我有点困惑,因为在Docker容器lsof -i
内没有任何输出。
示例(来自容器内部的所有命令/输出):
[1] root@ec016481cf5f:/# lsof -i
[1] root@ec016481cf5f:/# netstat -tulpn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
另请注意,不会显示PID或程序名称netstat
。fuser
还给出了一些令人困惑的输出,并且也无法精确定位PID。
谁能对此有所启示?
- 我该如何替代
lsof -i
(也要查看进程名称!) - 为什么产量
netstat
也会下降?
注意:容器运行"ExecDriver": "native-0.1"
,这是Docker自己的执行层,而不是LXC。
[1] root@ec016481cf5f:/# fuser -a4n tcp 22
Cannot stat file /proc/1/fd/0: Permission denied
Cannot stat file /proc/1/fd/1: Permission denied
Cannot stat file /proc/1/fd/2: Permission denied
Cannot stat file /proc/1/fd/3: Permission denied
Cannot stat file /proc/1/fd/255: Permission denied
Cannot stat file /proc/6377/fd/0: Permission denied
Cannot stat file /proc/6377/fd/1: Permission denied
Cannot stat file /proc/6377/fd/2: Permission denied
Cannot stat file /proc/6377/fd/3: Permission denied
Cannot stat file /proc/6377/fd/4: Permission denied
22/tcp:
(我没有被迷住Permission denied
,因为那个数字。令我困惑的是。之后的空PID列表22/tcp
。)
# lsof|awk '$1 ~ /^sshd/ && $3 ~ /root/ {print}'
sshd 6377 root cwd unknown /proc/6377/cwd (readlink: Permission denied)
sshd 6377 root rtd unknown /proc/6377/root (readlink: Permission denied)
sshd 6377 root txt unknown /proc/6377/exe (readlink: Permission denied)
sshd 6377 root 0 unknown /proc/6377/fd/0 (readlink: Permission denied)
sshd 6377 root 1 unknown /proc/6377/fd/1 (readlink: Permission denied)
sshd 6377 root 2 unknown /proc/6377/fd/2 (readlink: Permission denied)
sshd 6377 root 3 unknown /proc/6377/fd/3 (readlink: Permission denied)
sshd 6377 root 4 unknown /proc/6377/fd/4 (readlink: Permission denied)
sshd 6442 root cwd unknown /proc/6442/cwd (readlink: Permission denied)
sshd 6442 root rtd unknown /proc/6442/root (readlink: Permission denied)
sshd 6442 root txt unknown /proc/6442/exe (readlink: Permission denied)
sshd 6442 root 0 unknown /proc/6442/fd/0 (readlink: Permission denied)
sshd 6442 root 1 unknown /proc/6442/fd/1 (readlink: Permission denied)
sshd 6442 root 2 unknown /proc/6442/fd/2 (readlink: Permission denied)
sshd 6442 root 3 unknown /proc/6442/fd/3 (readlink: Permission denied)
sshd 6442 root 4 unknown /proc/6442/fd/4 (readlink: Permission denied)
sshd 6442 root 5 unknown /proc/6442/fd/5 (readlink: Permission denied)
连接的用户还有更多输出,也可以正确识别出输出,仅此而已。显然不可能lsof -i
确定某个“对象”是哪种类型(对Internet套接字的限制)。
sshd
相关的)行,其中某些行可能是TCP套接字,例如TYPE
unknown
。特有。将输出附加到我的问题。
strace -s 2000 -o lsof.log lsof -i
它,则可能会给您一些进一步的洞察力,以了解正在被阻止的内容。
strace
本身也可能限制在容器中。令人兴奋的新东西要学习。感谢您的弹跳创意。不过必须打床上。
lsof
报告?相同?