2

Is there any way to catch all syscalls on Linux? The only solution I know of is using LD_PRELOAD à la fakeroot, but that only works for dynamically linked applications. Furthermore, this approach requires enumerating all syscalls which is something I'd like to avoid.

phihag
  • 278,196
  • 72
  • 453
  • 469

2 Answers2

4

I think you are looking for ptrace(2).

Alex B
  • 82,554
  • 44
  • 203
  • 280
0

You can trace a program. Think about how strace works. Hint: it doesn't use LD_PRELOAD tricks.

C. K. Young
  • 219,335
  • 46
  • 382
  • 435