似乎跟信号那有关系
记账记录的结构体定义在<sys/acct.h>头文件里,并看起来像:
typedef u_short comp_t; /* 3-bit base 8 exponent; 13-bit fraction */
struct acct
{
char ac_flag; /* flag (see following Figure) */
char ac_stat; /* termination status (signal & core flag only) */ /* Solaris Only */
uid_t ac_uid; /* real user ID */
gid_t ac_gid; /*real group ID */
dev_t ac_tty; /* controlling terminal */
time_t ac_btime; /* starting calendar time */
comp_t ac_utime; /* user CPU time (clock ticks) */
comp_t ac_stime; /* system CPU time (clock ticks) */
comp_t ac_etime; /* elapsed time (clock ticks) */
comp_t ac_mem; /* average memory usage */
comp_t ac_io; /* bytes transfered (by read and write) */ /* "blocks on BSD systems */
comp_t ac_rw; /* blocks read or written */ /* (not present on BSD systems) */
char ac_comm[8]; /* command name: [8] for Solaris, [10] for Mac OS X, [16] for FreeBSD, and [17] for Linux */
};
#include <unistd.h>
#include <signal.h>
int
main(void)
{
pid_t pid;
if ((pid = fork()) < 0) {
printf("fork error\n");
exit(1);
} else if (pid != 0) { /* parent */
sleep(2);
exit(2); /* terminate with exit status 2 */
}
/* first child */
if ((pid = fork()) < 0) {
printf("fork error\n");
exit(1);
} else if (pid != 0) {
sleep(4);
abort(); /* terminate with core dump */
}
/* second child */
if ((pid = fork()) < 0) {
printf("fork error\n");
exit(1);
} else if (pid != 0) {
execl("/bin/dd", "dd", "if=/etc/termcap", "of=/dev/null", NULL);
exit(7); /* shouldn't get here */
}
/* third child */
if ((pid = fork()) < 0) {
printf("fork error\n");
exit(1);
} else if (pid != 0) {
sleep(8);
exit(0); /* normal exit */
}
/* fourth child */
sleep(6);
kill(getpid(), SIGKILL); /* terminate w/signal, no core dump */
exit(6); /* shouldn't get here */
}
#include <sys/acct.h>
#include <unistd.h>
#include <stdio.h>
#ifdef HAS_SA_STAT
#define FMT "%-*.*s e = %6ld, chars = %7ld, stat = %3u: %c %c %c %c\n"
#else
#define FMT "%-*.*s e = %6ld, chars = %7ld, %c %c %c %c\n"
#endif
#ifndef HAS_ACORE
#define ACORE 0
#endif
#ifndef HAS_AXSIG
#define AXSIG 0
#endif
static unsigned long
compt2ulong(comp_t comptime) /* convert comp_t to unsigend long */
{
unsigned long val;
int exp;
val = comptime & 0x1fff; /* 13-bit fraction */
exp = (comptime >> 13) & 7; /* 3-bit exponent (0-7) */
while (exp-- > 0)
val *= 8;
return(val);
}
int
main(int argc, char *argv[])
{
struct acct acdata;
FILE *fp;
if (argc != 2) {
printf("usage: parcct filename\n");
exit(1);
}
if ((fp = fopen(argv[1], "r")) == NULL) {
printf("can't open %s\n", argv[1]);
exit(1);
}
while (fread(&acdata, sizeof(acdata), 1, fp) == 1) {
printf(FMT, (int)sizeof(acdata.ac_comm),
(int)sizeof(acdata.ac_comm), acdata.ac_comm,
compt2ulong(acdata.ac_etime), compt2ulong(acdata.ac_io),
#ifdef HAS_SA_STAT
(unsigned char) acdata.ac_stat,
#endif
acdata.ac_flag & ACORE ? 'D' : ' ',
acdata.ac_flag & AXSIG ? 'X' : ' ',
acdata.ac_flag & AFORK ? 'F' : ' ',
acdata.ac_flag & ASU ? 'S' : ' ');
}
if (ferror(fp)) {
printf("read error\n");
exit(1);
}
exit(0);
}