Things look quiet here. But I've been doing a lot of blogging at
dan.langille.org because I prefer WordPress now.
Not all my posts there are FreeBSD related.
I am in the midst of migrating The FreeBSD Diary over to WordPress
(and you can read about that here).
Once the migration is completed, I'll move the FreeBSD posts into the
new FreeBSD Diary website.
watch allows you to snoop on another terminal. It's for superuser only.
Why use watch?
Sometimes, often for security purposes, it is useful to see what someone is doing.
Perhaps you found someone cracking into your system and you want to see what
they're doing. I dunno. Maybe you're just nosy.
What does watch need?
watch needs the following kernel option:
pseudo-device snp 3
This allows for four snoop devices. I think you need one for each concurrent watch
session. I'm not sure. You should add the following to your kernel and
recompile. This is pretty easy. Then you will need to follow the Handbook instructions Building and Installing
a Custom Kernel.
watch also needs the snoop devices. You should do the following:
That should give you the devices you need.
If you get the following error, then you didn't do the steps in the previous section.
Bad! Go back and try again.
# watch ttyp1
watch: fatal: cannot open snoop device
If you get this error, then the next section will show you what to do.
Here's how I did it:
dan ttyp0 Nov 27 17:35 (wocker.int)
dan ttyp1 Nov 28 12:36 (wocker.int)
# watch ttyp1
Or, if you want to be able to write to the other terminal, try this: