|
 |
7a6a25 |
From 7774511d5438e5bbfc0d0142b7656da0498e7126 Mon Sep 17 00:00:00 2001
|
|
|
7a6a25 |
From: =?UTF-8?q?Jan=20=C4=8Cern=C3=BD?= <jcerny@redhat.com>
|
|
|
7a6a25 |
Date: Wed, 29 May 2019 14:54:02 +0200
|
|
|
7a6a25 |
Subject: [PATCH] Do not skip 'fs.binfmt_misc.status' by sysctl probe
|
|
|
7a6a25 |
|
|
|
7a6a25 |
Directory /proc/sys/fs/binfmt_misc is a separate file system,
|
|
|
7a6a25 |
mounted by systemd-automout and is represented by an autofs
|
|
|
7a6a25 |
entry in /etc/mtab. /proc/sys/fs/binfmt_misc is mounted
|
|
|
7a6a25 |
on demand when accessed. If accessed the first time, we don't
|
|
|
7a6a25 |
have a way to determine the if the autofs is remote or local.
|
|
|
7a6a25 |
See 309f8230d67f229b6091876c3ace62370fb3d451.
|
|
|
7a6a25 |
However, we don't see a reason why not to traverse the whole
|
|
|
7a6a25 |
/proc/sys regardless the type of file systems mounted there.
|
|
|
7a6a25 |
---
|
|
|
7a6a25 |
src/OVAL/probes/unix/sysctl.c | 2 +-
|
|
|
7a6a25 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
7a6a25 |
|
|
|
7a6a25 |
diff --git a/src/OVAL/probes/unix/sysctl.c b/src/OVAL/probes/unix/sysctl.c
|
|
|
7a6a25 |
index 3001bfd76..bc53b43fc 100644
|
|
|
7a6a25 |
--- a/src/OVAL/probes/unix/sysctl.c
|
|
|
7a6a25 |
+++ b/src/OVAL/probes/unix/sysctl.c
|
|
|
7a6a25 |
@@ -76,7 +76,7 @@ int probe_main(probe_ctx *ctx, void *probe_arg)
|
|
|
7a6a25 |
*/
|
|
|
7a6a25 |
ent_attrs = probe_attr_creat("max_depth", r0 = SEXP_string_newf("%d", PROC_SYS_MAXDEPTH),
|
|
|
7a6a25 |
"recurse_direction", r1 = SEXP_string_new("down", 4),
|
|
|
7a6a25 |
- "recurse_file_system", r2 = SEXP_string_new("local", 7),
|
|
|
7a6a25 |
+ "recurse_file_system", r2 = SEXP_string_new("all", 3),
|
|
|
7a6a25 |
"recurse", r3 = SEXP_string_new("symlinks and directories", 24),
|
|
|
7a6a25 |
NULL);
|
|
|
7a6a25 |
bh_entity = probe_ent_creat1("behaviors", ent_attrs, NULL);
|
|
|
7a6a25 |
--
|
|
|
7a6a25 |
2.20.1
|
|
|
7a6a25 |
|