This is the parent process.
Enter something: This is the child process.
Enter something: 123
You entered: 123
This is a test output.
This is a test error output.
[DEBUG][PID 3285394] src/execve_interceptor.c:29:execve(): Intercepted execve for: /usr/bin/bash
[DEBUG][PID 3285394] src/execve_interceptor.c:30:execve(): argv[0] = bash
[DEBUG][PID 3285394] src/config.c:114:load_config_if_needed(): Creating shared memory for config data
[DEBUG][PID 3285394] src/config.c:127:load_config_if_needed(): Loading config file for the first time
[DEBUG][PID 3285394] src/config.c:17:load_config_to_shm(): Loading configuration from /tmp/exec_hook/config/execve_rules.json to shared memory
[DEBUG][PID 3285394] src/config.c:89:load_config_to_shm(): Loaded 3 rules to shared memory
[DEBUG][PID 3285394] src/execve_interceptor.c:43:execve(): Not a terminal shell, bypassing interception.
[DEBUG][PID 3285513] src/execve_interceptor.c:29:execve(): Intercepted execve for: /usr/bin/lesspipe
[DEBUG][PID 3285513] src/execve_interceptor.c:30:execve(): argv[0] = lesspipe
[DEBUG][PID 3285513] src/config.c:114:load_config_if_needed(): Creating shared memory for config data
[DEBUG][PID 3285513] src/config.c:127:load_config_if_needed(): Loading config file for the first time
[DEBUG][PID 3285513] src/config.c:17:load_config_to_shm(): Loading configuration from /tmp/exec_hook/config/execve_rules.json to shared memory
[DEBUG][PID 3285513] src/config.c:89:load_config_to_shm(): Loaded 3 rules to shared memory
[DEBUG][PID 3285513] src/execve_interceptor.c:48:execve(): Current Config rule count : 3
[DEBUG][PID 3285513] src/logging.c:21:write_log(): Writing exec log for command: /usr/bin/lesspipe
[DEBUG][PID 3285513] src/logging.c:154:duplicate_output_to_log(): Signal handler for SIGINT installed.
[DEBUG][PID 3285513] src/logging.c:236:duplicate_output_to_log(): Child process exited normally
[DEBUG][PID 3285513] src/init_cleanup.c:23:cleanup_shared_memory(): execve_intercept library unloaded.
[DEBUG][PID 3285513] src/init_cleanup.c:25:cleanup_shared_memory(): Log file: ./logs/execve.log
[DEBUG][PID 3285513] src/init_cleanup.c:26:cleanup_shared_memory(): Log out file: ./logs/execve_out.log
[DEBUG][PID 3285513] src/init_cleanup.c:27:cleanup_shared_memory(): Config file: /tmp/exec_hook/config/execve_rules.json
[DEBUG][PID 3285513] src/init_cleanup.c:28:cleanup_shared_memory(): Shared memory ID: 2
[DEBUG][PID 3285513] src/init_cleanup.c:30:cleanup_shared_memory(): Cleaning up shared memory.
/tmp/exec_hook/intercept.so(print_stacktrace+0x23)[0x7f78a48e21a5]
/tmp/exec_hook/intercept.so(cleanup_shared_memory+0x210)[0x7f78a48e29e0]
/lib64/ld-linux-x86-64.so.2(+0x624e)[0x7f78a48f024e]
/lib/x86_64-linux-gnu/libc.so.6(+0x45495)[0x7f78a46b8495]
/lib/x86_64-linux-gnu/libc.so.6(on_exit+0x0)[0x7f78a46b8610]
