Error loading opensnitch.o on Debian Trixie with 6.14 kernel · evilsocket/opensnitch · Discussion #1340 (original) (raw)
# objdump -h /usr/lib/opensnitchd/ebpf/opensnitch-dns.o
/usr/lib/opensnitchd/ebpf/opensnitch-dns.o: file format elf64-little
Sections:
Idx Name Size VMA LMA File off Algn
0 .text 00000000 0000000000000000 0000000000000000 00000040 2**2
CONTENTS, ALLOC, LOAD, READONLY, CODE
1 uretprobe/gethostbyname 00008830 0000000000000000 0000000000000000 00000040 2**3
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
2 uprobe/getaddrinfo 000001c8 0000000000000000 0000000000000000 00008870 2**3
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
3 uretprobe/getaddrinfo 00003ff0 0000000000000000 0000000000000000 00008a38 2**3
CONTENTS, ALLOC, LOAD, RELOC, READONLY, CODE
4 maps/addrinfo_args_hash 00000118 0000000000000000 0000000000000000 0000ca28 2**2
CONTENTS, ALLOC, LOAD, DATA
5 maps/events 00000118 0000000000000000 0000000000000000 0000cb40 2**2
CONTENTS, ALLOC, LOAD, DATA
6 license 00000004 0000000000000000 0000000000000000 0000cc58 2**0
CONTENTS, ALLOC, LOAD, DATA
7 version 00000004 0000000000000000 0000000000000000 0000cc5c 2**2
CONTENTS, ALLOC, LOAD, DATA
8 .debug_loclists 00000a2e 0000000000000000 0000000000000000 0000cc60 2**0
CONTENTS, READONLY, DEBUGGING, OCTETS
9 .debug_abbrev 000001b6 0000000000000000 0000000000000000 0000d68e 2**0
CONTENTS, READONLY, DEBUGGING, OCTETS
10 .debug_info 00000788 0000000000000000 0000000000000000 0000d844 2**0
CONTENTS, RELOC, READONLY, DEBUGGING, OCTETS
11 .debug_rnglists 000002f8 0000000000000000 0000000000000000 0000dfcc 2**0
CONTENTS, READONLY, DEBUGGING, OCTETS
12 .debug_str_offsets 00000264 0000000000000000 0000000000000000 0000e2c4 2**0
CONTENTS, RELOC, READONLY, DEBUGGING, OCTETS
13 .debug_str 000005c2 0000000000000000 0000000000000000 0000e528 2**0
CONTENTS, READONLY, DEBUGGING, OCTETS
14 .debug_addr 00000050 0000000000000000 0000000000000000 0000eaea 2**0
CONTENTS, RELOC, READONLY, DEBUGGING, OCTETS
15 .BTF 0000112b 0000000000000000 0000000000000000 0000eb3c 2**2
CONTENTS, RELOC, READONLY
16 .BTF.ext 00009160 0000000000000000 0000000000000000 0000fc68 2**2
CONTENTS, RELOC, READONLY
17 .eh_frame 00000070 0000000000000000 0000000000000000 00018dc8 2**3
CONTENTS, ALLOC, LOAD, RELOC, READONLY, DATA
18 .debug_line 00002cfc 0000000000000000 0000000000000000 00018e38 2**0
CONTENTS, RELOC, READONLY, DEBUGGING, OCTETS
19 .debug_line_str 000001c6 0000000000000000 0000000000000000 0001bb34 2**0
CONTENTS, READONLY, DEBUGGING, OCTETS
# ls -lh /sys/kernel/debug/tracing/uprobe_events
-rw-r----- 1 root root 0 May 5 08:15 /sys/kernel/debug/tracing/uprobe_events
# cat /sys/kernel/debug/tracing/uprobe_events
#
When running opensnitchd -debug, this is printed:
[2025-05-07 10:09:54] DBG [eBPF] trying to load /usr/local/lib/opensnitchd/ebpf/opensnitch-dns.o
[2025-05-07 10:09:54] DBG [eBPF] trying to load /usr/lib/opensnitchd/ebpf/opensnitch-dns.o
[2025-05-07 10:09:54] INF Running on netfilter queue #0 ...
[2025-05-07 10:09:54] DBG [eBPF] trying to load /etc/opensnitchd/opensnitch-dns.o
[2025-05-07 10:09:54] ERR [eBPF DNS]:
unable to load eBPF module (opensnitch-dns.o). Your kernel version (6.14-amd64) might not be compatible.
If this error persists, change process monitor method to 'proc'
[2025-05-07 10:09:54] WAR EBPF-DNS: Unable to attach ebpf listener:
unable to load eBPF module (opensnitch-dns.o). Your kernel version (6.14-amd64) might not be compatible.
If this error persists, change process monitor method to 'proc'
opensnitchd output does not mention libc.so.6:
# opensnitchd -debug 2>&1 | grep libc.so