This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[PATCH 1/2] ldd: Make try_trace more robust and portable


It was noted in 2006 (BZ 3266) and 2007 [1] that ldd fails on non-Bash
shells (as well as Bash < 3.0).  EGLIBC has a change [2][3] (r6912 in
SVN) to make ldd work on shells other than Bash 3.0+, though not with
some SELinux configurations.

This patch makes ldd work on any POSIX-conformant shell (which may not
support the pipefail option) in such a way as to also work with SELinux.
This resolves BZ 3266 and removes all or most of the need for EGLIBC
changes to ldd.

  [1]: http://www.sourceware.org/ml/libc-alpha/2007-01/msg00041.html
  [2]: http://www.eglibc.org/archives/patches/msg00526.html
  [3]: http://www.eglibc.org/archives/patches/msg01208.html

2012-11-22  P. J. McDermott  <pjm@nac.net>

	* elf/ldd.bash.in (try_trace): More robustly and portably work around
	SELinux console/tty write permissions by using a command substitution
	instead of a pipeline and pipefail option.
---
 elf/ldd.bash.in |   21 ++++++++-------------
 1 file changed, 8 insertions(+), 13 deletions(-)

diff --git a/elf/ldd.bash.in b/elf/ldd.bash.in
index ff4714d..86f47e6 100644
--- a/elf/ldd.bash.in
+++ b/elf/ldd.bash.in
@@ -106,19 +106,14 @@ if test "$unused" = yes; then
   add_env="$add_env LD_DEBUG=\"$LD_DEBUG${LD_DEBUG:+,}unused\""
 fi

-# The following use of cat is needed to make ldd work in SELinux
-# environments where the executed program might not have permissions
-# to write to the console/tty.  But only bash 3.x supports the pipefail
-# option, and we don't bother to handle the case for older bash versions.
-if set -o pipefail 2> /dev/null; then
-  try_trace() {
-    eval $add_env '"$@"' | cat
-  }
-else
-  try_trace() {
-    eval $add_env '"$@"'
-  }
-fi
+# The following command substitution is needed to make ldd work in
+# SELinux environments where the executed program might not have
+# permissions to write to the console/tty.  The extra "x" character
+# prevents the shell from trimming trailing newlines from command
+# substitution results.
+try_trace() {
+  output=$(eval $add_env '"$@"' && printf 'x') && printf '%s' "${output%x}"
+}

 case $# in
 0)
-- 
1.7.10.4


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]