/tmp/exec_hook/intercept.so(duplicate_output_to_log+0x623)[0x7f78a48e334c]
/tmp/exec_hook/intercept.so(execve+0x5e4)[0x7f78a48e27a8]
bash(shell_execve+0x36)[0x60ac0270ba46]
bash(+0x5b8e7)[0x60ac027128e7]
bash(+0x4b993)[0x60ac02702993]
bash(execute_command_internal+0xf1d)[0x60ac02704b5d]
bash(parse_and_execute+0x6c8)[0x60ac027654e8]
bash(command_substitute+0xa98)[0x60ac0272d938]
bash(+0x780a2)[0x60ac0272f0a2]
bash(+0x81d58)[0x60ac02738d58]
bash(+0x83277)[0x60ac0273a277]
bash(+0x87df9)[0x60ac0273edf9]
bash(+0x4bf8f)[0x60ac02702f8f]
bash(execute_command_internal+0xf1d)[0x60ac02704b5d]
bash(execute_command+0xc8)[0x60ac027071b8]
bash(execute_command_internal+0x343b)[0x60ac0270707b]
bash(parse_and_execute+0x6c8)[0x60ac027654e8]
bash(+0xaf1c6)[0x60ac027661c6]
bash(maybe_execute_file+0x2e)[0x60ac0276659e]
bash(main+0x1a30)[0x60ac026e9db0]
/lib/x86_64-linux-gnu/libc.so.6(+0x29d90)[0x7f78a469cd90]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80)[0x7f78a469ce40]
bash(_start+0x25)[0x60ac026e9f15]
bash: eval: 行 31: 未预期的记号 "(" 附近有语法错误
bash: eval: 行 31: `[DEBUG][PID 3285514] src/logging.c:125:duplicate_output_to_log(): Child process 3285514: stdout is /dev/pts/6'
[DEBUG][PID 3285518] src/execve_interceptor.c:29:execve(): Intercepted execve for: /usr/bin/dircolors
[DEBUG][PID 3285518] src/execve_interceptor.c:30:execve(): argv[0] = dircolors
[DEBUG][PID 3285518] src/config.c:114:load_config_if_needed(): Creating shared memory for config data
[DEBUG][PID 3285518] src/config.c:127:load_config_if_needed(): Loading config file for the first time
[DEBUG][PID 3285518] src/config.c:17:load_config_to_shm(): Loading configuration from /tmp/exec_hook/config/execve_rules.json to shared memory
[DEBUG][PID 3285518] src/config.c:89:load_config_to_shm(): Loaded 3 rules to shared memory
[DEBUG][PID 3285518] src/execve_interceptor.c:48:execve(): Current Config rule count : 3
[DEBUG][PID 3285518] src/logging.c:21:write_log(): Writing exec log for command: /usr/bin/dircolors
[DEBUG][PID 3285518] src/logging.c:154:duplicate_output_to_log(): Signal handler for SIGINT installed.
[DEBUG][PID 3285518] src/logging.c:236:duplicate_output_to_log(): Child process exited normally
[DEBUG][PID 3285518] src/init_cleanup.c:23:cleanup_shared_memory(): execve_intercept library unloaded.
[DEBUG][PID 3285518] src/init_cleanup.c:25:cleanup_shared_memory(): Log file: ./logs/execve.log
[DEBUG][PID 3285518] src/init_cleanup.c:26:cleanup_shared_memory(): Log out file: ./logs/execve_out.log
[DEBUG][PID 3285518] src/init_cleanup.c:27:cleanup_shared_memory(): Config file: /tmp/exec_hook/config/execve_rules.json
[DEBUG][PID 3285518] src/init_cleanup.c:28:cleanup_shared_memory(): Shared memory ID: 2
[DEBUG][PID 3285518] src/init_cleanup.c:30:cleanup_shared_memory(): Cleaning up shared memory.
