Global auditing requirements can be established by setting the environment variable LD_AUDIT. For example, this environment variable can be used to audit the application main together with all the dependencies of the process, with the audit library audit.so.1.
$ LD_AUDIT=audit.so.1 main |
Global auditing can also be achieved by recording a local auditor in the application, together with the -z globalaudit option. For example, the application main can be built to enable global auditing by using the link-editor's -P option and -z globalaudit option.
$ cc -o main main.c -Wl,-Paudit.so.1 -z globalaudit $ dump -Lv main | fgrep AUDIT [5] DEPAUDIT audit.so.1 [26] FLAGS_1 [ GLOBAL_AUDITING ] |
The auditing enabled through both of these mechanisms results in the audit library being passed information regarding all of the dynamic objects of the process.