| From: Jaromir Capik | To: procps-ng | Subject: [procps] Re: --enable-libselinux switch | diff -Naur procps-ng-3.3.8.orig/configure.ac procps-ng-3.3.8/configure.ac --- procps-ng-3.3.8.orig/configure.ac 2013-05-25 23:39:39.000000000 +0200 +++ procps-ng-3.3.8/configure.ac 2013-08-06 19:53:49.595654086 +0200 @@ -111,6 +111,14 @@ AC_DEFINE([WITH_WATCH8BIT], [1], [Enable 8 bit clean watch]) fi +AC_ARG_ENABLE([libselinux], + AS_HELP_STRING([--enable-libselinux], [enable libselinux]), + [enable_libselinux=$enableval], + [enable_libselinux="no"]) +if test "$enable_libselinux" = "yes"; then + AC_DEFINE([ENABLE_LIBSELINUX], [1], [Enable libselinux]) +fi + # Optional packages - AC_ARG_WITH AC_ARG_WITH([ncurses], AS_HELP_STRING([--without-ncurses], [build only applications not needing ncurses]), diff -Naur procps-ng-3.3.8.orig/ps/output.c procps-ng-3.3.8/ps/output.c --- procps-ng-3.3.8.orig/ps/output.c 2013-05-25 23:39:40.000000000 +0200 +++ procps-ng-3.3.8/ps/output.c 2013-08-06 19:55:32.477650664 +0200 @@ -1282,6 +1282,8 @@ /****************** FLASK & seLinux security stuff **********************/ // move the bulk of this to libproc sometime +#if !ENABLE_LIBSELINUX + static int pr_context(char *restrict const outbuf, const proc_t *restrict const pp){ char filename[48]; size_t len; @@ -1310,7 +1312,8 @@ return 1; } -#if 0 +#else + // This needs more study, considering: // 1. the static linking option (maybe disable this in that case) // 2. the -z and -Z option issue @@ -1345,6 +1348,7 @@ } return len; } + #endif From 4f0fe2993a92ac355ea8da3f1434cba0389ef389 Mon Sep 17 00:00:00 2001 From: Jim Warner Date: Wed, 7 Aug 2013 12:58:57 -0500 Subject: [PATCH] ps: address a potential 'newline' quirk the libselinux Sometimes with libselinux present but SELinux inactive the context reported is "unconfined" which contains an embedded newline. This then causes misalignment of any subsequent data. So, ps will now protect against that. Reference(s): http://www.freelists.org/post/procps/enablelibselinux-switch,14 Signed-off-by: Jim Warner --- ps/output.c | 1 + 1 file changed, 1 insertion(+) diff --git a/ps/output.c b/ps/output.c index b7b21d1..d457a89 100644 --- a/ps/output.c +++ b/ps/output.c @@ -1339,6 +1339,7 @@ static int pr_context(char *restrict const outbuf, const proc_t *restrict const len = strlen(context); if(len > max_len) len = max_len; memcpy(outbuf, context, len); + if (outbuf[len-1] == '\n') --len; outbuf[len] = '\0'; free(context); }else{ -- 1.8.1.2