/tmp/exec_hook/intercept.so(print_stacktrace+0x23)[0x7f78a48e21a5]
/tmp/exec_hook/intercept.so(cleanup_shared_memory+0x210)[0x7f78a48e29e0]
/lib64/ld-linux-x86-64.so.2(+0x624e)[0x7f78a48f024e]
/lib/x86_64-linux-gnu/libc.so.6(+0x45495)[0x7f78a46b8495]
/lib/x86_64-linux-gnu/libc.so.6(on_exit+0x0)[0x7f78a46b8610]
/tmp/exec_hook/intercept.so(duplicate_output_to_log+0x623)[0x7f78a48e334c]
/tmp/exec_hook/intercept.so(execve+0x5e4)[0x7f78a48e27a8]
bash(shell_execve+0x36)[0x60ac0270ba46]
bash(+0x5b8e7)[0x60ac027128e7]
bash(+0x4b993)[0x60ac02702993]
bash(execute_command_internal+0xf1d)[0x60ac02704b5d]
bash(parse_and_execute+0x6c8)[0x60ac027654e8]
bash(command_substitute+0xa98)[0x60ac0272d938]
bash(+0x780a2)[0x60ac0272f0a2]
bash(+0x81d58)[0x60ac02738d58]
bash(+0x83277)[0x60ac0273a277]
bash(+0x87df9)[0x60ac0273edf9]
bash(+0x4bf8f)[0x60ac02702f8f]
bash(execute_command_internal+0xf1d)[0x60ac02704b5d]
bash(execute_command+0xc8)[0x60ac027071b8]
bash(execute_command_internal+0x343b)[0x60ac0270707b]
bash(execute_command+0xc8)[0x60ac027071b8]
bash(execute_command_internal+0x1d8e)[0x60ac027059ce]
bash(execute_command+0xc8)[0x60ac027071b8]
bash(execute_command_internal+0x1d8e)[0x60ac027059ce]
bash(execute_command+0xc8)[0x60ac027071b8]
bash(execute_command_internal+0x1d8e)[0x60ac027059ce]
bash(execute_command+0xc8)[0x60ac027071b8]
bash(execute_command_internal+0x1d8e)[0x60ac027059ce]
bash(execute_command+0xc8)[0x60ac027071b8]
bash(execute_command_internal+0x108a)[0x60ac02704cca]
bash(parse_and_execute+0x6c8)[0x60ac027654e8]
bash(+0xaf1c6)[0x60ac027661c6]
bash(maybe_execute_file+0x2e)[0x60ac0276659e]
bash(main+0x1a30)[0x60ac026e9db0]
/lib/x86_64-linux-gnu/libc.so.6(+0x29d90)[0x7f78a469cd90]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80)[0x7f78a469ce40]
bash(_start+0x25)[0x60ac026e9f15]
bash: eval: 行 77: 未预期的记号 "(" 附近有语法错误
bash: eval: 行 77: `[DEBUG][PID 3285519] src/logging.c:125:duplicate_output_to_log(): Child process 3285519: stdout is /dev/pts/6'
[?2004h]0;qcqcqc@qcqcqc-ThinkCentre-M710q-N000: ~/workspace/test_execve[01;32mqcqcqc@qcqcqc-ThinkCentre-M710q-N000[00m:[01;34m~/workspace/test_execve[00m$ You entered: exit
This is a test output.
This is a test error output.
[DEBUG][PID 3285395] src/execve_interceptor.c:29:execve(): Intercepted execve for: /usr/bin/bash
[DEBUG][PID 3285395] src/execve_interceptor.c:30:execve(): argv[0] = bash
[DEBUG][PID 3285395] src/config.c:114:load_config_if_needed(): Creating shared memory for config data
[DEBUG][PID 3285395] src/config.c:127:load_config_if_needed(): Loading config file for the first time
[DEBUG][PID 3285395] src/config.c:17:load_config_to_shm(): Loading configuration from /tmp/exec_hook/config/execve_rules.json to shared memory
[DEBUG][PID 3285395] src/config.c:89:load_config_to_shm(): Loaded 3 rules to shared memory
[DEBUG][PID 3285395] src/execve_interceptor.c:48:execve(): Current Config rule count : 3
[DEBUG][PID 3285395] src/logging.c:21:write_log(): Writing exec log for command: /usr/bin/bash
[DEBUG][PID 3285395] src/logging.c:154:duplicate_output_to_log(): Signal handler for SIGINT installed.
[DEBUG][PID 3286125] src/logging.c:125:duplicate_output_to_log(): Child process 3286125: stdout is /dev/pts/6
[DEBUG][PID 3286126] src/execve_interceptor.c:29:execve(): Intercepted execve for: /usr/bin/lesspipe
[DEBUG][PID 3286126] src/execve_interceptor.c:30:execve(): argv[0] = lesspipe
[DEBUG][PID 3286126] src/config.c:114:load_config_if_needed(): Creating shared memory for config data
[DEBUG][PID 3286126] src/config.c:127:load_config_if_needed(): Loading config file for the first time
[DEBUG][PID 3286126] src/config.c:17:load_config_to_shm(): Loading configuration from /tmp/exec_hook/config/execve_rules.json to shared memory
[DEBUG][PID 3286126] src/config.c:89:load_config_to_shm(): Loaded 3 rules to shared memory
[DEBUG][PID 3286126] src/execve_interceptor.c:48:execve(): Current Config rule count : 3
[DEBUG][PID 3286126] src/logging.c:21:write_log(): Writing exec log for command: /usr/bin/lesspipe
[DEBUG][PID 3286126] src/logging.c:154:duplicate_output_to_log(): Signal handler for SIGINT installed.
