On 08/09/2011 03:33 PM, David Miller wrote:
From:<rongqing.li@xxxxxxxxxxxxx> Date: Tue, 9 Aug 2011 15:28:30 +0800if (v == SEQ_START_TOKEN) { seq_printf(seq, "%-*s\n", TMPSZ - 1, " sl local_address rem_address st tx_queue " "rx_queue tr tm->when retrnsmt uid timeout " - "inode"); + "inode seclabel"); goto out; }Unfortunately you cannot change the layout of procfs file output in this way. It has the potential to break programs which are parsing this file in userspace already. The layout hasn't changed in a very long time because it is essentially a uservisible ABI. If you want to export new information you'll have to do it using the facility that is extensible, and that's the netlink based socket dumping facility implemented in inet_diag.c, tcp_diag.c and friends. There, you can simply add a new netlink attribute that gets dumped with the entry, which will provide the security context.
Thanks, I see how I should do. I will continue to develop it and hope get your help. Thanks. -- Best Reagrds, Roy | RongQing Li -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
