Has it ever happened to you to be working on a system where you’re not completely in control (i.e. non-root)? Well, it happened to me more than once and quite recently I had to mount a UnionFS on such system – without any special privileges or cooperation from the system admin. Of course it turned out to be impossible using regular UnionFS/FUSE mechanism, so I had to prepare my own solution, based (as so many other cool hacks) on LD_PRELOAD trick and interception of file operations-related library calls. Obviously it’s not perfect because any piece of software that accesses files using other routines than the ones I’m trapping will circumvent this whole set-up. Nevertheless it turned out to be effective enough for my purposes, which in this case were to install TigerVNC, Fluxbox and Midnight Commander (+ their dependencies) from the official CentOS distribution packages into my home directory. For this particular bunch I had to override the following routines: open64, fopen64, access, stat, lstat, stat64, lstat64, __xstat, __lxstat, __xstat64, __lxstat64 and catopen. It was a bit surprising, especially the __* routines which I never even knew existed, but I managed to spot them using strace and objdump combo. That’s it for the introduction, now to the practical stuff…

To build, type:

gcc unionfs_by_intercept.c -shared -fPIC -ldl -o unionfs_by_intercept.so

Then, the usage is quite simple:

export UNIONFS=/path1:/path2:…:/pathN
export LD_PRELOAD=/path/to/unionfs_by_intercept.so



to get some debug messages printed to stderr.

The paths are unified at the root (/) level, e.g. specifying UNIONFS=/:/my/path would make the tricked applications see root as having the contents of original root plus whatever is in /my/path.

The code is published under revised BSD license: unionfs_by_intercept.c. In the rare event of actually finding it potentially useful, I hope it works for you 😉

Leave a Reply

Your email address will not be published. Required fields are marked *