| From 89fa40f0a55096a62809e852244d7db3f445b0cd Mon Sep 17 00:00:00 2001 |
| From: Craig Small <csmall@enc.com.au> |
| Date: Sun, 7 Oct 2012 10:52:46 +1100 |
| Subject: [PATCH] pstree compiles with SE Linux |
| |
| pstree failed to compile with SE Linux enabled because one of the |
| scontext was missed and without it enabled the bug doesn't appear. |
| |
| pstree is now re-worked so scontext is defined as a dummy meaning |
| most of the code except the reall SE Linux specific stuff is compilied |
| meaning this sort of thing shouldn't happen too much again. |
| |
| Bug-Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=437332 |
| Bug-Sourceforge: https://sourceforge.net/p/psmisc/bugs/54/ |
| --- |
| src/pstree.c | 69 ++++++------------------------------------------------------ |
| 1 file changed, 6 insertions(+), 63 deletions(-) |
| |
| diff --git a/src/pstree.c b/src/pstree.c |
| index db57244..b9a01cf 100644 |
| --- a/src/pstree.c |
| +++ b/src/pstree.c |
| @@ -47,6 +47,8 @@ |
| |
| #ifdef WITH_SELINUX |
| #include <selinux/selinux.h> |
| +#else |
| +typedef void* security_context_t; /* DUMMY to remove most ifdefs */ |
| #endif /*WITH_SELINUX */ |
| |
| extern const char *__progname; |
| @@ -81,9 +83,7 @@ typedef struct _proc { |
| pid_t pid; |
| pid_t pgid; |
| uid_t uid; |
| -#ifdef WITH_SELINUX |
| security_context_t scontext; |
| -#endif /*WITH_SELINUX */ |
| char flags; |
| struct _child *children; |
| struct _proc *parent; |
| @@ -131,16 +131,14 @@ static int *more = NULL; |
| |
| static int print_args = 0, compact = 1, user_change = 0, pids = 0, pgids = 0, |
| show_parents = 0, by_pid = 0, trunc = 1, wait_end = 0; |
| -#ifdef WITH_SELINUX |
| static int show_scontext = 0; |
| -#endif /*WITH_SELINUX */ |
| static int output_width = 132; |
| static int cur_x = 1; |
| static char last_char = 0; |
| static int dumped = 0; /* used by dump_by_user */ |
| static int charlen = 0; /* length of character */ |
| |
| -static void fix_orphans(void); |
| +static void fix_orphans(security_context_t scontext); |
| /* |
| * Allocates additional buffer space for width and more as needed. |
| * The first call will allocate the first buffer. |
| @@ -229,15 +227,12 @@ static int out_int(int x) |
| return digits; |
| } |
| |
| -#ifdef WITH_SELINUX |
| static void out_scontext(security_context_t scontext) |
| { |
| out_string("`"); |
| out_string(scontext); |
| out_string("'"); |
| } |
| -#endif /*WITH_SELINUX */ |
| - |
| |
| static void out_newline(void) |
| { |
| @@ -259,12 +254,8 @@ static PROC *find_proc(pid_t pid) |
| return NULL; |
| } |
| |
| -#ifdef WITH_SELINUX |
| static PROC *new_proc(const char *comm, pid_t pid, uid_t uid, |
| security_context_t scontext) |
| -#else /*WITH_SELINUX */ |
| -static PROC *new_proc(const char *comm, pid_t pid, uid_t uid) |
| -#endif /*WITH_SELINUX */ |
| { |
| PROC *new; |
| |
| @@ -279,9 +270,7 @@ static PROC *new_proc(const char *comm, pid_t pid, uid_t uid) |
| new->flags = 0; |
| new->argc = 0; |
| new->argv = NULL; |
| -#ifdef WITH_SELINUX |
| new->scontext = scontext; |
| -#endif /*WITH_SELINUX */ |
| new->children = NULL; |
| new->parent = NULL; |
| new->next = list; |
| @@ -364,24 +353,14 @@ rename_proc(PROC *this, const char *comm, uid_t uid) |
| } |
| } |
| } |
| -#ifdef WITH_SELINUX |
| static void |
| add_proc(const char *comm, pid_t pid, pid_t ppid, pid_t pgid, uid_t uid, |
| const char *args, int size, char isthread, security_context_t scontext) |
| -#else /*WITH_SELINUX */ |
| -static void |
| -add_proc(const char *comm, pid_t pid, pid_t ppid, pid_t pgid, uid_t uid, |
| - const char *args, int size, char isthread) |
| -#endif /*WITH_SELINUX */ |
| { |
| PROC *this, *parent; |
| |
| if (!(this = find_proc(pid))) |
| -#ifdef WITH_SELINUX |
| this = new_proc(comm, pid, uid, scontext); |
| -#else /*WITH_SELINUX */ |
| - this = new_proc(comm, pid, uid); |
| -#endif /*WITH_SELINUX */ |
| else { |
| rename_proc(this, comm, uid); |
| } |
| @@ -393,11 +372,7 @@ add_proc(const char *comm, pid_t pid, pid_t ppid, pid_t pgid, uid_t uid, |
| if (isthread) |
| this->flags |= PFLAG_THREAD; |
