Proposing SELinux support in strace

Renaud Métrich rmetrich at redhat.com
Thu Mar 18 21:36:49 UTC 2021 

Attached is a small fix in the doc, I had forgotten to prefix the 
details for --secontext using "if USE_SELINUX_FALSE" statements.

Sorry for that.

On 3/18/21 12:31 PM, Renaud Métrich wrote:
> See line. Updated patch attached.
>
> On 3/18/21 3:49 AM, Dmitry V. Levin wrote:
>> diff --git a/doc/strace.1.in b/doc/strace.1.in
>>> index 05c32d902..e310e0877 100644
>>> --- a/doc/strace.1.in
>>> +++ b/doc/strace.1.in
>>> @@ -53,6 +53,7 @@ strace \- trace system calls and signals
>>>   .OM \-P path
>>>   .OM \-p pid
>>>   .OP \-\-seccomp\-bpf
>>> +.if '@USE_SELINUX_FALSE@'#' .OP \-\-secontext[=full]
>> [=full] should not be bold, consider changing the line to
>> .if '@USE_SELINUX_FALSE@'#' .OP \-\-secontext\fR[=\fIfull\fR]
>
> Actually "full" is a keyword here and not a variable, hence I think 
> it's better to have it not underlined at all.
>
> [<BOLD>--secontext</BOLD>[=full]]
>
>>
>> I think this should go to the end of "Output format:" section rather
>> "Miscellaneous:".
> OK, moved the option in the man page also.
>>> @@ -46,6 +48,7 @@ check_e '-t and --absolute-timestamps cannot be 
>>> provided simultaneously' -t --ti
>>>   check_e '-t and --absolute-timestamps cannot be provided 
>>> simultaneously' --absolute-timestamps -ttt -p $$
>>>   check_e '-t and --absolute-timestamps cannot be provided 
>>> simultaneously' -t --timestamps=ns -t -p $$
>>>   check_e '-t and --absolute-timestamps cannot be provided 
>>> simultaneously' --timestamps=ns -t --absolute-timestamps=unix -p $$
>>> +[ -n "$compiled_with_secontext" ] && check_h "invalid --secontext 
>>> argument: 'ss'" --secontext=ss
>> We prefer writing it this way:
>>
>> [ -z "$compiled_with_secontext" ] ||
>>     check_h "invalid --secontext argument: 'ss'" --secontext=ss
> OK, that's what I had written intially, then thought some people don't 
> like that.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fixed-missing-if-USE_SELINUX-in-manpage-for-detailed.patch
Type: text/x-patch
Size: 1911 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20210318/4e54021d/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20210318/4e54021d/attachment-0001.bin>

More information about the Strace-devel mailing list