From 8df9f2ee028f1a9fee1bf93df053dcfd3ecacca7 Mon Sep 17 00:00:00 2001 From: albert <> Date: Sun, 30 Oct 2005 02:45:45 +0000 Subject: [PATCH] SE Linux alias translation code (broken) --- ps/module.mk | 2 +- ps/output.c | 37 ++++++++++++++++++++++++++++++++++++- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/ps/module.mk b/ps/module.mk index 258fef67..b4b07c50 100755 --- a/ps/module.mk +++ b/ps/module.mk @@ -20,7 +20,7 @@ PS_X := COPYING HACKING TRANSLATION common.h module.mk it p ps.1 regression TARFILES += $(PSSRC) $(addprefix ps/,$(PS_X)) ps/ps: $(PSOBJ) $(LIBPROC) - $(CC) $(ALL_CFLAGS) $(ALL_LDFLAGS) -o $@ $^ + $(CC) $(ALL_CFLAGS) $(ALL_LDFLAGS) -o $@ $^ -ldl # This just adds the stacktrace code ps/debug: $(PSOBJ) stacktrace.o $(LIBPROC) diff --git a/ps/output.c b/ps/output.c index 00d66d83..a885a3dd 100644 --- a/ps/output.c +++ b/ps/output.c @@ -53,6 +53,7 @@ #include #include #include +#include #include "../proc/readproc.h" #include "../proc/sysinfo.h" @@ -1091,8 +1092,8 @@ static int pr_sgi_p(char *restrict const outbuf, const proc_t *restrict const pp /****************** FLASK & seLinux security stuff **********************/ - // move the bulk of this to libproc sometime + static int pr_context(char *restrict const outbuf, const proc_t *restrict const pp){ char filename[48]; size_t len; @@ -1122,6 +1123,40 @@ fail: } +// move the bulk of this to libproc sometime +static int pr_context(char *restrict const outbuf, const proc_t *restrict const pp){ + static int (*ps_getpidcon)(pid_t pid, char **context) = 0; + static int tried_load = 0; + size_t len; + char *context; + + if(!ps_getpidcon && !tried_load){ + void *handle = dlopen("libselinux.so.1", RTLD_NOW); + if(handle){ + dlerror(); + ps_getpidcon = dlsym(handle, "getpidcon"); + if(dlerror()) + ps_getpidcon = 0; + } + tried_load++; + } + if(ps_getpidcon && !ps_getpidcon(pp->tgid, &context)){ + size_t max_len = OUTBUF_SIZE-1; + len = strlen(context); + if(len > max_len) len = max_len; + memcpy(outbuf, context, len); + outbuf[len] = '\0'; + free(context); + }else{ + outbuf[0] = '-'; + outbuf[1] = '\0'; + len = 1; + } + return len; +} + + + ////////////////////////////// Test code ///////////////////////////////// // like "args"