[DEBUG][PID 3286126] src/logging.c:236:duplicate_output_to_log(): Child process exited normally
[DEBUG][PID 3286126] src/init_cleanup.c:23:cleanup_shared_memory(): execve_intercept library unloaded.
[DEBUG][PID 3286126] src/init_cleanup.c:25:cleanup_shared_memory(): Log file: ./logs/execve.log
[DEBUG][PID 3286126] src/init_cleanup.c:26:cleanup_shared_memory(): Log out file: ./logs/execve_out.log
[DEBUG][PID 3286126] src/init_cleanup.c:27:cleanup_shared_memory(): Config file: /tmp/exec_hook/config/execve_rules.json
[DEBUG][PID 3286126] src/init_cleanup.c:28:cleanup_shared_memory(): Shared memory ID: 2
[DEBUG][PID 3286126] src/init_cleanup.c:30:cleanup_shared_memory(): Cleaning up shared memory.
/tmp/exec_hook/intercept.so(print_stacktrace+0x23)[0x73d8544b91a5]
/tmp/exec_hook/intercept.so(cleanup_shared_memory+0x210)[0x73d8544b99e0]
/lib64/ld-linux-x86-64.so.2(+0x624e)[0x73d8544c724e]
/lib/x86_64-linux-gnu/libc.so.6(+0x45495)[0x73d85428f495]
/lib/x86_64-linux-gnu/libc.so.6(on_exit+0x0)[0x73d85428f610]
/tmp/exec_hook/intercept.so(duplicate_output_to_log+0x623)[0x73d8544ba34c]
/tmp/exec_hook/intercept.so(execve+0x5e4)[0x73d8544b97a8]
bash(shell_execve+0x36)[0x5e60732eca46]
bash(+0x5b8e7)[0x5e60732f38e7]
bash(+0x4b993)[0x5e60732e3993]
bash(execute_command_internal+0xf1d)[0x5e60732e5b5d]
bash(parse_and_execute+0x6c8)[0x5e60733464e8]
bash(command_substitute+0xa98)[0x5e607330e938]
bash(+0x780a2)[0x5e60733100a2]
bash(+0x81d58)[0x5e6073319d58]
bash(+0x83277)[0x5e607331b277]
bash(+0x87df9)[0x5e607331fdf9]
bash(+0x4bf8f)[0x5e60732e3f8f]
bash(execute_command_internal+0xf1d)[0x5e60732e5b5d]
bash(execute_command+0xc8)[0x5e60732e81b8]
bash(execute_command_internal+0x343b)[0x5e60732e807b]
bash(parse_and_execute+0x6c8)[0x5e60733464e8]
bash(+0xaf1c6)[0x5e60733471c6]
bash(maybe_execute_file+0x2e)[0x5e607334759e]
bash(main+0x1a30)[0x5e60732cadb0]
/lib/x86_64-linux-gnu/libc.so.6(+0x29d90)[0x73d854273d90]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80)[0x73d854273e40]
bash(_start+0x25)[0x5e60732caf15]
bash: eval: 行 31: 未预期的记号 "(" 附近有语法错误
bash: eval: 行 31: `[DEBUG][PID 3286127] src/logging.c:125:duplicate_output_to_log(): Child process 3286127: stdout is /dev/pts/7'
[DEBUG][PID 3286131] src/execve_interceptor.c:29:execve(): Intercepted execve for: /usr/bin/dircolors
[DEBUG][PID 3286131] src/execve_interceptor.c:30:execve(): argv[0] = dircolors
[DEBUG][PID 3286131] src/config.c:114:load_config_if_needed(): Creating shared memory for config data
[DEBUG][PID 3286131] src/config.c:127:load_config_if_needed(): Loading config file for the first time
[DEBUG][PID 3286131] src/config.c:17:load_config_to_shm(): Loading configuration from /tmp/exec_hook/config/execve_rules.json to shared memory
[DEBUG][PID 3286131] src/config.c:89:load_config_to_shm(): Loaded 3 rules to shared memory
[DEBUG][PID 3286131] src/execve_interceptor.c:48:execve(): Current Config rule count : 3
[DEBUG][PID 3286131] src/logging.c:21:write_log(): Writing exec log for command: /usr/bin/dircolors
[DEBUG][PID 3286131] src/logging.c:154:duplicate_output_to_log(): Signal handler for SIGINT installed.
