5

I'm looking for a way to present a userspace filesystem to a specific Linux process but I don't have root access.

The obvious answer is FUSE but without root access I cannot load the kernel module and so FUSE seems to be out of the question (unless there's a way to LD_PRELOAD it?).

The next best thing seems to be LD_PRELOAD with something that intercepts relevant FS calls and then transforms them, much like FUSE does at the VFS layer.

So my questions are:

  1. Does an LD_PRELOAD-able filesystem like FUSE exist?
  2. If I LD_PRELOAD some FS call intercepts for a process are there any gotchas, like perhaps the FS intercepts not being inherited by forks or children?
tommyvn
  • 713
  • 5
  • 12
  • https://github.com/axw/mrhooker so far looks the most promising, especially seeing as my Python is worlds better than my c. I'll wait a few days to see if any other suggestions are made and then try that if not. – tommyvn Aug 10 '15 at 07:48

1 Answers1

-2

AFAIK LD_PRELOAD can help you only to add some extra libraries (.so) which are not already present to in the system in the default path (nothing to do with filesystem).

Considering normal control flow in linux, all these system calls(filesystem related) will end-up in kernel space and eventually end up to the designated filesystem kernel modules. FUSE routes it back to user-space. I don't think you can intercept at VFS without disturbing kernel level code.

Going by your requirements you may need wrapper over libc which considers these files as a special case and bypasses the system calls

Akshay Adiga
  • 47
  • 5
  • 1
    LD_PRELOAD does indeed allow me to "override" filesystem calls (and indeed any other calls made to shared library functions) with my own, I already know this is possible. What I'm after is something already written that does this, and confirmation that there aren't any gotchas. http://www.tomaz.me/2014/01/08/detecting-which-process-is-creating-a-file-using-ld-preload-trick.html has a good working example of doing exactly what you're thinking can't be done. – tommyvn Aug 10 '15 at 07:31
  • Well what i understood from your question is you are not interested in handling the data but just interested in manipulating paths/permissions. Once you make a system call with a path, its all done at filesystem lookup implementation in kernel module. If you wish to take complete control of data and metadata, you may as well look at HDFS implementation. They provide api's to specifically push and retrieve data. Though meant for a different purpose, you may look in similar lines. – Akshay Adiga Aug 11 '15 at 17:05
  • File system calls are in libc and are overloade-able. https://www.gnu.org/software/libc/manual/html_node/I_002fO-Primitives.html#I_002fO-Primitives documents just some of the calls that you can overload with an LD_PRELOADed library to alter the way a process not only opens but reads, writes, seeks, etc. This offers the possibility of transparent encryption, compression, etc, far beyond simply manipulating paths. I'm looking for an LD_PRELOADable filesystem that I can hook into to present a virtual filesystem to a linux process and HDFS isn't that. – tommyvn Aug 11 '15 at 20:18