Determine direct shared object dependencies of a Linux binary?
Solution 1
You can use readelf
to explore the ELF headers. readelf -d
will list the direct dependencies as NEEDED
sections.
$ readelf -d elfbin
Dynamic section at offset 0xe30 contains 22 entries:
Tag Type Name/Value
0x0000000000000001 (NEEDED) Shared library: [libssl.so.1.0.0]
0x0000000000000001 (NEEDED) Shared library: [libc.so.6]
0x000000000000000c (INIT) 0x400520
0x000000000000000d (FINI) 0x400758
...
Solution 2
If you want to find dependencies recursively (including dependencies of dependencies, dependencies of dependencies of dependencies and so on)…
You may use ldd
command.
ldd - print shared library dependencies
Solution 3
The objdump
tool can tell you this information. If you invoke objdump
with the -x
option, to get it to output all headers then you'll find the shared object dependencies right at the start in the "Dynamic Section".
For example running objdump -x /usr/lib/libXpm.so.4
on my system gives the following information in the "Dynamic Section":
Dynamic Section:
NEEDED libX11.so.6
NEEDED libc.so.6
SONAME libXpm.so.4
INIT 0x0000000000002450
FINI 0x000000000000e0e8
GNU_HASH 0x00000000000001f0
STRTAB 0x00000000000011a8
SYMTAB 0x0000000000000470
STRSZ 0x0000000000000813
SYMENT 0x0000000000000018
PLTGOT 0x000000000020ffe8
PLTRELSZ 0x00000000000005e8
PLTREL 0x0000000000000007
JMPREL 0x0000000000001e68
RELA 0x0000000000001b38
RELASZ 0x0000000000000330
RELAENT 0x0000000000000018
VERNEED 0x0000000000001ad8
VERNEEDNUM 0x0000000000000001
VERSYM 0x00000000000019bc
RELACOUNT 0x000000000000001b
The direct shared object dependencies are listing as 'NEEDED' values. So in the example above, libXpm.so.4
on my system just needs libX11.so.6
and libc.so.6
.
It's important to note that this doesn't mean that all the symbols needed by the binary being passed to objdump
will be present in the libraries, but it does at least show what libraries the loader will try to load when loading the binary.
Solution 4
ldd -v prints the dependency tree under "Version information:' section. The first block in that section are the direct dependencies of the binary.
Related videos on Youtube
![daxsorbito](https://i.stack.imgur.com/1ktzX.png?s=256&g=1)
daxsorbito
Symbian/C++/Java/Python/Perl developer, architect and general firefigher in the UK.
Updated on February 09, 2020Comments
-
daxsorbito over 4 years
How can I easily find out the direct shared object dependencies of a Linux binary in ELF format?
I'm aware of the ldd tool, but that appears to output all dependencies of a binary, including the dependencies of any shared objects that binary is dependent on.
-
Ciro Santilli OurBigBook.com about 8 years
-
-
daxsorbito almost 13 yearsThe ldd command works out dependencies of dependencies, which isn't what I want.
-
Philipp F almost 12 yearsFor me this works fine. And it even tells you, which of the libraries could and could not be found.
-
Tuxdude over 11 yearsldd would not work with an executable - only for finding out the dependencies of shared libraries it is useful.
-
Vitaly Isaev over 10 yearsTuxdude, why do you think so? What is the reason of ldd's unusability for ELF executables?
-
Robert Calhoun over 9 yearsThis is great. Unlike ldd, readelf can inspect a cross-platform binary (i.e. inspect an ARM executable from x86-64 linux.)
-
Tomáš Zato about 7 yearsThis is awesome for copiyng required shared libs from development machine to deployment archive.
-
jgh almost 5 yearsIt would be better to put an example of the command in this answer since the linked website may disappear at some point in the future.
-
m4l490n almost 4 yearsWhat is the difference between this and
objdump -x <binary> | grep "NEEDED"
? I mean, both are almost exactly the same, I'm just getting one.so
file more withldd
thanobjdump
. But the fact the results are not the same makes me wonder which method is more accurate. -
kkm over 3 years@m4l490n, if your discrepancy name is
linux-vdso.so
, this is a virtual library injected by the kernel into every process. It exists as a file only during kernel build, and then just stored inside the kernel. It is speeding up unprivileged calls astime()
that do not really require an expensive mode transition. -
kkm over 3 years@m4l490n, using
ldd
on a file is a security risk, as it loads the loader specified in the file itself to load the file and resolve its dependencies. The glaring holes have been patched, but keep in mind that withldd
you are one jump away from running the program, it essentially tells the loader to run the program, resolve dependencies and trace them, and stop just at the last moment. Bothobjdump
andreadelf
read ELF as data files.objdump
uses the common bfd library to parse the file,readelf
is self-contained (read comments at the start of its source for an explanation why). -
Tomasz Gandor over 3 yearsThis produces some more output than the other answers, which may or may not be an advantage.