fstat identifies open files. A file is considered open by a process if it was explicitly opened, is the working directory, root directory, active pure text, or kernel trace file for that process. If no options are specified,
fstat reports on all open files in the system.
Options:
-f
Restrict examination to files open in the same filesystems as the named file arguments, or to the filesystem containing the current directory if there are no additional filename arguments. For example, to find all files open in the filesystem where the directory /usr/src resides, type “fstat -f /usr/src”.
-M
Extract values associated with the name list from the specified core instead of the default /dev/kmem.
-N
Extract the name list from the specified system instead of the default /netbsd.
-n
Numerical format. Print the device number (maj,min) of the filesystem the file resides in rather than the mount point name; for special files, print the device number that the special device refers to rather than the filename in /dev; and print the mode of the file in octal instead of symbolic form.
-p
Report all files open by the specified process.
-u
Report all files open by the specified user.
-v
Verbose mode. Print error messages upon failures to locate particular system data structures rather than silently ignoring them. Most of these data structures are dynamically created or deleted and it is possible for them to disappear while fstat is running. This is normal and unavoidable since the rest of the system is running while fstat itself is running.
file ...
Restrict reports to the specified files.
The following fields are printed:
USER
The username of the owner of the process (effective UID).
CMD
The command name of the process.
FD
The file number in the per-process open file table or one of the following special names:
wd
current working directory
If the file number is followed by an asterisk (“*”), the file is not an inode, but rather a socket, FIFO, or there is an error. In this case the remainder of the line doesn't correspond to the remaining headers -- the format of the line is described later under
SOCKETS.
MOUNT
If the -n flag wasn't specified, this header is present and is the pathname that the filesystem the file resides in is mounted on.
DEV
If the -n flag is specified, this header is present and is the major/minor number of the device that this file resides in.
INUM
The inode number of the file.
MODE
The mode of the file. If the
-n flag isn't specified, the mode is printed using a symbolic format (see
strmode(3)); otherwise, the mode is printed as an octal number.
SZ|DV
If the file is not a character or block special file, prints the size of the file in bytes. Otherwise, if the -n flag is not specified, prints the name of the special file as located in /dev. If that cannot be located, or the -n flag is specified, prints the major/minor device number that the special device refers to.
R/W
This column describes the access mode that the file allows. The letter “r” indicates open for reading; the letter “w” indicates open for writing. This field is useful when trying to find the processes that are preventing a filesystem from being downgraded to read-only.
NAME
If filename arguments are specified and the
-f flag is not, then this field is present and is the name associated with the given file. Normally the name cannot be determined since there is no mapping from an open file back to the directory entry that was used to open that file. Also, since different directory entries may reference the same file (via
ln(1)), the name printed may not be the actual name that the process originally used to open that file.