| if (!(parent = find_proc(ppid))) { |
| -#ifdef WITH_SELINUX |
| parent = new_proc("?", ppid, 0, scontext); |
| -#else /*WITH_SELINUX */ |
| - parent = new_proc("?", ppid, 0); |
| -#endif |
| } |
| if (pid != 0) { |
| add_child(parent, this); |
| @@ -494,12 +469,10 @@ dump_tree(PROC * current, int level, int rep, int leaf, int last, |
| else |
| (void) out_int(current->uid); |
| } |
| -#ifdef WITH_SELINUX |
| if (show_scontext) { |
| out_char(info++ ? ',' : '('); |
| out_scontext(current->scontext); |
| } |
| -#endif /*WITH_SELINUX */ |
| if ((swapped && print_args && current->argc < 0) || (!swapped && info)) |
| out_char(')'); |
| if ((current->flags & PFLAG_HILIGHT) && (tmp = tgetstr("me", NULL))) |
| @@ -520,11 +493,7 @@ dump_tree(PROC * current, int level, int rep, int leaf, int last, |
| } |
| } |
| } |
| -#ifdef WITH_SELINUX |
| if (show_scontext || print_args || !current->children) |
| -#else /*WITH_SELINUX */ |
| - if (print_args || !current->children) |
| -#endif /*WITH_SELINUX */ |
| { |
| while (closing--) |
| out_char(']'); |
| @@ -533,11 +502,7 @@ dump_tree(PROC * current, int level, int rep, int leaf, int last, |
| ensure_buffer_capacity(level); |
| more[level] = !last; |
| |
| -#ifdef WITH_SELINUX |
| if (show_scontext || print_args) |
| -#else /*WITH_SELINUX */ |
| - if (print_args) |
| -#endif /*WITH_SELINUX */ |
| { |
| width[level] = swapped + (comm_len > 1 ? 0 : -1); |
| count=0; |
| @@ -653,8 +618,8 @@ static void read_proc(void) |
| pid_t pid, ppid, pgid; |
| int fd, size; |
| int empty; |
| -#ifdef WITH_SELINUX |
| security_context_t scontext = NULL; |
| +#ifdef WITH_SELINUX |
| int selinux_enabled = is_selinux_enabled() > 0; |
| #endif /*WITH_SELINUX */ |
| |
| @@ -726,21 +691,12 @@ static void read_proc(void) |
| while ((dt = readdir(taskdir)) != NULL) { |
| if ((thread = atoi(dt->d_name)) != 0) { |
| if (thread != pid) { |
| -#ifdef WITH_SELINUX |
| if (print_args) |
| add_proc(threadname, thread, pid, pgid, st.st_uid, |
| threadname, strlen (threadname) + 1, 1,scontext); |
| else |
| add_proc(threadname, thread, pid, pgid, st.st_uid, |
| NULL, 0, 1, scontext); |
| -#else /*WITH_SELINUX */ |
| - if (print_args) |
| - add_proc(threadname, thread, pid, pgid, st.st_uid, |
| - threadname, strlen (threadname) + 1, 1); |
| - else |
| - add_proc(threadname, thread, pid, pgid, st.st_uid, |
| - NULL, 0, 1); |
| -#endif /*WITH_SELINUX */ |
| } |
| } |
| } |
| @@ -749,11 +705,7 @@ static void read_proc(void) |
| } |
| free(taskpath); |
| if (!print_args) |
| -#ifdef WITH_SELINUX |
| add_proc(comm, pid, ppid, pgid, st.st_uid, NULL, 0, 0, scontext); |
| -#else /*WITH_SELINUX */ |
| - add_proc(comm, pid, ppid, pgid, st.st_uid, NULL, 0, 0); |
| -#endif /*WITH_SELINUX */ |
| else { |
| sprintf(path, "%s/%d/cmdline", PROC_BASE, pid); |
| if ((fd = open(path, O_RDONLY)) < 0) { |
| @@ -770,13 +722,8 @@ static void read_proc(void) |
| size--; |
| if (size) |
| buffer[size++] = 0; |
| -#ifdef WITH_SELINUX |
| add_proc(comm, pid, ppid, pgid, st.st_uid, |
| buffer, size, 0, scontext); |
| -#else /*WITH_SELINUX */ |
| - add_proc(comm, pid, ppid, pgid, st.st_uid, |
| - buffer, size, 0); |
| -#endif /*WITH_SELINUX */ |
| } |
| } |
| } |
| @@ -787,7 +734,7 @@ static void read_proc(void) |
| } |
| } |
| (void) closedir(dir); |
| - fix_orphans(); |
| + fix_orphans(scontext); |
| if (print_args) |
| free(buffer); |
| if (empty) { |
| @@ -796,7 +743,7 @@ static void read_proc(void) |
| } |
| } |
| |
| -static void fix_orphans(void) |
| +static void fix_orphans(security_context_t scontext) |
| { |
| /* When using kernel 3.3 with hidepid feature enabled on /proc |
| * then we need fake root pid and gather all the orphan processes |
| @@ -807,11 +754,7 @@ static void fix_orphans(void) |
| PROC *root, *walk; |
| |
| if (!(root = find_proc(ROOT_PID))) { |
| -#ifdef WITH_SELINUX |
| root = new_proc("?", ROOT_PID, 0, scontext); |
| -#else /*WITH_SELINUX */ |
| - root = new_proc("?", ROOT_PID, 0); |
| -#endif |
| } |
| for (walk = list; walk; walk = walk->next) { |
| if (walk->pid == 1 || walk->pid == 0) |
| -- |
| 1.7.12 |
| |