linuxterminalembedded-linuxttypty

How can I spy on communication between a process and a terminal?


I have a Linux process developed by a third-party that communicates with a terminal. For debugging I want to see the communication going back in forth.

One might think cat would do the trick (to see one direction):

    ./third-party-app &
    cat /dev/tty

...but it does not. Rather, cat will steal half of the data intended for the application, which is pretty much worthless.

third-party-app is hard-coded to assume /dev/tty.

One way I found to spy on the communication is to rename the /dev/tty device to, say, /dev/real_tty and create a named pipe called /dev/tty in its place. Then running:

    cat /dev/real_tty | tee /dev/tty &

...will at least let me see the output of /dev/real_tty, by copying the data from /dev/real_tty to the named pipe /dev/tty and stdout.

This sort of works but it feels really dodgy, and relies on the trickery of replacing the device. It also doesn't work in both directions, because named pipes only carry data in one direction.

What's the right way to do this?

If anyone's wondering, the TTY device is a RS-232 link to a microcontroller. The information is not sensitive or secured. All processes (application and spies) can run as root.


Solution

  • You could take a look at slsnif. It does exactly what you want, or if you're interested in writing one yourself the source is available to see how it works.