appscope icon indicating copy to clipboard operation
appscope copied to clipboard
verified publisher icon criblio

LD_PRELOAD is not set in some cases when exec'ing into a container that was started after a scope rule was added

Open seanvaleo opened this issue 2 years ago • 0 comments

Steps To Reproduce

A summary of the problem:

  • edge container: add a scope rule and hit save
  • host: start a new ubuntu container as a daemon with sleep 10000
  • host: exec /bin/bash in the new container
  • env | grep LD_PRELOAD reveals that LD_PRELOAD is not set in the new bash shell
    • mounts are there
    • the library is there

Currently we only support the scenario of starting a container like docker run --rm -it ubuntu /bin/bash and running processes from that bash session.

As a workaround, users can start new containers like: docker run --rm -it -d -e LD_PRELOAD=/opt/appscope/libscope.so ubuntu sleep 10000 (with sleep being an example). If the "new container" is started in this manner, the LD_PRELOAD environment variable will be present even after exec'ing in, in the future.

Environment

- AppScope: 1.4.1
- OS: ubuntu
- Architecture: ARM
- Kernel: ?

Requested priority

None

Relevant log output

No response

seanvaleo avatar Jul 20 '23 15:07 seanvaleo