[DEBUG][PID 3286131] src/logging.c:236:duplicate_output_to_log(): Child process exited normally
[DEBUG][PID 3286131] src/init_cleanup.c:23:cleanup_shared_memory(): execve_intercept library unloaded.
[DEBUG][PID 3286131] src/init_cleanup.c:25:cleanup_shared_memory(): Log file: ./logs/execve.log
[DEBUG][PID 3286131] src/init_cleanup.c:26:cleanup_shared_memory(): Log out file: ./logs/execve_out.log
[DEBUG][PID 3286131] src/init_cleanup.c:27:cleanup_shared_memory(): Config file: /tmp/exec_hook/config/execve_rules.json
[DEBUG][PID 3286131] src/init_cleanup.c:28:cleanup_shared_memory(): Shared memory ID: 2
[DEBUG][PID 3286131] src/init_cleanup.c:30:cleanup_shared_memory(): Cleaning up shared memory.
/tmp/exec_hook/intercept.so(print_stacktrace+0x23)[0x73d8544b91a5]
/tmp/exec_hook/intercept.so(cleanup_shared_memory+0x210)[0x73d8544b99e0]
/lib64/ld-linux-x86-64.so.2(+0x624e)[0x73d8544c724e]
/lib/x86_64-linux-gnu/libc.so.6(+0x45495)[0x73d85428f495]
/lib/x86_64-linux-gnu/libc.so.6(on_exit+0x0)[0x73d85428f610]
/tmp/exec_hook/intercept.so(duplicate_output_to_log+0x623)[0x73d8544ba34c]
/tmp/exec_hook/intercept.so(execve+0x5e4)[0x73d8544b97a8]
bash(shell_execve+0x36)[0x5e60732eca46]
bash(+0x5b8e7)[0x5e60732f38e7]
bash(+0x4b993)[0x5e60732e3993]
bash(execute_command_internal+0xf1d)[0x5e60732e5b5d]
bash(parse_and_execute+0x6c8)[0x5e60733464e8]
bash(command_substitute+0xa98)[0x5e607330e938]
bash(+0x780a2)[0x5e60733100a2]
bash(+0x81d58)[0x5e6073319d58]
bash(+0x83277)[0x5e607331b277]
bash(+0x87df9)[0x5e607331fdf9]
bash(+0x4bf8f)[0x5e60732e3f8f]
bash(execute_command_internal+0xf1d)[0x5e60732e5b5d]
bash(execute_command+0xc8)[0x5e60732e81b8]
bash(execute_command_internal+0x343b)[0x5e60732e807b]
bash(execute_command+0xc8)[0x5e60732e81b8]
bash(execute_command_internal+0x1d8e)[0x5e60732e69ce]
bash(execute_command+0xc8)[0x5e60732e81b8]
bash(execute_command_internal+0x1d8e)[0x5e60732e69ce]
bash(execute_command+0xc8)[0x5e60732e81b8]
bash(execute_command_internal+0x1d8e)[0x5e60732e69ce]
bash(execute_command+0xc8)[0x5e60732e81b8]
bash(execute_command_internal+0x1d8e)[0x5e60732e69ce]
bash(execute_command+0xc8)[0x5e60732e81b8]
bash(execute_command_internal+0x108a)[0x5e60732e5cca]
bash(parse_and_execute+0x6c8)[0x5e60733464e8]
bash(+0xaf1c6)[0x5e60733471c6]
bash(maybe_execute_file+0x2e)[0x5e607334759e]
bash(main+0x1a30)[0x5e60732cadb0]
/lib/x86_64-linux-gnu/libc.so.6(+0x29d90)[0x73d854273d90]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x80)[0x73d854273e40]
bash(_start+0x25)[0x5e60732caf15]
bash: eval: 行 77: 未预期的记号 "(" 附近有语法错误
bash: eval: 行 77: `[DEBUG][PID 3286132] src/logging.c:125:duplicate_output_to_log(): Child process 3286132: stdout is /dev/pts/7'
[?2004h]0;qcqcqc@qcqcqc-ThinkCentre-M710q-N000: ~/workspace/test_execve[01;32mqcqcqc@qcqcqc-ThinkCentre-M710q-N000[00m:[01;34m~/workspace/test_execve[00m$