procps/procps-3.2.7-selinux.patch

87 lines
2.2 KiB
Diff
Raw Normal View History

--- Makefile
+++ Makefile
@@ -73,12 +73,12 @@
# Something like this is probably needed to make the SE Linux
# library loading not conflict with embedded systems stuff.
#
-#ifeq ($(SHARED),1)
-#ldl := -ldl
-#LIBTYPE := -DSHAREDLIB
-#else
-#LIBTYPE := -DSTATICLIB
-#endif
+ifeq ($(SHARED),1)
+ldl := -ldl
+LIBTYPE := -DSHAREDLIB
+else
+LIBTYPE := -DSTATICLIB
+endif
# Preprocessor flags.
PKG_CPPFLAGS := -D_GNU_SOURCE -I proc
@@ -104,7 +104,7 @@
# an option that starts with "-g". (-g, -g2, -g3, -ggdb, etc.)
RPM_OPT_FLAGS = -O2 -s
CFLAGS = $(RPM_OPT_FLAGS)
-ALL_CFLAGS := $(PKG_CFLAGS) $(CFLAGS)
+ALL_CFLAGS := $(PKG_CFLAGS) $(CFLAGS) $(LIBTYPE)
PKG_LDFLAGS := -Wl,-warn-common
LDFLAGS :=
--- ps/output.c
+++ ps/output.c
@@ -1090,7 +1090,7 @@
return snprintf(outbuf, COLWID, "*");
}
-
+#ifdef STATICLIB
/****************** FLASK & seLinux security stuff **********************/
// move the bulk of this to libproc sometime
@@ -1122,7 +1122,7 @@
return 1;
}
-#if 0
+#else
// This needs more study, considering:
// 1. the static linking option (maybe disable this in that case)
// 2. the -z and -Z option issue
--- ps/parser.c
+++ ps/parser.c
@@ -231,7 +231,7 @@
// In the meantime, please do not add to it. The list is
// intended to ONLY contain flags defined by the POSIX and UNIX
// standards published by The Open Group, IEEE, and ISO.
- if(!strchr("aAdefgGlnoptuU", *flagptr)) not_pure_unix = 1; // dude, -Z ain't in POSIX
+ if(!strchr("aAdefgGlnoptuUZ", *flagptr)) not_pure_unix = 1; // dude, -Z ain't in POSIX
switch(*flagptr){
case 'A':
--- ps/ps.1
+++ ps/ps.1
@@ -450,6 +450,9 @@
Do not show flags; show rss in place of addr.
This option can only be used with \fB\-l\fR.
+.opt \-Z
+display security context format (SELinux, etc.)
+
.opt \-\-format \ format
user\-defined format. Identical to \fB\-o\fR and \fBo\fR.
--- w.c
+++ w.c
@@ -163,6 +163,10 @@
if(best && tmp->start_time <= best->start_time) continue;
best = tmp;
}
+ /* It is there but SELinux wouldn't allow us to know the detail. Really
+ w should just be given rights */
+ if(!kill(u->ut_pid, 0) || errno != ESRCH)
+ *found_utpid = 1;
return best ? best : secondbest;
}