extrace

Trace exec() calls.

TLDR

Trace all program executions occurring on the system

$ sudo extrace
copy

Run a command and only trace descendants of this command

$ sudo extrace [command]
copy

Print the current working directory of each process

$ sudo extrace -d
copy

Resolve the full path of each executable

$ sudo extrace -l
copy

Display the user running each process

$ sudo extrace -u
copy

Copied to clipboard
coinbase