4

When I run docker as following:

docker run -it -e LD_PRELOAD=/bin/xyz.so bash env

It runs as expected, and the output is:

HOSTNAME=2116ac3bae11
_BASH_VERSION=4.4
_BASH_LATEST_PATCH=23
PWD=/
HOME=/root
_BASH_GPG_KEY=7C0135FB088AAF6C66C650B9BB5869F064EA74AB
TERM=xterm
SHLVL=0
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
_BASH_PATCH_LEVEL=18
LD_PRELOAD=/bin/xyz.so

However, when I run the same command but with another image, such as ubuntu or centos:

docker run -it -e LD_PRELOAD=/bin/xyz.so ubuntu env
docker run -it -e LD_PRELOAD=/bin/xyz.so centos:7 env

The LD_PRELOAD variable disappearing from the output:

PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
HOSTNAME=00b161980ef6
TERM=xterm
HOME=/root

Can anyone explain what is the difference between the commands? How can I run centos image with LD_PRELOAD?

It seems to be some docker security mechanism which clearing the LD_PRELOAD from the environment variables. But why only in the last commands and not in the first one?

Docker version 17.12.1-ce, build 7390fc6

BezBran
  • 161
  • 1
  • 8
  • 1
    Works on my boxes (docker 18.05.0 - mac; docker 17.05.0 - linux). Rather than using `LD_PRELOAD`, I would recommend overwriting the `/etc/ld.so.preload` file with a volume mount. It should have the same effect. – Anya Shenanigans Jul 12 '18 at 14:32

1 Answers1

-1

It is possible that your ld_preload shared object does not exist inside these docker images or that it depends on dependencies that do not exist inside the other docker images. You can easily figure it out by looking at the shared object and its dependencies in the Docker image file system. to figure out what are the dependencies, use "ldd /bin/xyz.so" for the dependencies.

Eli Mordechai
  • 1
  • 1
  • That still does not explain why `env` does not print the value of `LD_PRELOAD`. But I can't repro here; `centos` prints it just fine for me (standard CentOS image from DockerHub). – tripleee Jun 08 '21 at 08:05