I tried to intercept some write(2) system calls issued by a running container. For a starter, I added fmt.Println("log") in "
https://github.com/google/gvisor/blob/master/pkg/sentry/syscalls/linux/sys_write.go#L46" to make sure I intercept at the right location, as what Ian Lewis said in
Custom syscall Handling (google.com). It works well, whenever there is any write system call, my log write is triggered.
However, when I tried to do more complex logic (I tried to make an HTTP request when Sentry detects writes syscall, I tried to log the wrote request in a file using os.WriteFile), the running container stop immediately.
Is this because of the limited syscall that Sentry can use? so I can't create an HTTP request or write a file from Sentry? Is there any better way to intercept file IO syscall in Sentry?
Thank you for the guidance!