Presenting a virtual filesystem to a Linux process without root access

About

Asked 6/8, 2015 at 21:22 Answered 9/8, 2015 at 18:27

I'm looking for a way to present a userspace filesystem to a specific Linux process but I don't have root access.

The obvious answer is FUSE but without root access I cannot load the kernel module and so FUSE seems to be out of the question (unless there's a way to LD_PRELOAD it?).

The next best thing seems to be LD_PRELOAD with something that intercepts relevant FS calls and then transforms them, much like FUSE does at the VFS layer.

So my questions are:

Does an LD_PRELOAD-able filesystem like FUSE exist?
If I LD_PRELOAD some FS call intercepts for a process are there any gotchas, like perhaps the FS intercepts not being inherited by forks or children?

Nicky answered 6/8, 2015 at 21:22 Comment(1)

github.com/axw/mrhooker so far looks the most promising, especially seeing as my Python is worlds better than my c. I'll wait a few days to see if any other suggestions are made and then try that if not. – Nicky 10/8, 2015 at 7:48

-3

AFAIK LD_PRELOAD can help you only to add some extra libraries (.so) which are not already present to in the system in the default path (nothing to do with filesystem).

Considering normal control flow in linux, all these system calls(filesystem related) will end-up in kernel space and eventually end up to the designated filesystem kernel modules. FUSE routes it back to user-space. I don't think you can intercept at VFS without disturbing kernel level code.

Going by your requirements you may need wrapper over libc which considers these files as a special case and bypasses the system calls

Liripipe answered 9/8, 2015 at 18:27 Comment(3)

LD_PRELOAD does indeed allow me to "override" filesystem calls (and indeed any other calls made to shared library functions) with my own, I already know this is possible. What I'm after is something already written that does this, and confirmation that there aren't any gotchas. tomaz.me/2014/01/08/… has a good working example of doing exactly what you're thinking can't be done. – Nicky 10/8, 2015 at 7:31

Well what i understood from your question is you are not interested in handling the data but just interested in manipulating paths/permissions. Once you make a system call with a path, its all done at filesystem lookup implementation in kernel module. If you wish to take complete control of data and metadata, you may as well look at HDFS implementation. They provide api's to specifically push and retrieve data. Though meant for a different purpose, you may look in similar lines. – Liripipe 11/8, 2015 at 17:5

File system calls are in libc and are overloade-able. gnu.org/software/libc/manual/html_node/… documents just some of the calls that you can overload with an LD_PRELOADed library to alter the way a process not only opens but reads, writes, seeks, etc. This offers the possibility of transparent encryption, compression, etc, far beyond simply manipulating paths. I'm looking for an LD_PRELOADable filesystem that I can hook into to present a virtual filesystem to a linux process and HDFS isn't that. – Nicky 11/8, 2015 at 20:18

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags