8

I am trying to inject a SO into a process that starts using systemd init system (using LD_PRELOAD), but it does not loaded into the new process.

I complied a basic SO (unrandom.c):

int rand(){
    return 42; //the most random number in the universe
}

with the command line:

gcc -shared -fPIC unrandom.c -o unrandom.so

I changed the .service file to include:

Environment="LD_PRELOAD=/tmp/unrandom.so"

After starting the service the LD_PRELOAD environment variable is exist in the process, but the SO does not injected 

cat /proc/<PID>/maps

Am I missing something?

My machine is RHEL7

Or Smolnik
  • 81
  • 1
  • 5
  • Does it work if you run in from a shell? – hek2mgl Mar 16 '16 at 11:29
  • yes, If i'm running the command straight from shell it is working... – Or Smolnik Mar 16 '16 at 11:46
  • I would need to test that. I can give you a feedback in the evening. Btw, strange idea! :) May I ask why you are doing that? – hek2mgl Mar 16 '16 at 12:28
  • is not a strange idea, I find myself trying to do the same because a bug workaround: https://bugs.launchpad.net/ubuntu/+source/libpam-ldap/+bug/1418265 – nicocesar Nov 08 '16 at 14:27
  • 1
    What is the process started with systemd? Is it statically or dynamically linked (check with `ldd /path/filename`), or is it script (check `head -1 /path/filename`) or is it suid program which will drop its LD_PRELOAD? – osgx Mar 05 '17 at 06:15
  • Are you sure the architectures of your .so and your program match? That is, are they both x86_64 or both i686? – Alexander Amelkin Jun 07 '17 at 15:11

1 Answers1

2

Setuid processes restrict usage of LD_PRELOAD (and some other env. variables) due to security reasons.

Loaded library must be specified via name only and be located in one of the directories listed in /etc/ld.so.conf (see e.g. this link). For example on Debian-based systems

sudo cp library.so /usr/lib/x86_64-linux-gnu
LD_PRELOAD=library.so daemon

Another approach is to put full path to library to /etc/ld.so.preload:

sudo echo path/to/library.so >> /etc/ld.so.preload

but then it'll be preloaded to all new processes (which has a high chance of breaking your system if you are not extremely careful).

yugr
  • 13,457
  • 3
  • 37
  • 71