Linux capabilities (setcap) seems to disable LD_LIBRARY_PATH

linux shared-libraries linux-capabilities
Lorenzo Pistone picture Lorenzo Pistone · Mar 23, 2012 · Viewed 14k times · Source

I use LD_LIBRARY_PATH to set the path of a certain user library for an application. But if I set capabilities on this application

sudo setcap CAP_NET_BIND_SERVICE=eip myapplication

then LD_LIBRARY_PATH seems to be ignored. When I launch the program, Linux complains that it cannot find a certain shared library.

I guess that there's some kind of protection kicking in, to prevent applications with extended rights from being hijacked. Is there a workaround?

Answer

scai picture scai · Aug 14, 2012

As already stated in other answers, this behavior is intended. There is some kind of workaround if you can compile (or at least link) the application yourself. Then you can pass -Wl,-rpath <yourDynamicLibraryPath> to gcc or -rpath <yourDynamicLibraryPath> to ld and you won't have to specify LD_LIBRARY_PATH at all on execution.

Related questions

Linux error while loading shared libraries: cannot open shared object file: No such file or directory

Program is part of the Xenomai test suite, cross-compiled from Linux PC into Linux+Xenomai ARM toolchain. # echo $LD_LIBRARY_PATH /lib # ls /lib ld-2.3.3.so libdl-2.3.3.so libpthread-0.10.so ld-linux.so.2 libdl.so.2 libpthread.so.0 libc-2.3.3.so libgcc_s.…

Read More
ld cannot find an existing library

I am attempting to link an application with g++ on this Debian lenny system. ld is complaining it cannot find specified libraries. The specific example here is ImageMagick, but I am having similar problems with a few other libraries too. …

Read More
How to show all shared libraries used by executables in Linux?

I'd like to know which libraries are used by executables on my system. More specifically, I'd like to rank which libraries are used the most, along with the binaries that use them. How can I do this?

Read More