summaryrefslogtreecommitdiff
blob: b4ac010ac8dcb7dac301bd8dac6cff95b934d75f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
From 89fa40f0a55096a62809e852244d7db3f445b0cd Mon Sep 17 00:00:00 2001
From: Craig Small <csmall@enc.com.au>
Date: Sun, 7 Oct 2012 10:52:46 +1100
Subject: [PATCH] pstree compiles with SE Linux

pstree failed to compile with SE Linux enabled because one of the
scontext was missed and without it enabled the bug doesn't appear.

pstree is now re-worked so scontext is defined as a dummy meaning
most of the code except the reall SE Linux specific stuff is compilied
meaning this sort of thing shouldn't happen too much again.

Bug-Gentoo: https://bugs.gentoo.org/show_bug.cgi?id=437332
Bug-Sourceforge: https://sourceforge.net/p/psmisc/bugs/54/
---
 src/pstree.c | 69 ++++++------------------------------------------------------
 1 file changed, 6 insertions(+), 63 deletions(-)

diff --git a/src/pstree.c b/src/pstree.c
index db57244..b9a01cf 100644
--- a/src/pstree.c
+++ b/src/pstree.c
@@ -47,6 +47,8 @@
 
 #ifdef WITH_SELINUX
 #include <selinux/selinux.h>
+#else
+typedef void* security_context_t; /* DUMMY to remove most ifdefs */
 #endif                                /*WITH_SELINUX */
 
 extern const char *__progname;
@@ -81,9 +83,7 @@ typedef struct _proc {
     pid_t pid;
     pid_t pgid;
     uid_t uid;
-#ifdef WITH_SELINUX
     security_context_t scontext;
-#endif                                /*WITH_SELINUX */
     char flags;
     struct _child *children;
     struct _proc *parent;
@@ -131,16 +131,14 @@ static int *more = NULL;
 
 static int print_args = 0, compact = 1, user_change = 0, pids = 0, pgids = 0,
     show_parents = 0, by_pid = 0, trunc = 1, wait_end = 0;
-#ifdef WITH_SELINUX
 static int show_scontext = 0;
-#endif                                /*WITH_SELINUX */
 static int output_width = 132;
 static int cur_x = 1;
 static char last_char = 0;
 static int dumped = 0;                /* used by dump_by_user */
 static int charlen = 0;                /* length of character */
 
-static void fix_orphans(void);
+static void fix_orphans(security_context_t scontext);
 /*
  * Allocates additional buffer space for width and more as needed.
  * The first call will allocate the first buffer.
@@ -229,15 +227,12 @@ static int out_int(int x)
     return digits;
 }
 
-#ifdef WITH_SELINUX
 static void out_scontext(security_context_t scontext)
 {
     out_string("`");
     out_string(scontext);
     out_string("'");
 }
-#endif                                /*WITH_SELINUX */
-
 
 static void out_newline(void)
 {
@@ -259,12 +254,8 @@ static PROC *find_proc(pid_t pid)
 	return NULL;
 }
 
-#ifdef WITH_SELINUX
 static PROC *new_proc(const char *comm, pid_t pid, uid_t uid,
                       security_context_t scontext)
-#else                                /*WITH_SELINUX */
-static PROC *new_proc(const char *comm, pid_t pid, uid_t uid)
-#endif                                /*WITH_SELINUX */
 {
     PROC *new;
 
@@ -279,9 +270,7 @@ static PROC *new_proc(const char *comm, pid_t pid, uid_t uid)
     new->flags = 0;
     new->argc = 0;
     new->argv = NULL;
-#ifdef WITH_SELINUX
     new->scontext = scontext;
-#endif                                /*WITH_SELINUX */
     new->children = NULL;
     new->parent = NULL;
     new->next = list;
@@ -364,24 +353,14 @@ rename_proc(PROC *this, const char *comm, uid_t uid)
 		}
 	}
 }
-#ifdef WITH_SELINUX
 static void
 add_proc(const char *comm, pid_t pid, pid_t ppid, pid_t pgid, uid_t uid,
          const char *args, int size, char isthread, security_context_t scontext)
-#else                                /*WITH_SELINUX */
-static void
-add_proc(const char *comm, pid_t pid, pid_t ppid, pid_t pgid, uid_t uid,
-         const char *args, int size, char isthread)
-#endif                                /*WITH_SELINUX */
 {
     PROC *this, *parent;
 
