Develop Reference

How to forward dmesg live output through SSH on Linux

On VMWare or on bare metal, Linux display by default live dmesg content directly to stdout.
But when I'm connected through SSH, it doesn't show up even to the command succeeds
How do I forward every dmesg log through SSH ?
dmesg -wH, watch or tail are not what i'm looking for. I don't want to see the whole dmesg, only the live ones and without disrupting my shell.

Thanks #mjf, you were close.
dmesg -W & doesn't seems to be working since -W uppercase doesn't exist, but dmesg -w & with -w lowercase works perfectly.

To disable messages to console: echo 0 > /proc/sys/kernel/printk. To read messages at a remote machine: ssh yourname#frommachine "cat /dev/kmsg" and to get it into a file at the remote machine while watching: ssh yourname#frommachine "cat /dev/kmsg" | tee frommachinessyslog.log.

How to stop writing to a capture file using tcpdump after it reaches a specific size

I am looking for some solution to stop capturing the tcpdump packet after it capture a specified size .I am using the below command to achieve this but it looks like the tcpdump is not writing all the captured packet to the specified file(myfile.pcap).
sudo tcpdump -i en0 -C 10 -W 1 -z ./stop-tcpdump.sh -w myfile.pcap -K -n
cat stop-tcpdump.sh
#!/bin/sh
TCP_EXECUTABLE="tcpdump"
pid=$(pidof ${TCP_EXECUTABLE})
sudo kill -2 $pid

The easiest solution for tcpdump is probably just to increase -W 1 to -W 2. This will cause a 2nd capture file to begin to be written, but the 1st file of 10MB will remain fully intact instead of getting truncated, because the tcpdump instance won't necessarily be killed due to timing issues before that happens.
Alternatively, you could switch to using dumpcap or tshark, both of which support an explicit -a filesize:value option, so no post-rotate kill script is needed. Note that unlike tcpdump's -C option, this option expects the value in units of kB, not MB.

Read raw USB data for port being used by VirtualBox

I have software for communicating with a serial device that only runs on Windows 7. My host machine is running Ubuntu 16.04, with Windows 7 in virtual box.
I've managed to set it up using USB device filters in VirtualBox settings so that Windows sees and can communicate with the device.
However I'd like to capture what's being sent to and from the device. I thought something as simple as cat /dev/ttyUSB0 would work but unfortunately when I start VirtualBox I get this in dmesg:
[31199.465270] vboxdrv: ffffffffc0df4020 VMMR0.r0
[31199.653494] vboxdrv: ffffffffc0ef7020 VBoxDDR0.r0
[31199.710573] VBoxNetFlt: attached to 'wlp1s0' / 98:54:1b:04:13:48
[31199.863579] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[31199.863674] ftdi_sio 1-3:1.0: device disconnected
So I don't know which file to monitor in /dev anymore. I suppose I might be able to try listen for the communication from Windows, but if I can I'd like to know if it's possible to monitor it from my host machine.
Edit:
This answer helped me for a start. I now get some cool looking stream on the terminal, next step is deciphering it, or if anyone has a better way I'm interested - it looks like the person who answered that question still has deciphering it as a TODO :-)

The fact that it was communicating with software in VirtualBox didn't really matter. This answer got me most of the way just by (as root):
modprobe usbmon
cat /sys/kernel/debug/usb/devices|less and search for device
cat /sys/kernel/debug/usb/usbmon/7u where 7 is the number from "Bus=" in the device table from step 2
From there is was just filtering the output.
A basic way could be just
cat /sys/kernel/debug/usb/usbmon/1u |cut -d\ -f9- | grep ^\n
But the device I was working with was constantly sending lines with just 4 characters, to filter out those I got the address word from the output line, and grepped for that. In my case I only wanted to capture "C" or callback output. I was also filtering for lines that contained more than just the default "0160" that the device was constantly outputting. To try understand the hex output I put a xxd -r -p at the end which gave me:
cat /sys/kernel/debug/usb/usbmon/1u | grep -e 'C Bi:1:005:1\s0\s\w*\s=\s0160\w' | cut -d\ -f8- | xxd -r
Where the grep is
grep -e 'C <address> <someotherstuff> = <always-output-string><anycharacter>
This still gave me this indecipherable junk below, but I don't know the format so I'm stuck here. Maybe the steps to read and filter will be useful for someone
>
O�UDQN��RG_JAMS142E DEFAULT0XXXXXXX�lSTz:�RSDU�vy��������������������������z�fff=�����{6zC"z�u6zC�z�H
;�����C��Af[���RSC�b ISD�EGIN
�CG_IEW0321:0407JUN12S��Z-�$''$'''C'''

How to kill program running in background in ubuntu?

I'm working on MINI2440 and building a custom OS for it using buildroot, but for testing purpose I'm using OS downloaded from official website.
So the problem is, I'm using usbpush to push OS images in MINI2440 through USB, but it popups the message when I enter below commond
sudo ./usbpush supervivi-128M 0x30008000
Unable to claim usb interface 1 of device: could not claim interface 0: Device or resource busy
I don't understand one concept that, whenever I assign executable permission to usbpush, it runs automatically in background. It's clearly seen below
ps -ef | grep usb*
silicod+ 2431 2207 0 10:25 pts/10 00:00:00 grep --color=auto usbpush
I tried to kill using
sudo kill -9 2431
But it creates new pid and again run itsellf in background. I tried googling but nothing works for me.
=============================================================
Well, I got my solution. I don't know what is the problem with my usbpush tool, but I downloaded another tool and it works very well. Here is the link to that tool , may it help someone
Friendly_ARM_Mini2440_USBPUSH
Cheers....!

lovely ;-)
well I guess it is actually not running..
ps -ef will give you details about all running processes
grep usb* - (loose the *) will find any lines containing usb
the way unix/linux does it is that grep gets started first and then the "|" connects output of ps -ef to grep's input
so what you are finding is the grep command itself
what you want is ps -ef | grep -v grep | grep usb - this will work unless your "usb" command is something like grepusb or usbgrep or the line contains grep..

How can I have tcpdump write to file and standard output the appropriate data?

I want to have tcpdump write raw packet data into a file and also display packet analysis into standard output as the packets are captured (by analysis I mean the lines it displays normally when -w is missing).
Can anybody please tell me how to do that?

Here's a neat way to do what you want:
tcpdump -w - -U | tee somefile | tcpdump -r -
What it does:
-w - tells tcpdump to write binary data to stdout
-U tells tcpdump to write each packet to stdout as it is received, rather than buffering them and outputting in chunks
tee writes that binary data to a file AND to its own stdout
-r - tells the second tcpdump to get its data from its stdin

Since tcpdump 4.9.3 4.99.0, the --print option can be used:
tcpdump -w somefile --print
Wednesday, December 30, 2020, by mcr#sandelman.ca, denis and fxl.
Summary for 4.99.0 tcpdump release
[...]
User interface:
[...]
Add --print, to cause packet printing even with -w.

tcpdump ${ARGS} &
PID=$!
tcpdump ${ARGS} -w ${filename}
kill $PID

If you want a way to do it without running tcpdump twice, consider:
sudo tcpdump port 80 -w $(tty) | tee /tmp/output.txt
From the interactive command prompt you could use $TTY instead of $(tty) but in a script the former wouldn't be set (though I'm not sure how common it is to run tcpdump in a script).
Side-note: it's not very Unix-y the way tcpdump by default makes you write to a file. Programs should by default write to stdout. Redirection to a file is already provided by the shell constructs. Maybe there's a good reason tcpdump is designed this way but I don't know what that is.