top | item 44909390 (no title) flakes | 6 months ago Curious, what were you using for doing syscall logging? LD_PRELOAD tricks, or ebpf filtering? discuss order hn newest entelechy|6 months ago mostly strace and it's macos equivalent; Later we moved to ptrace and ebpf. LD_PRELOAD unfortunately doesn't work for statically linked libc. There are also kernel probes but didn't like that it required root permissions...
entelechy|6 months ago mostly strace and it's macos equivalent; Later we moved to ptrace and ebpf. LD_PRELOAD unfortunately doesn't work for statically linked libc. There are also kernel probes but didn't like that it required root permissions...
entelechy|6 months ago