     if (!(this = find_proc(pid)))
-#ifdef WITH_SELINUX
         this = new_proc(comm, pid, uid, scontext);
-#else                                /*WITH_SELINUX */
-        this = new_proc(comm, pid, uid);
-#endif                                /*WITH_SELINUX */
     else {
 	    rename_proc(this, comm, uid);
     }
@@ -393,11 +372,7 @@ add_proc(const char *comm, pid_t pid, pid_t ppid, pid_t pgid, uid_t uid,
     if (isthread)
       this->flags |= PFLAG_THREAD;
     if (!(parent = find_proc(ppid))) {
-#ifdef WITH_SELINUX
         parent = new_proc("?", ppid, 0, scontext);
-#else                                /*WITH_SELINUX */
-        parent = new_proc("?", ppid, 0);
-#endif
     }
     if (pid != 0) {
       add_child(parent, this);
@@ -494,12 +469,10 @@ dump_tree(PROC * current, int level, int rep, int leaf, int last,
         else
             (void) out_int(current->uid);
     }
-#ifdef WITH_SELINUX
     if (show_scontext) {
         out_char(info++ ? ',' : '(');
         out_scontext(current->scontext);
     }
-#endif                                /*WITH_SELINUX */
     if ((swapped && print_args && current->argc < 0) || (!swapped && info))
         out_char(')');
     if ((current->flags & PFLAG_HILIGHT) && (tmp = tgetstr("me", NULL)))
@@ -520,11 +493,7 @@ dump_tree(PROC * current, int level, int rep, int leaf, int last,
             }
         }
     }
-#ifdef WITH_SELINUX
     if (show_scontext || print_args || !current->children)
-#else                                /*WITH_SELINUX */
-    if (print_args || !current->children)
-#endif                                /*WITH_SELINUX */
     {
         while (closing--)
             out_char(']');
@@ -533,11 +502,7 @@ dump_tree(PROC * current, int level, int rep, int leaf, int last,
     ensure_buffer_capacity(level);
     more[level] = !last;
 
-#ifdef WITH_SELINUX
     if (show_scontext || print_args)
-#else                                /*WITH_SELINUX */
-    if (print_args)
-#endif                                /*WITH_SELINUX */
     {
         width[level] = swapped + (comm_len > 1 ? 0 : -1);
         count=0;
@@ -653,8 +618,8 @@ static void read_proc(void)
   pid_t pid, ppid, pgid;
   int fd, size;
   int empty;
-#ifdef WITH_SELINUX
   security_context_t scontext = NULL;
+#ifdef WITH_SELINUX
   int selinux_enabled = is_selinux_enabled() > 0;
 #endif                /*WITH_SELINUX */
 
@@ -726,21 +691,12 @@ static void read_proc(void)
                 while ((dt = readdir(taskdir)) != NULL) {
                   if ((thread = atoi(dt->d_name)) != 0) {
                     if (thread != pid) {
-#ifdef WITH_SELINUX
                       if (print_args)
                         add_proc(threadname, thread, pid, pgid, st.st_uid, 
                             threadname, strlen (threadname) + 1, 1,scontext);
                       else
                         add_proc(threadname, thread, pid, pgid, st.st_uid, 
                             NULL, 0, 1, scontext);
-#else                /*WITH_SELINUX */
-                      if (print_args)
-                        add_proc(threadname, thread, pid, pgid, st.st_uid,
-                            threadname, strlen (threadname) + 1, 1);
-                      else
-                        add_proc(threadname, thread, pid, pgid, st.st_uid,
-                            NULL, 0, 1);
-#endif                /*WITH_SELINUX */
                       }
                     }
                   }
@@ -749,11 +705,7 @@ static void read_proc(void)
                 }
               free(taskpath);
               if (!print_args)
-#ifdef WITH_SELINUX
                 add_proc(comm, pid, ppid, pgid, st.st_uid, NULL, 0, 0, scontext);
-#else                /*WITH_SELINUX */
-                add_proc(comm, pid, ppid, pgid, st.st_uid, NULL, 0, 0);
-#endif                /*WITH_SELINUX */
               else {
                 sprintf(path, "%s/%d/cmdline", PROC_BASE, pid);
                 if ((fd = open(path, O_RDONLY)) < 0) {
@@ -770,13 +722,8 @@ static void read_proc(void)
                   size--;
                 if (size)
                   buffer[size++] = 0;
-#ifdef WITH_SELINUX
                 add_proc(comm, pid, ppid, pgid, st.st_uid,
                      buffer, size, 0, scontext);
-#else                /*WITH_SELINUX */
-                add_proc(comm, pid, ppid, pgid, st.st_uid,
-                     buffer, size, 0);
-#endif                /*WITH_SELINUX */
               }
             }
           }
@@ -787,7 +734,7 @@ static void read_proc(void)
     }
   }
   (void) closedir(dir);
-  fix_orphans();
+  fix_orphans(scontext);
   if (print_args)
     free(buffer);
   if (empty) {
@@ -796,7 +743,7 @@ static void read_proc(void)
   }
 }
 
-static void fix_orphans(void)
+static void fix_orphans(security_context_t scontext)
 {
   /* When using kernel 3.3 with hidepid feature enabled on /proc
    * then we need fake root pid and gather all the orphan processes
@@ -807,11 +754,7 @@ static void fix_orphans(void)
   PROC *root, *walk;
 
   if (!(root = find_proc(ROOT_PID))) {
-#ifdef WITH_SELINUX
     root = new_proc("?", ROOT_PID, 0, scontext);
-#else                                /*WITH_SELINUX */
-    root = new_proc("?", ROOT_PID, 0);
-#endif
   }
   for (walk = list; walk; walk = walk->next) {
 	if (walk->pid == 1 || walk->pid == 0)
-- 
1.7.12