Elf-audit is a project mainly written in C, it's free.
Wrapper to make using the RTLD ELF audit interfaces more palatable.
Some simple libraries to make using the RTLD ELF auditing interfaces a bit easier. Look in test_audit.c for an example. Build it, and then load it like this:
LD_AUDIT=/local/scratch/sos22/elf-audit/test_audit.so /bin/ls
changing the path in the obvious way. You should see a load of output like this:
_dl_get_tls_static_info();
-> 10
getrlimit();
-> 0
sysconf();
-> 1000
libc_dl_error_tsd();
-> 7f5cc157f678
libc_pthread_init();
-> 7f5cc0b2b048
fopen64(/etc/selinux/config, r);
malloc(238);
-> 953220
free(953220);
->
...
fwrite_unlocked();
-> c
errno_location();
-> 7f5cc157f628
__ctype_get_mb_cur_max();
-> 6
fwrite_unlocked();
-> c
errno_location();
-> 7f5cc157f628
__ctype_get_mb_cur_max();
-> 6
fwrite_unlocked();
-> 6
free(961740);
->
showing all the library calls made by the application. I'm lazy, so the test module only decodes arguments for a very small set of functions, and doesn't do that particularly well.
This depends on a fairly recent glibc. 2.7 is definitely new enough, 2.3 definitely isn't, and I'm not sure about any of the ones in between.