sestatus: resolve symlinks in path when looking for a process

"sestatus -v" uses /proc/$PID/exe symbolic link in order to find the
context of processes present in /etc/sestatus.conf. For example, this
file includes "/usr/sbin/sshd".

On Arch Linux, /bin, /sbin and /usr/sbin are symbolic links to /usr/bin,
so sshd process is seen as "/usr/bin/sshd" instead of "/usr/sbin/sshd".
This causes "sestatus -v" to show nothing in "Process contexts:" for
sshd, agetty, etc.

Use realpath() to resolve any symlink components in program paths
defined in /etc/sestatus.conf. This makes "sestatus -v" show the
expected result:

    Process contexts:
    Current context:                sysadm_u:sysadm_r:sysadm_t
    Init context:                   system_u:system_r:init_t
    /sbin/agetty                    system_u:system_r:getty_t
    /usr/sbin/sshd                  system_u:system_r:sshd_t

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>

policycoreutils/sestatus/sestatus.c

@@ -61,6 +61,7 @@ int cmp_cmdline(const char *command, int pid)
 int pidof(const char *command)
 {
 /* inspired by killall5.c from psmisc */
+	char stackpath[PATH_MAX + 1], *p;
 	DIR *dir;
 	struct dirent *de;
 	int pid, ret = -1, self = getpid();
@@ -70,6 +71,11 @@ int pidof(const char *command)
 		return -1;
 	}
 
+	/* Resolve the path if it contains symbolic links */
+	p = realpath(command, stackpath);
+	if (p)
+		command = p;
+
 	while ((de = readdir(dir)) != NULL) {
 		errno = 0;
 		pid = (int)strtol(de->d_name, (char **)NULL, 10);