I am using LSM hook to intercept exec system call to print the path of the executable being executed. On Debian with default partitioning options, the path of the executable is absolute path. But on Debian with multiple partions having separate mount points for tmp, home var etc, the first parent directory is truncated. For example a file in /tmp/abc.sh is appearing as abc.sh. Same is the case with other mount points. In this scenario, how can I get the absolute path?
absolute path of executable in multipartition Linux
138 views Asked by incompetent At
1
There are 1 answers
Related Questions in LINUX-KERNEL
- Android kernel error: undefined reference to `get_hw_version_platform'
- Is there a need for BPF Linux namespace?
- Facing fatal errors while running "yum update" command on CentOS 7/Cloudlinux 7
- crash utility itself crashes while decoding kdump generated from null pointer dereference in kernel module
- How to compile the Linux kernel with -O0 for more detailed debug?
- Linux support for parallel Pixel data Image sensor
- Can't upgrade to newest version of linux-image-6.5.0-26-generic
- How to protect a page so that it cannot be write in mips arch?
- How to extract the .img file into normal kernel source file in the linux?
- Storage size of struct hash_desc desc; isn't known
- How can I intercept failed file openning calls?
- struct nameidata-Linux Kernel Module
- How to modify a 'struct msghdr' in Linux Kernel Module?
- How to allocate 500MB+ physically contiguous memory in a Linux kernel module and copy data to that memory from a userspace process?
- Hyper Threading: nosmt in grub configuration
Related Questions in EXEC
- Unexpected argument on sqlcmd command line
- How does Python's exec function work when sending an empty dictionary in the locals parameter?
- Executing sed from php script
- Parent process doesn't wait for the child process to terminate
- Reading and writing from pipe after execvp using dup2
- Many QPushButtons clicked connecting using exec()
- Dynamic Piping in C
- intercommunicating using stdin and stdout between forked C processes
- Can an imported module use modules already imported?
- Execute a comand for each file within a directory
- pyzmq doesn't receive messages when using exec
- Running exec() via PHP (Laravel) on IIS and Windows Server
- PHP exec/passthru/system produces different result than executing manually from command line, why?
- Start a bash terminal with C using execl / execv and add timeout
- How to get bash find exec to directly execute commands instead of using a temp file?
Related Questions in PARTITION
- Swapping a healthy and unallocated partition in Windows 10
- When the key values are the same, the memory limit is exceeded when making a hash join
- How to update the values in a subpartition table in oracle which has a lot of data?
- PostgreSQL: Prepare SQL statement for determining the size of the partitions of a table
- How to GROUP BY based on newly created MAX() column
- Does ClickHouse support partitioning like traditional RDBMS do, and if so how can I implement it?
- Is Multi level partitioning possible in SQL Server
- How to use "Partition By" in Oracle SQL
- How to add Range-interval partition to existing table in Oracle?
- Finding difference between .RAW/QCOW images and partition
- postgresql partition by list with non primary key not working - insufficient columns in PRIMARY KEY constraint definition
- Current Code Cosmos DB 3.37.1: PartitionKey key mismatch exception
- Filter with partition SQL
- selecting the value of a column that correspond to the last date of a selected date range in Bigquery
- Snowflake external table partition include the field name and value
Related Questions in LINUX-SECURITY-MODULE
- current_cred in Rust
- How to determine LSM hook from a syscall?
- ebpf + lsm - krsi_get_env_var is invalid
- What does "invalid_context" in /var/log/audit/audit.log mean?
- Linux Security Module: Is there a way to check/audit shared library loading?
- Why Linux kernel LSM_HOOK macro is defined with many parameters?
- In the latest linux kernel is it possible to write a loadable Linux Security Module (LSM), which can be loaded and unloaded using insmod and rmmod?
- How to correctly hook lsm on linux 5.1x
- Is it possible to do it using eBPF? I.e., Can I capture the event before the file is deleted. And take back up
- Stop user from running malicious python code in online compilers
- Detection of python ,perl or java in linux system
- Security for setns system call
- How to get SECMARK work on Ubuntu 18.04 or centOS 7.7
- absolute path of executable in multipartition Linux
- Get argv from bprm_check_security in linux kernel. Is the documentation wrong?
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
First, You cannot get absolute path in any LSM hook. Only necessary data (eg: structures, pointers, flags etc) are passed. Furthermore, everything sent is const, so you don't corrupt anything accidentally. Secondly, mapping of partition base paths vary with partitioning schemes. Last, It's absolutely not a good way to execute things from /tmp directory. Try to place your binaries in appropriate locations.