[DSE-Dev] Bug#1094854: getcon.3: Some remarks and a patch with editorial changes for this man page
Bjarni Ingi Gislason
bjarniig at simnet.is
Fri Jan 31 19:15:21 GMT 2025
Package: libselinux1-dev
Version: 3.7-3+b1
Severity: minor
Tags: patch
* What led up to the situation?
Checking for defects with a new version
test-[g|n]roff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z < "man page"
[Use "groff -e ' $' -e '\\~$' <file>" to find obvious trailing spaces.]
["test-groff" is a script in the repository for "groff"; is not shipped]
(local copy and "troff" slightly changed by me).
[The fate of "test-nroff" was decided in groff bug #55941.]
* What was the outcome of this action?
an.tmac:<stdin>:118: misuse, warning: .BR is for at least 2 arguments, got 1
Use macro '.B' for one argument or split argument.
an.tmac:<stdin>:133: misuse, warning: .BR is for at least 2 arguments, got 1
Use macro '.B' for one argument or split argument.
* What outcome did you expect instead?
No output (no warnings).
-.-
General remarks and further material, if a diff-file exist, are in the
attachments.
-- System Information:
Debian Release: trixie/sid
APT prefers testing
APT policy: (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 6.12.10-amd64 (SMP w/2 CPU threads; PREEMPT)
Locale: LANG=is_IS.iso88591, LC_CTYPE=is_IS.iso88591 (charmap=ISO-8859-1), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: sysvinit (via /sbin/init)
Versions of packages libselinux1-dev depends on:
ii libpcre2-dev 10.44-5
ii libselinux1 3.7-3+b1
ii libsepol-dev 3.7-1
libselinux1-dev recommends no packages.
libselinux1-dev suggests no packages.
-- no debconf information
-------------- next part --------------
Input file is getcon.3
Output from "mandoc -T lint getcon.3": (shortened list)
1 input text line longer than 80 bytes: returns the process ...
-.-.
Output from "test-groff -mandoc -t -ww -z getcon.3": (shortened list)
2 Use macro '.B' for one argument or split argument.
2 .BR is for at least 2 arguments, got 1
-.-.
Add a comma (or \&) after "e.g." and "i.e.", or use English words
(man-pages(7)).
Abbreviation points should be protected against being interpreted as
an end of sentence, if they are not, and that independent of the
current place on the line.
152:Querying a foreign process via its PID, e.g. \fBgetpidcon\fR() or
-.-.
Wrong distance between sentences in the input file.
Separate the sentences and subordinate clauses; each begins on a new
line. See man-pages(7) ("Conventions for source file layout") and
"info groff" ("Input Conventions").
The best procedure is to always start a new sentence on a new line,
at least, if you are typing on a computer.
Remember coding: Only one command ("sentence") on each (logical) line.
E-mail: Easier to quote exactly the relevant lines.
Generally: Easier to edit the sentence.
Patches: Less unaffected text.
Search for two adjacent words is easier, when they belong to the same line,
and the same phrase.
The amount of space between sentences in the output can then be
controlled with the ".ss" request.
Mark a final abbreviation point as such by suffixing it with "\&".
152:Querying a foreign process via its PID, e.g. \fBgetpidcon\fR() or
-.-.
Split lines longer than 80 characters into two or more lines.
Appropriate break points are the end of a sentence and a subordinate
clause; after punctuation marks.
Line 59, length 97
returns the process context before the last exec for the specified PID, which must be free'd with
-.-.
Remove quotes when there is a printable
but no space character between them
and the quotes are not for emphasis (markup),
for example as an argument to a macro.
1:.TH "getcon" "3" "21 December 2011" "russell at coker.com.au" "SELinux API documentation"
2:.SH "NAME"
11:.SH "SYNOPSIS"
42:.SH "DESCRIPTION"
147:.SH "NOTES"
157:.BR selinux "(8), " setexeccon "(3)"
-.-.
