im using the below as a wrapper for the open() syscall on my system... i've compiled this into a .so file.... and put it in /etc/ld.so.preload. it appears to be working well...
int open(__const char *pathname, int flags, mode_t mode)
{
printf("in open %s\n ", pathname);
//other stuff
}
it works for all binaries... vim, touch, cat, less, head, etc.... EXCEPT... the "ls" command!!
I don't understand why.
if i use "sudo ls", it ends up using the wrapper again correctly....
so what's so special about "ls" that the shared library loader decides it can skip my open() wrapper function...?
vagrant@vagrant-ubuntu-trusty-64:/vagrant$ ldd /bin/ls
linux-vdso.so.1 => (0x00007fffacbcd000)
/usr/lib/x86_64-linux-gnu/libtracing.so (0x00007f09b0bce000)
libselinux.so.1 => /lib/x86_64-linux-gnu/libselinux.so.1 (0x00007f09b09ab000)
libacl.so.1 => /lib/x86_64-linux-gnu/libacl.so.1 (0x00007f09b07a3000)
libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f09b03de000)
libdl.so.2 => /lib/x86_64-linux-gnu/libdl.so.2 (0x00007f09b01da000)
libpcre.so.3 => /lib/x86_64-linux-gnu/libpcre.so.3 (0x00007f09aff9c000)
/lib64/ld-linux-x86-64.so.2 (0x00007f09b0dd0000)
libattr.so.1 => /lib/x86_64-linux-gnu/libattr.so.1 (0x00007f09afd97000)
i can see that its linked (my so is the 2nd one called libtracing.so).
this doesnt happen with any of the other commands i run sudo or not, they all seem to work.
is this something special because of libselinux? anyone have any thoughts?
