Provided by: pax-utils_1.3.7-1_amd64 bug

NAME

       scanelf - user-space utility to scan ELF files

SYNOPSIS

       scanelf [options] ELFs or directories

DESCRIPTION

       scanelf is a user-space utility to quickly scan given ELFs, directories, or common system
       paths for different information. This may include ELF types, their PaX markings, TEXTRELs,
       etc...

OPTIONS

       -A, --archives
           Scan archives (.a files)

       -a, --all
           Print all useful/simple info

       -B, --nobanner
           Don't display the header

       -b, --bind
           Print symbol binding information (lazy or now)

       -D, --endian
           Print ELF endianness (big/little/...)

       -E, --etype ETYPE
           Print only ELF files matching specified etype (like ET_DYN, ET_EXEC, etc...)

       -e, --header
           Print GNU_STACK markings

       -F, --format FORMAT
           Use specified format for output; see the FORMAT section for more information

       -f, --from FILE
           Read input stream from specified filename

       -g, --gmatch
           Use strncmp to match libraries (use with -N). Or regexp with symbol matching

       -h, --help
           Show condensed usage and exit

       -I, --osabi
           Print OSABI

       -i, --interp
           Print the interpreter information (.interp/PT_INTERP)

       -k, --section SECTION
           Find ELFs with the specified section. May be specified multiple times to match
           multiple sections simultaneously. See SECTION MATCHING for more info.

       -L, --ldcache
           Utilize ld.so.cache information (use with -r/-n)

       -l, --ldpath
           Scan all directories in /etc/ld.so.conf

       -M, --bits BITS
           Print only ELF files matching specified numeric bits (like 32/64)

       -m, --mount
           Don't recursively cross mount points

       -N, --lib SONAME
           Find ELFs that need the specified SONAME. May be specified multiple times to match
           multiple SONAMEs simultaneously. See SONAME MATCHING for more info.

       -n, --needed
           Print libraries the ELF is linked against (DT_NEEDED)

       -O, --perms PERMS
           Print only ELF files with matching specified octal bits (like 755)

       -o, --file FILE
           Write output stream to specified filename

       -p, --path
           Scan all directories in PATH environment

       -q, --quiet
           Only output 'bad' things

       -R, --recursive
           Scan directories recursively

       -r, --rpath
           Print runpaths encoded in the ELF (DT_RPATH/DT_RUNPATH)

       -S, --soname
           Print the ELF's shared library name (DT_SONAME)

       -s, --symbol SYMBOL
           Find the specified symbol; see SYMBOL MATCHING for more info

       -T, --textrels
           Locate cause of TEXTRELs via objdump

       -t, --textrel
           Print TEXTREL information

       -V, --version
           Print version and exit

       -v, --verbose
           Be verbose (can be used more than once)

       -X, --fix
           Try and 'fix' bad things (use with -r/-e)

       -x, --pax
           Print PaX markings

       -Y, --eabi
           Print EABI (only matters for a few architectures)

       -y, --symlink
           Don't scan symlinks

       -Z, --size SIZE
           Print ELF file size

       -z, --setpax FLAGS
           Sets EI_PAX/PT_PAX_FLAGS to specified flags (use with -Xx)

       --use-ldpath
           Use the ld.so.conf paths to find the full path to libraries (use in conjunction with
           --needed).

       --root PATH
           Search the specified root tree instead of /. Generally paired with options like -l or
           -p. This implicitly treats all paths specified on the command line as relative to the
           root, so be sure to omit it if you are explicitly listing ELFs.

       --ldcache PATH
           Use specified path instead of /etc/ld.so.cache. Generally paired with options like -L
           or -n.

FORMAT

       The format string is much like a printf string in that it is a literal string with flags
       requesting different information. For example, you could use a format string and expect
       the following results.

             # scanelf -BF "file %f needs %n; funky time" /bin/bash
             file bash needs libncurses.so.5,libdl.so.2,libc.so.6; funky time

       Note that when you use a format string, generally information related flags should be
       omitted. In other words, you do not want to try and request NEEDED output (-n) and try to
       specify a format output at the same time as these operations are mutually exclusive. Each
       information related flag has an equivalent conversion specifier, so use those instead. You
       can of course continue to use non-information related flags (such as --verbose).