Output from "test-groff -mandoc -t -K utf8 -rF0 -rHY=0 -rCHECKSTYLE=10 -ww -z ":
an.tmac:<stdin>:118: misuse, warning: .BR is for at least 2 arguments, got 1
Use macro '.B' for one argument or split argument.
an.tmac:<stdin>:133: misuse, warning: .BR is for at least 2 arguments, got 1
Use macro '.B' for one argument or split argument.
-.-
Additionally:
Added missing commas.
-------------- next part --------------
--- getcon.3 2025-01-31 12:13:16.032520987 +0000
+++ getcon.3.new 2025-01-31 12:25:59.036401709 +0000
@@ -1,5 +1,5 @@
-.TH "getcon" "3" "21 December 2011" "russell at coker.com.au" "SELinux API documentation"
-.SH "NAME"
+.TH getcon 3 "21 December 2011" russell at coker.com.au "SELinux API documentation"
+.SH NAME
getcon, getprevcon, getpidcon \- get SELinux security context of a process
freecon, freeconary \- free memory associated with SELinux security contexts
@@ -8,7 +8,7 @@ getpeercon \- get security context of a
setcon \- set current security context of a process
-.SH "SYNOPSIS"
+.SH SYNOPSIS
.B #include <selinux/selinux.h>
.sp
.BI "int getcon(char **" context );
@@ -39,10 +39,11 @@ setcon \- set current security context o
.sp
.BI "int setcon_raw(const char *" context );
-.SH "DESCRIPTION"
+.SH DESCRIPTION
.TP
.BR getcon ()
-retrieves the context of the current process, which must be free'd with
+retrieves the context of the current process,
+which must be free'd with
.BR freecon ().
.TP
@@ -51,17 +52,20 @@ same as getcon but gets the context befo
.TP
.BR getpidcon ()
-returns the process context for the specified PID, which must be free'd with
+returns the process context for the specified PID,
+which must be free'd with
.BR freecon ().
.TP
.BR getpidprevcon ()
-returns the process context before the last exec for the specified PID, which must be free'd with
+returns the process context before the last exec for the specified PID,
+which must be free'd with
.BR freecon ().
.TP
.BR getpeercon ()
-retrieves the context of the peer socket, which must be free'd with
+retrieves the context of the peer socket,
+which must be free'd with
.BR freecon ().
.TP
@@ -70,7 +74,8 @@ frees the memory allocated for a securit
If
.I con
-is NULL, no operation is performed.
+is NULL,
+no operation is performed.
.TP
.BR freeconary ()
@@ -78,16 +83,19 @@ frees the memory allocated for a context
If
.I con
-is NULL, no operation is performed.
+is NULL,
+no operation is performed.
.TP
.BR setcon ()
-sets the current security context of the process to a new value. Note
-that use of this function requires that the entire application be
-trusted to maintain any desired separation between the old and new
-security contexts, unlike exec-based transitions performed via
+sets the current security context of the process to a new value.
+Note that use of this function requires
+that the entire application be trusted to maintain any desired separation
+between the old and new security contexts,
+unlike exec-based transitions performed via
.BR setexeccon (3).
-When possible, decompose your application and use
+When possible,
+decompose your application and use
.BR setexeccon (3)
and
.BR execve (3)
@@ -95,8 +103,10 @@ instead.
Since access to file descriptors is revalidated upon use by SELinux,
the new context must be explicitly authorized in the policy to use the
-descriptors opened by the old context if that is desired. Otherwise,
-attempts by the process to use any existing descriptors (including
+descriptors opened by the old context if that is desired.
+Otherwise,
+attempts by the process to use any existing descriptors
+(including
.IR stdin ,
.IR stdout ,
and
@@ -108,50 +118,58 @@ will fail.
A multi-threaded application can perform a
.BR setcon ()
prior to creating
-any child threads, in which case all of the child threads will inherit
-the new context. However, prior to Linux 2.6.28,
+any child threads,
+in which case all of the child threads will inherit the new context.
