Proposing SELinux support in strace
Renaud Métrich
rmetrich at redhat.com
Wed Nov 18 10:44:40 UTC 2020
The code is now complete, but for some reason Travis CI fails, it
doesn't look related to my changes.
Additionally, the Code Coverage passes but the code for SELinux is not
tested since there is no SELinux available on the system.
It would hence be nice to have some SELinux system set up as well.
On 11/17/20 5:22 PM, Renaud Métrich wrote:
> I've updated the PR (https://github.com/strace/strace/pull/121) to
> propose this syntax: --secontext[=full]
>
> Please check.
>
> By default, only the type is printed.
>
> On 11/17/20 12:24 PM, Dmitry V. Levin wrote:
>> On Tue, Nov 17, 2020 at 12:19:06PM +0100, Renaud Métrich wrote:
>>> Well I'm ok to change the interface :-)
>>>
>>> Most users will just need the short version (e.g. "unconfined_t").
>>>
>>> I have no idea how to have parameters, but will check this, something
>>> like --secontext:full likely.
>> strace uses getopt_long(3), so it should be something like
>> --option=arg rather than --option:arg.
>>
>> See longopts in strace.c and a lot of various examples in
>> tests/options-syntax.test.
>>
>>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x5D129094FB6E4326.asc
Type: application/pgp-keys
Size: 3087 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20201118/2da361d7/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20201118/2da361d7/attachment-0001.bin>
More information about the Strace-devel
mailing list