[kohlschuetter]

I'd hope that most system-level programs remain dynamically linked to libc. I would be surprised, for example, if Alpine Linux would change their approach.

However, I can see that running code in a Hypervisor environment may benefit from static linking, and yes, unsock may have a hard time intercepting the syscalls.

In that scenario, I think adding kernel-level support for the mapping, like what libkrun's "Transparent Socket Impersonation" patches attempt, may be a viable alternative (see README.md)

I haven't deeply looked into it, but there's also the seccomp/ptrace interception route, which could achieve something like that from userland, but I suspect it's too heavy on performance.