+However,
+prior to Linux 2.6.28,
.BR setcon ()
would fail if there are any other
threads running in the same process since this would yield
an inconsistency among the security contexts of threads sharing
-the same memory space. Since Linux 2.6.28,
-.BR setcon()
-is permitted for threads within a multi-threaded process if the
-new security context is bounded by the old security context, where
-the bounded relation is defined through typebounds statements in the
-policy and guarantees that the new security context has a subset of
+the same memory space.
+Since Linux 2.6.28,
+.BR setcon ()
+is permitted for threads within a multi-threaded process
+if the new security context is bounded by the old security context,
+where the bounded relation is defined through typebounds statements in the
+policy
+and guarantees that the new security context has a subset of
the permissions of the old security context.
If the process was being ptraced at the time of the
.BR setcon ()
-operation, ptrace permission will be revalidated against the new
+operation,
+ptrace permission will be revalidated against the new
context and the
.BR setcon ()
will fail if it is not allowed by policy.
.TP
-.BR *_raw()
+.BR *_raw (),
.BR getcon_raw (),
.BR getprevcon_raw (),
.BR getpidcon_raw (),
.BR getpidprevcon_raw (),
-.BR getpeercon_raw ()
+.BR getpeercon_raw (),
and
.BR setcon_raw ()
behave identically to their non-raw counterparts but do not perform context
translation.
.SH "RETURN VALUE"
-On error \-1 is returned with errno set. On success 0 is returned.
+On error \-1 is returned with errno set.
+On success 0 is returned.
-.SH "NOTES"
+.SH NOTES
The retrieval functions might return success and set
.I *context
to NULL if and only if SELinux is not enabled.
-Querying a foreign process via its PID, e.g. \fBgetpidcon\fR() or
-\fBgetpidprevcon\fR(), is inherently racy and therefore should never be relied
-upon for security purposes.
+Querying a foreign process via its PID,
+e.g., \fBgetpidcon\fR()
+or \fBgetpidprevcon\fR(),
+is inherently racy
+and therefore should never be relied upon for security purposes.
.SH "SEE ALSO"
-.BR selinux "(8), " setexeccon "(3)"
+.BR selinux "(8), " setexeccon (3)
-------------- next part --------------
Any program (person), that produces man pages, should check the output
for defects by using (both groff and nroff)
[gn]roff -mandoc -t -ww -b -z -K utf8 <man page>
The same goes for man pages that are used as an input.
For a style guide use
mandoc -T lint
-.-
Any "autogenerator" should check its products with the above mentioned
'groff', 'mandoc', and additionally with 'nroff ...'.
It should also check its input files for too long (> 80) lines.
This is just a simple quality control measure.
The "autogenerator" may have to be corrected to get a better man page,
the source file may, and any additional file may.
Common defects:
Not removing trailing spaces (in in- and output).
The reason for these trailing spaces should be found and eliminated.
Not beginning each input sentence on a new line.
Line length should thus be reduced.
The script "reportbug" uses 'quoted-printable' encoding when a line is
longer than 1024 characters in an 'ascii' file.
See man-pages(7), item "semantic newline".
-.-
The difference between the formatted output of the original and patched file
can be seen with:
nroff -mandoc <file1> > <out1>
nroff -mandoc <file2> > <out2>
diff -u <out1> <out2>
and for groff, using
\"printf '%s\n%s\n' '.kern 0' '.ss 12 0' | groff -mandoc -Z - \"
instead of 'nroff -mandoc'
Add the option '-t', if the file contains a table.
Read the output from 'diff -u ...' with 'less -R' or similar.
-.-.
If 'man' (man-db) is used to check the manual for warnings,
the following must be set:
The option \"-warnings=w\"
The environmental variable:
export MAN_KEEP_STDERR=yes (or any non-empty value)
or
(produce only warnings):
export MANROFFOPT=\"-ww -b -z\"
export MAN_KEEP_STDERR=yes (or any non-empty value)
-.-
More information about the SELinux-devel
mailing list