From mboxrd@z Thu Jan  1 00:00:00 1970
From: ramsdell@mitre.org (John D. Ramsdell)
Subject: Re: An autrace that follows forks
Date: 12 Oct 2006 07:40:21 -0400
Message-ID: <ogtzmc1ahju.fsf@divan.mitre.org>
References: <ogtbqoiwraf.fsf@divan.mitre.org>
	<1160600130.10063.34.camel@code.and.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <1160600130.10063.34.camel@code.and.org>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: James Antill <james.antill@redhat.com>
Cc: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

James Antill <james.antill@redhat.com> writes:

> So, personally, I'd just have something like:
> 
> #ifndef PTRACE_O_TRACEFORK
> # define PTRACE_O_TRACEFORK 0x00000002 /* from kernel-2.6.x */
> #endif
> 
> ...and assuming you handle the error return from PTRACE_SETOPTIONS, it
> should mostly just work on all relevant systems.

The file gdb/linux_nat.c shows that GDB uses this trick, and many
other useful ones.  Time to cut-and-paste.

John