number.SZ|DV
-n
flag is
not specified, prints the name of the special file as located in
/dev. If that cannot be located, or the
-n
flag is specified, prints the major/minor
device number that the special device refers to.R/W
NAME
-f
flag is not, then this field is present and is the name associated with
the given file. Normally the name cannot be determined since there is no
mapping from an open file back to the directory entry that was used to
open that file. Also, since different directory entries may reference the
same file (via ln(1)), the name
printed may not be the actual name that the process originally used to
open that file.For example, the addresses mentioned above are the addresses which
the “netstat -A
” command would print
for TCP, UDP, and UNIX domain. For kernels compiled
with PIPE_SOCKETPAIR
pipes appear as connected
UNIX domain stream sockets. A unidirectional
UNIX domain socket indicates the direction of flow
with an arrow (“<-” or “->”), and a full
duplex socket shows a double arrow (“<->”).
For internet sockets fstat
also attempts
to print the internet address and port for the local end of a connection. If
the socket is connected, it also prints the remote internet address and
port. An asterisk (“*”) is used to indicate an INADDR_ANY
binding.
fstat
command appeared in
4.3BSD-Tahoe.
fstat
takes a snapshot of the system, it is only
correct for a very short period of time.
Moreover, because DNS resolution and YP lookups cause many file
descriptor changes, fstat
does not attempt to
translate the internet address and port numbers into symbolic names.
Note that the -f
option will not list
UNIX domain sockets open in the file system, because
the pathnames in the sockets may not be absolute and are not deterministic.
To find all the UNIX domain sockets, use
fstat
to list all the sockets, and look for the ones
that maybe belong in the file system.
December 15, 2013 | NetBSD 9.4 |