The rtld-audit interface enables you to access information pertaining to the runtime linking of a process. The rtld-audit interface is implemented as an audit library that offers one or more auditing interface routines. If this library is loaded as part of a process, the audit routines are called by the runtime linker at various stages of process execution. These interfaces enable the audit library to access the following information.
The search for dependencies. Search paths can be substituted by the audit library.
Information regarding loaded objects.
Symbol bindings that occur between loaded objects. These bindings can be altered by the audit library.
The lazy binding mechanism that is provided by procedure linkage table entries, allow the auditing of function calls and their return values. See Procedure Linkage Table (Processor-Specific). The arguments to a function and return value of a function can be modified by the audit library.
Some of this information can be obtained by preloading specialized shared objects. However, a preloaded object exists within the same namespace as the objects of a application. This preloading often restricts, or complicates the implementation of the preloaded shared object. The rtld-audit interface offers you a unique namespace in which to execute audit libraries. This namespace ensures that the audit library does not intrude upon the normal bindings that occur within the application.
An example of using the rtld-audit interface is the runtime profiling of shared objects that is described in Profiling Shared Objects.