       There are three characters that introduce conversion specifiers.

       • % - replace with info
       • # - silent boolean match
       • + - verbose match

       And there are a number of conversion specifiers. We try to match up the specifier with
       corresponding option.

       • a - machine (EM) type
       • b - bind flags
       • e - program headers
       • D - endian
       • I - osabi
       • Y - eabi
       • F - long filename
       • f - short filename
       • i - interp
       • k - section
       • M - EI class
       • N - specified needed
       • n - needed libraries
       • p - filename (minus search)
       • o - etype
       • O - perms
       • r - runpaths
       • S - SONAME
       • s - symbol
       • T - all textrels
       • t - textrel status
       • x - pax flags

SYMBOL MATCHING

       The string specified takes the form [%[modifiers]%][[+-]<symbol name>][,[.....]].

       If the symbol name is empty, then all symbols are matched.

       If the symbol name is a glob ("*"), then all symbols are dumped in a debug format. Do not
       rely on the structure of this output as it changes whenever we feel like it.

       If the first char of the symbol name is a plus ("+"), then only match defined symbols. If
       it's a minus ("-"), only match undefined symbols. When we say "defined", we mean the
       symbol is defined in the ELF vs having an external reference.

       Putting modifiers in between the percent signs ("%") allows for more in depth filters.
       There are groups of modifiers. If you don't specify a member of a group, then all types in
       that group are matched.

       • STT group (symbol type)
       • n - STT_NOTYPE
       • o - STT_OBJECT
       • f - STT_FUNC
       • F - STT_FILE
       • STB group (symbol binding)
       • l - STB_LOCAL
       • g - STB_GLOBAL
       • w - STB_WEAK
       • STV group (symbol visibility)
       • p - STV_DEFAULT
       • i - STV_INTERNAL
       • h - STV_HIDDEN
       • P - STV_PROTECTED
       • SHN group (section header)
       • d - defined
       • u - SHN_UNDEF
       • a - SHN_ABS
       • c - SHN_COMMON

       You can search for multiple symbols simultaneously by using a comma (",") to separate
       different searches. Every symbol that matches will be displayed while unmatched symbols
       will not.

ELF ETYPES

       You can narrow your search by specifying the ELF object file type (ETYPE). The commandline
       option takes the numeric value and or symbolic type. Multiple values can be passed comma
       separated. Example -E ET_EXEC,ET_DYN,1

       Here is the normal list available for your pleasure. You of course are free to specify any
       numeric value you want.

       • 0 - ET_NONE - unknown type
       • 1 - ET_REL - relocatable file
       • 2 - ET_EXEC - executable file
       • 3 - ET_DYN - shared object
       • 4 - ET_CORE - core file

ELF BITS

       You can also narrow your search by specifying the ELF bitsize. Again, specify the numeric
       value or the symbolic define.

       • 32 - ELFCLASS32 - 32bit ELFs
       • 64 - ELFCLASS64 - 64bit ELFs

SECTION MATCHING

       A !  prefix will only show ELF's that do not have the specified section.

NEEDED SONAME MATCHING

       A !  prefix will only show ELF's that do not depend on the specified library.

HOMEPAGE

       https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities

REPORTING BUGS

       Please include as much information as possible (using any available debugging options) and
       send bug reports to the maintainers (see the AUTHORS section). Please use the Gentoo
       bugzilla at https://bugs.gentoo.org/ if possible.

SEE ALSO

       chpax(1), dumpelf(1), paxctl(1), pspax(1), readelf(1), scanelf(1), elf(5)

AUTHORS

       Ned Ludd <solar@gentoo.org>
           Maintainer

       Mike Frysinger <vapier@gentoo.org>
           Maintainer

       Fabian Groffen <grobian@gentoo.org>
           Mach-O Maintainer

NOTES

        1. https://wiki.gentoo.org/wiki/Hardened/PaX_Utilities

        2. https://bugs.gentoo.org/