Oct 25, 2024 · Operations

Tracing Linux Process Capability Changes with eBPF

The article explains how to use eBPF tracepoints to monitor and record changes in Linux process capabilities, detailing the kernel data structures, BPF program logic, and user‑space handling needed to debug real‑world capability issues such as tcpdump failures and systemd service launches.

BPF mapsLinux capabilitieseBPF

0 likes · 14 min read

Tracing Linux Process Capability Changes with eBPF

Liangxu Linux

Dec 17, 2020 · Operations

Mastering strace: Practical Tips for Tracing System Calls and Debugging Linux Processes

This guide explains what strace is, how to use it for filtering system calls, profiling execution time, diagnosing configuration issues, and tracing network activity, providing concrete command examples and interpretation of output to help troubleshoot Linux processes efficiently.

Linuxdebuggingperformance profiling

0 likes · 16 min read

Mastering strace: Practical Tips for Tracing System Calls and Debugging Linux Processes