| FSTAT(1) | General Commands Manual | FSTAT(1) | 
fstat —
| fstat | [ -Afnv] [-Mcore] [-Nsystem] [-ppid] [-uuser] [file ...] | 
fstat identifies open files. A file is considered open
  by a process if it was explicitly opened, is the working directory, root
  directory, active pure text, or kernel trace file for that process. If no
  options are specified, fstat reports on all open files
  in the system.
Options:
-A-ffstat -f /var/log”. Please see the
      BUGS section for issues with this
    option.-M-N-n-p-u-vfstat is running. This is
      normal and unavoidable since the rest of the system is running while
      fstat itself is running.The following fields are printed:
USERCMDPIDFDIf the file number is followed by an asterisk (“*”), the file is not an inode, but rather a socket, FIFO, or there is an error. In this case the remainder of the line doesn't correspond to the remaining headers -- the format of the line is described later under SOCKETS.
MOUNT-n flag wasn't specified, this header is
      present and is the pathname that the file system the file resides in is
      mounted on.DEV-n flag is specified, this header is
      present and is the major/minor number of the device that this file resides
      in.INUMMODE-n flag isn't
      specified, the mode is printed using a symbolic format (see
      strmode(3)); otherwise, the
      mode is printed as an octal number.SZ|DV-n flag is
      not specified, prints the name of the special file as located in
      /dev. If that cannot be located, or the
      -n flag is specified, prints the major/minor
      device number that the special device refers to.R/WNAME-f
      flag is not, then this field is present and is the name associated with
      the given file. Normally the name cannot be determined since there is no
      mapping from an open file back to the directory entry that was used to
      open that file. Also, since different directory entries may reference the
      same file (via ln(1)), the name
      printed may not be the actual name that the process originally used to
      open that file.For example, the addresses mentioned above are the addresses which
    the “netstat -A” command would print
    for TCP, UDP, and UNIX domain. For kernels compiled
    with PIPE_SOCKETPAIR pipes appear as connected
    UNIX domain stream sockets. A unidirectional
    UNIX domain socket indicates the direction of flow
    with an arrow (“<-” or “->”), and a full
    duplex socket shows a double arrow (“<->”).
For internet sockets fstat also attempts
    to print the internet address and port for the local end of a connection. If
    the socket is connected, it also prints the remote internet address and
    port. An asterisk (“*”) is used to indicate an INADDR_ANY
    binding.
fstat command appeared in
  4.3BSD-Tahoe.
fstat takes a snapshot of the system, it is only
  correct for a very short period of time.
Moreover, because DNS resolution and YP lookups cause many file
    descriptor changes, fstat does not attempt to
    translate the internet address and port numbers into symbolic names.
Note that the -f option will not list
    UNIX domain sockets open in the file system, because
    the pathnames in the sockets may not be absolute and are not deterministic.
    To find all the UNIX domain sockets, use
    fstat to list all the sockets, and look for the ones
    that maybe belong in the file system.
| December 15, 2013 | NetBSD 9.4 |