Hello community, here is the log from the commit of package procps checked in at Tue Aug 26 02:20:30 CEST 2008. -------- --- procps/procps.changes 2008-07-30 16:43:35.000000000 +0200 +++ /mounts/work_src_done/STABLE/procps/procps.changes 2008-08-25 14:43:07.000000000 +0200 @@ -1,0 +2,5 @@ +Mon Aug 25 14:43:02 CEST 2008 - prusnak@suse.cz + +- enabled SELinux support [Fate#303662] + +------------------------------------------------------------------- New: ---- procps-3.2.7-selinux.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ procps.spec ++++++ --- /var/tmp/diff_new_pack.B27699/_old 2008-08-26 02:20:06.000000000 +0200 +++ /var/tmp/diff_new_pack.B27699/_new 2008-08-26 02:20:06.000000000 +0200 @@ -2,9 +2,16 @@ # spec file for package procps (Version 3.2.7) # # Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany. -# This file and all modifications and additions to the pristine -# package are under the same license as the package itself. # +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + # Please submit bugfixes or comments via http://bugs.opensuse.org/ # @@ -13,13 +20,14 @@ Name: procps BuildRequires: ncurses-devel +BuildRequires: libselinux-devel Url: http://procps.sf.net License: GPL v2 or later; LGPL v2.1 or later Group: System/Monitoring PreReq: %fillup_prereq %insserv_prereq AutoReqProv: on Version: 3.2.7 -Release: 123 +Release: 134 Summary: ps utilities for /proc Provides: ps Obsoletes: ps @@ -47,6 +55,7 @@ Patch19: procps-3.2.7-btime-from-proc-stat.patch Patch20: procps-3.2.7-glibc-2.6.1.dif Patch21: procps-3.2.7-slab.patch +Patch22: procps-3.2.7-selinux.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -96,6 +105,7 @@ %patch19 -p1 %patch20 %patch21 -p1 +%patch22 %build make CFLAGS="-Wall -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 $RPM_OPT_FLAGS -pipe" \ @@ -161,6 +171,8 @@ %_mandir/man8/sysctl.8.gz %changelog +* Mon Aug 25 2008 prusnak@suse.cz +- enabled SELinux support [Fate#303662] * Wed Jul 30 2008 werner@suse.de - Make boot script know about new upcoming startpar and insserv * Thu Jul 10 2008 werner@suse.de ++++++ procps-3.2.7-selinux.patch ++++++ --- Makefile +++ Makefile @@ -73,12 +73,12 @@ # Something like this is probably needed to make the SE Linux # library loading not conflict with embedded systems stuff. # -#ifeq ($(SHARED),1) -#ldl := -ldl -#LIBTYPE := -DSHAREDLIB -#else -#LIBTYPE := -DSTATICLIB -#endif +ifeq ($(SHARED),1) +ldl := -ldl +LIBTYPE := -DSHAREDLIB +else +LIBTYPE := -DSTATICLIB +endif # Preprocessor flags. PKG_CPPFLAGS := -D_GNU_SOURCE -I proc @@ -104,7 +104,7 @@ # an option that starts with "-g". (-g, -g2, -g3, -ggdb, etc.) RPM_OPT_FLAGS = -O2 -s CFLAGS = $(RPM_OPT_FLAGS) -ALL_CFLAGS := $(PKG_CFLAGS) $(CFLAGS) +ALL_CFLAGS := $(PKG_CFLAGS) $(CFLAGS) $(LIBTYPE) PKG_LDFLAGS := -Wl,-warn-common LDFLAGS := --- ps/output.c +++ ps/output.c @@ -1090,7 +1090,7 @@ return snprintf(outbuf, COLWID, "*"); } - +#ifdef STATICLIB /****************** FLASK & seLinux security stuff **********************/ // move the bulk of this to libproc sometime @@ -1122,7 +1122,7 @@ return 1; } -#if 0 +#else // This needs more study, considering: // 1. the static linking option (maybe disable this in that case) // 2. the -z and -Z option issue --- ps/parser.c +++ ps/parser.c @@ -231,7 +231,7 @@ // In the meantime, please do not add to it. The list is // intended to ONLY contain flags defined by the POSIX and UNIX // standards published by The Open Group, IEEE, and ISO. - if(!strchr("aAdefgGlnoptuU", *flagptr)) not_pure_unix = 1; // dude, -Z ain't in POSIX + if(!strchr("aAdefgGlnoptuUZ", *flagptr)) not_pure_unix = 1; // dude, -Z ain't in POSIX switch(*flagptr){ case 'A': --- ps/ps.1 +++ ps/ps.1 @@ -450,6 +450,9 @@ Do not show flags; show rss in place of addr. This option can only be used with \fB\-l\fR. +.opt \-Z +display security context format (SELinux, etc.) + .opt \-\-format \ format user\-defined format. Identical to \fB\-o\fR and \fBo\fR. --- w.c +++ w.c @@ -163,6 +163,10 @@ if(best && tmp->start_time <= best->start_time) continue; best = tmp; } + /* It is there but SELinux wouldn't allow us to know the detail. Really + w should just be given rights */ + if(!kill(u->ut_pid, 0) || errno != ESRCH) + *found_utpid = 1; return best ? best : secondbest; } ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org