Alex Bender

Aha, I see, thanks.

What do you think about using hard links instead of ~~copying~~ moving files? Maybe even copying.

I have another error. This is tmux panes: ``` /tmp/zozo $ echo $$ 11787 /tmp/zozo $ ls test test_ /tmp/zozo $ ────────────────────────────────────────────────────────────────────────────────────────── Attach process 11787 test test_ Debugger error: [KeyError]...

@trufae @enovella guys, glad to see you involved in that project!

To be honest I can't understand how to compile it... I've tried `go install ...` but got error: ``` can't load package: package github.com/andrewkroh/go-ebpf/cmd/execsnoop: cannot find package "github.com/andrewkroh/go-ebpf/cmd/execsnoop" in any...

Also, I've installed all packages from Dockerfile, but: ``` $ go get github.com/andrewkroh/go-ebpf/cmd/execsnoop # github.com/andrewkroh/go-ebpf/vendor/github.com/iovisor/gobpf/elf In file included from /home/alex/go/src/github.com/andrewkroh/go-ebpf/vendor/github.com/iovisor/gobpf/elf/elf.go:52:0: ./include/bpf.h:11:30: fatal error: linux/bpf_common.h: No such file or directory #include...

Thanks for explanation. My system is regular `Debian 8` with kernel from repository: `linux-image-4.9.0-0.bpo.2-amd64`. But I'll try to change Makefile.

After fixing Makefile still has this error: ``` make clang \ -D__KERNEL__ \ -D__ASM_SYSREG_H \ -Wno-address-of-packed-member \ -O2 -emit-llvm -c exec.c \ -I ../../common/bpf \ -I /lib/modules/4.9.0-0.bpo.2-amd64/source/include \ -I /lib/modules/4.9.0-0.bpo.2-amd64/source/arch/x86/include...

@trufae there is actually some strings in file, like File Version Don't know how to read the number after, can't get it as on screan

I don't know what exactly I should do but you can find it at addr `0x00c4a276` in binary https://down.360safe.com/setup.exe