1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
# Template profile for tracexec
# Note that the profile format is not stable yet.
# The latest profile template is available at: https://github.com/kxxt/tracexec/blob/main/config.toml
#
# Ptrace config applies to tui and log subcommands
# but doesn't apply to ebpf subcommand.
#
[]
# Enable seccomp_bpf to optimize performance, values: Auto, On or Off
# seccomp_bpf = "Auto"
#
# Debugger config
# Options about breakpoint feature.
#
[]
# Set the default external command to run when using "Detach, Stop and Run Command" feature in Hit Manager
# {{PID}} will be replaced with the PID of the tracee
# default_external_command = "konsole -e gdb -ex cont -ex cont -p {{PID}}"
#
# Modifier config applies to both TUI and Log mode
#
[]
# Only show successful exec events
# successful_only = false
# Experimental: Try to reproduce stdio in commandline.
# This might result in a broken cmdline if pipes, sockets, etc. are involved.
# stdio_in_cmdline = false
# Experimental: Try to reproduce file descriptors in commandline.
# This might result in a broken cmdline if pipes, sockets, etc. are involved.
# fd_in_cmdline = false
# Resolve /proc/self/exe symlink
# resolve_proc_self_exe = false
#
# Config for TUI mode
#
[]
# Keep the event list scrolled to bottom
# follow = false
# How to handle tracee when we exit? values: Wait, Terminate, Kill
# exit_handling = "Wait"
# The active pane when tui launches. values: Events, Terminal
# active_pane = "Terminal"
# The layout of TUI. values: Horizontal, Vertical
# layout = "Horizontal"
# Target frame rate. A positive floating-point number
# frame_rate = 60.0
#
# Config for Log mode
#
[]
# Try to show script interpreters indicated by shebang
# show_interpreter = false
# How much colors do you like? values: Normal, Less, More
# color_level = "Normal"
# Set the terminal foreground process group to tracee.
# The value here also applies to the collect subcommand
# foreground = true
# How to show file descriptors:
# Diff: show the diff of fds between tracee and original std{in/out/err}.
# Show: show all the file descriptors
# Hide: show nothing
# fd_display = "Diff"
# How to show environment variables:
# Diff: show the diff of env between tracee and original env.
# Show: show all the env vars
# Hide: show nothing
# env_display = "Diff"
# Print commandline that (hopefully) reproduces what was executed.
# This option supersedes env_display and show_argv
# show_cmdline = false
# Show comm of the process before exec
# show_comm = true
# Show the filename to be executed
# show_filename = false
# Show argv of the exec
# show_argv = true
# Show the current working dir of tracee
# show_cwd = false
# Decode errno of exec failure
# decode_errno = true