[procps] constructor order fix, make fix, merged selinux patches
Jan Görig
jgorig at fedoraproject.org
Thu Sep 23 14:14:48 UTC 2010
commit 0d7665f3e2f65786cfb14dec43e448449627491e
Author: Jan Görig <jgorig at redhat.com>
Date: Thu Sep 23 16:11:30 2010 +0200
constructor order fix, make fix, merged selinux patches
procps-3.2.7-libselinux.patch | 61 ---------------------
procps-3.2.7-ps-libselinux.patch | 11 ----
procps-3.2.7-selinux-workaround.patch | 14 -----
procps-3.2.7-selinux.patch | 23 --------
procps-3.2.8-constructor-order.patch | 38 +++++++++++++
procps-3.2.8-make.patch | 13 +++++
procps-3.2.8-selinux.patch | 96 +++++++++++++++++++++++++++++++++
7 files changed, 147 insertions(+), 109 deletions(-)
---
diff --git a/procps-3.2.8-constructor-order.patch b/procps-3.2.8-constructor-order.patch
new file mode 100644
index 0000000..a318bd4
--- /dev/null
+++ b/procps-3.2.8-constructor-order.patch
@@ -0,0 +1,38 @@
+Description: Call libproc constructors in strict order
+ Having one constructor depend on another means if the order is reversed
+ you get a different result. Patched based on idea by Tom Evans.
+Bug-Debian: http://bugs.debian.org/460331
+Author: Craig Small <csmall at debian.org>
+Adapted to Fedora: Jan Görig <jgorig at redhat.com>
+--- a/proc/sysinfo.c
++++ b/proc/sysinfo.c
+@@ -213,6 +213,7 @@
+ static void init_libproc(void) __attribute__((constructor));
+ static void init_libproc(void){
+ have_privs = check_for_privs();
++ init_Linux_version(); /* Must be called before we check code */
+ // ought to count CPUs in /proc/stat instead of relying
+ // on glibc, which foolishly tries to parse /proc/cpuinfo
+ //
+--- a/proc/version.c
++++ b/proc/version.c
+@@ -33,8 +33,7 @@
+
+ int linux_version_code;
+
+-static void init_Linux_version(void) __attribute__((constructor));
+-static void init_Linux_version(void) {
++void init_Linux_version(void) {
+ int x = 0, y = 0, z = 0; /* cleared in case sscanf() < 3 */
+ FILE *fp;
+ char buf[256];
+--- a/proc/version.h
++++ b/proc/version.h
+@@ -14,6 +14,7 @@
+
+ EXTERN_C_BEGIN
+
++void init_Linux_version(void); /* Get Linux version */
+ extern void display_version(void); /* display suite version */
+ extern const char procps_version[]; /* global buf for suite version */
+ extern const char procps_number_version[]; /* global buf for suite number version */
diff --git a/procps-3.2.8-make.patch b/procps-3.2.8-make.patch
new file mode 100644
index 0000000..9e81546
--- /dev/null
+++ b/procps-3.2.8-make.patch
@@ -0,0 +1,13 @@
+diff -up procps-3.2.8/Makefile.make procps-3.2.8/Makefile
+--- procps-3.2.8/Makefile.make 2010-09-08 18:16:34.000000000 +0200
++++ procps-3.2.8/Makefile 2010-09-08 18:54:41.668727996 +0200
+@@ -174,7 +174,8 @@ INSTALL := $(BINFILES) $(MANFILES)
+ # want this rule first, use := on ALL, and ALL not filled in yet
+ all: do_all
+
+--include */module.mk
++-include proc/module.mk
++-include ps/module.mk
+
+ do_all: $(ALL)
+
diff --git a/procps-3.2.8-selinux.patch b/procps-3.2.8-selinux.patch
new file mode 100644
index 0000000..a8c1f74
--- /dev/null
+++ b/procps-3.2.8-selinux.patch
@@ -0,0 +1,96 @@
+diff --git a/Makefile b/Makefile
+index 09fb3ed..4d05900 100644
+--- a/Makefile
++++ b/Makefile
+@@ -73,12 +73,12 @@ CURSES := -lncurses
+ # Something like this is probably needed to make the SE Linux
+ # library loading not conflict with embedded systems stuff.
