diff -up lsof_4.78C-rh/proc.c.selinux lsof_4.78C-rh/proc.c --- lsof_4.78C-rh/proc.c.selinux 2006-06-12 19:10:02.000000000 +0200 +++ lsof_4.78C-rh/proc.c 2007-10-03 12:15:57.000000000 +0200 @@ -968,7 +968,7 @@ print_proc() #endif /* defined(HASZONES) */ #if defined(HASSELINUX) - if (FieldSel[LSOF_FIX_CNTX].st && Fcntx && Lp->cntx) + if (FieldSel[LSOF_FIX_CNTX].st && Fcntx && Lp->cntx && CntxStatus) (void) printf("%c%s%c", LSOF_FID_CNTX, Lp->cntx, Terminator); #endif /* defined(HASSELINUX) */ diff -up lsof_4.78C-rh/store.c.selinux lsof_4.78C-rh/store.c --- lsof_4.78C-rh/store.c.selinux 2006-06-12 19:10:03.000000000 +0200 +++ lsof_4.78C-rh/store.c 2007-10-03 12:15:57.000000000 +0200 @@ -70,7 +70,9 @@ lsof_rx_t *CmdRx = (lsof_rx_t *)NULL; cntxlist_t *CntxArg = (cntxlist_t *)NULL; /* security context arguments supplied with * -Z */ -int CntxColW; /* security context column width */ +int CntxColW; /* security context column width */ +int CntxStatus = 0; /* security context status: 0 == disabled, + * 1 == enabled */ #endif /* defined(HASSELINUX) */ #if defined(HASDCACHE) diff -up lsof_4.78C-rh/dialects/linux/dproc.c.selinux lsof_4.78C-rh/dialects/linux/dproc.c --- lsof_4.78C-rh/dialects/linux/dproc.c.selinux 2007-10-03 12:15:57.000000000 +0200 +++ lsof_4.78C-rh/dialects/linux/dproc.c 2007-10-03 12:17:22.000000000 +0200 @@ -468,7 +468,7 @@ gather_proc_info() Lp->cntx = (char *)NULL; if (!Fwarn) { (void) snpf(nmabuf, sizeof(nmabuf), - "(getpidcon: %s)\n", strerror(errno)); + "(getpidcon: %s)", strerror(errno)); if (!(Lp->cntx = strdup(nmabuf))) { (void) fprintf(stderr, "%s: no context error space: PID %ld", diff -up lsof_4.78C-rh/usage.c.selinux lsof_4.78C-rh/usage.c --- lsof_4.78C-rh/usage.c.selinux 2006-06-12 19:10:03.000000000 +0200 +++ lsof_4.78C-rh/usage.c 2007-10-03 12:15:57.000000000 +0200 @@ -787,7 +788,10 @@ usage(xv, fh, version) continue; #endif /* !defined(HASZONES) */ -#if !defined(HASSELINUX) +#if defined(HASSELINUX) + if ((FieldSel[i].id == LSOF_FID_CNTX) && !CntxStatus) + continue; +#else /* !defined(HASSELINUX) */ if (FieldSel[i].id == LSOF_FID_CNTX) continue; #endif /* !defined(HASSELINUX) */ diff -up lsof_4.78C-rh/main.c.selinux lsof_4.78C-rh/main.c --- lsof_4.78C-rh/main.c.selinux 2006-06-12 19:10:02.000000000 +0200 +++ lsof_4.78C-rh/main.c 2007-10-03 12:15:57.000000000 +0200 @@ -84,14 +84,20 @@ main(argc, argv) int version = 0; int xover = 0; -#if defined(HASSELINUX) - cntxlist_t *cntxp; -#endif /* defined(HASSELINUX) */ - #if defined(HASZONES) znhash_t *zp; #endif /* defined(HASZONES) */ +#if defined(HASSELINUX) +/* + * This stanza must be immediately before the "Save progam name." code, since + * it contains code itself. + */ + cntxlist_t *cntxp; + + CntxStatus = is_selinux_enabled() ? 1 : 0; +#endif /* defined(HASSELINUX) */ + /* * Save program name. */ @@ -414,7 +420,10 @@ main(argc, argv) continue; #endif /* !defined(HASZONES) */ -#if !defined(HASSELINUX) +#if defined(HASSELINUX) + if ((FieldSel[i].id == LSOF_FID_CNTX) && !CntxStatus) + continue; +#else /* !defined(HASSELINUX) */ if (FieldSel[i].id == LSOF_FID_CNTX) continue; #endif /* !defined(HASSELINUX) */ @@ -822,7 +831,7 @@ main(argc, argv) #if defined(HASSELINUX) case 'Z': - if (!is_selinux_enabled()) { + if (!CntxStatus) { (void) fprintf(stderr, "%s: -Z limited to SELinux\n", Pn); err = 1; } else { diff -up lsof_4.78C-rh/lsof.h.selinux lsof_4.78C-rh/lsof.h --- lsof_4.78C-rh/lsof.h.selinux 2006-06-12 19:10:02.000000000 +0200 +++ lsof_4.78C-rh/lsof.h 2007-10-03 12:15:57.000000000 +0200 @@ -548,6 +548,7 @@ typedef struct cntxlist { struct cntxlist *next; /* next zone hash entry */ } cntxlist_t; extern cntxlist_t *CntxArg; +extern int CntxStatus; # endif /* defined(HASSELINUX) */ # if defined(HASDCACHE)