aboutsummaryrefslogtreecommitdiff
path: root/elf
diff options
context:
space:
mode:
authorRoland McGrath <roland@gnu.org>2004-12-08 22:08:52 +0000
committerRoland McGrath <roland@gnu.org>2004-12-08 22:08:52 +0000
commitf57a3c946af8a254679a9718c54e50c2c0057694 (patch)
tree6463e1fef01c687bf040095b244102c726f84760 /elf
parent77474ccd4646a58f96550325ac44cdb0e6a35e58 (diff)
downloadglibc-f57a3c946af8a254679a9718c54e50c2c0057694.tar
glibc-f57a3c946af8a254679a9718c54e50c2c0057694.tar.gz
glibc-f57a3c946af8a254679a9718c54e50c2c0057694.tar.bz2
glibc-f57a3c946af8a254679a9718c54e50c2c0057694.zip
* elf/ldd.bash.in: When set -o pipefail is available, use that for
piping to cat; when not, don't use the pipe at all. Pipe to cat in all cases of running the executable. When direct running exits with code 5, retry running via ${RTLD}. * elf/rtld.c (process_envvars): If __libc_enable_secure and mode != normal, exit with exitcode 5.
Diffstat (limited to 'elf')
-rw-r--r--elf/ldd.bash.in31
-rw-r--r--elf/rtld.c6
2 files changed, 30 insertions, 7 deletions
diff --git a/elf/ldd.bash.in b/elf/ldd.bash.in
index f400924217..4d7c33c728 100644
--- a/elf/ldd.bash.in
+++ b/elf/ldd.bash.in
@@ -105,6 +105,21 @@ add_env="$add_env LD_VERBOSE=$verbose"
if test "$unused" = yes; then
add_env="$add_env LD_DEBUG=\"$LD_DEBUG${LD_DEBUG:+,}unused\""
fi
+
+# The following use of cat is needed to make ldd work in SELinux
+# environments where the executed program might not have permissions
+# to write to the console/tty. But only bash 3.x supports the pipefail
+# option, and we don't bother to handle the case for older bash versions.
+if set -o pipefail 2> /dev/null; then
+ try_trace() {
+ eval $add_env '"$@"' | cat
+ }
+else
+ try_trace() {
+ eval $add_env '"$@"'
+ }
+fi
+
case $# in
0)
echo >&2 'ldd:' $"missing file arguments"
@@ -153,7 +168,16 @@ warning: you do not have execution permission for" "\`$file'" >&2
fi
case $ret in
0)
- eval $add_env '"$file"' || result=1
+ # If the program exits with exit code 5, it means the process has been
+ # invoked with __libc_enable_secure. Fall back to running it through
+ # the dynamic linker.
+ try_trace "$file"
+ rc=$?
+ if [ $rc = 5 ]; then
+ try_trace "$RTLD" "$file"
+ rc=$?
+ fi
+ [ $rc = 0 ] || result=1
;;
1)
# This can be a non-ELF binary or no binary at all.
@@ -163,10 +187,7 @@ warning: you do not have execution permission for" "\`$file'" >&2
}
;;
2)
- # The following use of cat is needed to make ldd work in SELinux
- # environments where the executed program might not have permissions
- # to write to the console/tty.
- eval $add_env \${RTLD} '"$file"' | cat || result=1
+ try_trace "$RTLD" "$file" || result=1
;;
*)
echo 'ldd:' ${RTLD} $"exited with unknown exit code" "($ret)" >&2
diff --git a/elf/rtld.c b/elf/rtld.c
index 13f7b4f748..cd40f80088 100644
--- a/elf/rtld.c
+++ b/elf/rtld.c
@@ -2269,9 +2269,11 @@ process_envvars (enum mode *modep)
if (__access ("/etc/suid-debug", F_OK) != 0)
{
unsetenv ("MALLOC_CHECK_");
- if (mode == normal)
- GLRO(dl_debug_mask) = 0;
+ GLRO(dl_debug_mask) = 0;
}
+
+ if (mode != normal)
+ _exit (5);
}
/* If we have to run the dynamic linker in debugging mode and the
LD_DEBUG_OUTPUT environment variable is given, we write the debug