+ #
+-#ifeq ($(SHARED),1)
+-#ldl := -ldl
+-#LIBTYPE := -DSHAREDLIB
+-#else
+-#LIBTYPE := -DSTATICLIB
+-#endif
++ifeq ($(SHARED),1)
++ldl := -ldl
++LIBTYPE := -DSHAREDLIB
++else
++LIBTYPE := -DSTATICLIB
++endif
+
+ # Preprocessor flags.
+ PKG_CPPFLAGS := -D_GNU_SOURCE -I proc
+@@ -103,7 +103,7 @@ PKG_CFLAGS := -fno-common -ffast-math \
+ # Note that some stuff below is conditional on CFLAGS containing
+ # an option that starts with "-g". (-g, -g2, -g3, -ggdb, etc.)
+ CFLAGS := -O2 -s
+-ALL_CFLAGS := $(PKG_CFLAGS) $(CFLAGS)
++ALL_CFLAGS := $(PKG_CFLAGS) $(CFLAGS) $(LIBTYPE)
+
+ PKG_LDFLAGS := -Wl,-warn-common
+ LDFLAGS :=
+diff --git a/ps/output.c b/ps/output.c
+index 87bf9de..edbb4cb 100644
+--- a/ps/output.c
++++ b/ps/output.c
+@@ -1099,7 +1099,7 @@ static int pr_sgi_p(char *restrict const outbuf, const proc_t *restrict const pp
+ return snprintf(outbuf, COLWID, "*");
+ }
+
+-
++#ifdef STATICLIB
+ /****************** FLASK & seLinux security stuff **********************/
+ // move the bulk of this to libproc sometime
+
+@@ -1131,7 +1131,7 @@ fail:
+ return 1;
+ }
+
+-#if 0
++#else
+ // This needs more study, considering:
+ // 1. the static linking option (maybe disable this in that case)
+ // 2. the -z and -Z option issue
+diff --git a/ps/parser.c b/ps/parser.c
+index 5ad9035..2659d4d 100644
+--- a/ps/parser.c
++++ b/ps/parser.c
+@@ -231,7 +231,7 @@ static const char *parse_sysv_option(void){
+ // In the meantime, please do not add to it. The list is
+ // intended to ONLY contain flags defined by the POSIX and UNIX
+ // standards published by The Open Group, IEEE, and ISO.
+- if(!strchr("aAdefgGlnoptuU", *flagptr)) not_pure_unix = 1; // dude, -Z ain't in POSIX
++ if(!strchr("aAdefgGlnoptuUZ", *flagptr)) not_pure_unix = 1; // dude, -Z ain't in POSIX
+
+ switch(*flagptr){
+ case 'A':
+diff --git a/ps/ps.1 b/ps/ps.1
+index 64953d5..aab2584 100644
+--- a/ps/ps.1
++++ b/ps/ps.1
+@@ -450,6 +450,9 @@ display virtual memory format
+ Do not show flags; show rss in place of addr.
+ This option can only be used with \fB\-l\fR.
+
++.opt \-Z
++display security context format (SELinux, etc.)
++
+ .opt \-\-format \ format
+ user\-defined format. Identical to \fB\-o\fR and \fBo\fR.
+
+diff --git a/w.c b/w.c
+index 1b2a0fc..207a8a1 100644
+--- a/w.c
++++ b/w.c
+@@ -163,6 +163,10 @@ static const proc_t *getproc(const utmp_t *restrict const u, const char *restric
+ if(best && tmp->start_time <= best->start_time) continue;
+ best = tmp;
+ }
++ /* It is there but SELinux wouldn't allow us to know the detail. Really
++ w should just be given rights */
++ if(!kill(u->ut_pid, 0) || errno != ESRCH)
++ *found_utpid = 1;
+ return best ? best : secondbest;
+ }
+
More information about the scm-commits
mailing list