External/libvirt
1
0
Fork 0
mirror of https://gitlab.com/libvirt/libvirt.git synced 2024-07-06 09:55:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

security: Update format strings in translated messages

Browse Source 
Signed-off-by: Jiri Denemark <jdenemar@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Jiri Denemark 2023-03-09 13:38:58 +01:00
parent 88af62f6a0
commit 798bf7588c
7 changed files with 99 additions and 120 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
src/security/security_apparmor.c
View File

@ -85,8 +85,8 @@ profile_status(const char *str, const int check_enforcing)
if (virFileReadAll(APPARMOR_PROFILES_PATH, MAX_FILE_LEN, &content) < 0) {
virReportSystemError(errno,
_("Failed to read AppArmor profiles list "
"\'%s\'"), APPARMOR_PROFILES_PATH);
_("Failed to read AppArmor profiles list \'%1$s\'"),
APPARMOR_PROFILES_PATH);
return -2;
}
@ -128,7 +128,7 @@ profile_status_file(const char *str)
if ((len = virFileReadAll(profile, MAX_FILE_LEN, &content)) < 0) {
virReportSystemError(errno,
_("Failed to read \'%s\'"), profile);
_("Failed to read \'%1$s\'"), profile);
goto failed;
}
@ -265,8 +265,7 @@ reload_profile(virSecurityManager *mgr,
if (profile_loaded(secdef->imagelabel) >= 0) {
if (load_profile(mgr, secdef->imagelabel, def, fn, append) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot update AppArmor profile "
"\'%s\'"),
_("cannot update AppArmor profile \'%1$s\'"),
secdef->imagelabel);
return -1;
}
@ -327,12 +326,12 @@ AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
if (!virFileExists(template_qemu)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("template \'%s\' does not exist"), template_qemu);
_("template \'%1$s\' does not exist"), template_qemu);
return SECURITY_DRIVER_DISABLE;
}
if (!virFileExists(template_lxc)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("template \'%s\' does not exist"), template_lxc);
_("template \'%1$s\' does not exist"), template_lxc);
return SECURITY_DRIVER_DISABLE;
}
@ -414,8 +413,8 @@ AppArmorGenSecurityLabel(virSecurityManager *mgr G_GNUC_UNUSED,
/* Now that we have a label, load the profile into the kernel. */
if (load_profile(mgr, secdef->label, def, NULL, false) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot load AppArmor profile "
"\'%s\'"), secdef->label);
_("cannot load AppArmor profile \'%1$s\'"),
secdef->label);
goto err;
}
@ -518,7 +517,7 @@ AppArmorRestoreSecurityAllLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (secdef->type == VIR_DOMAIN_SECLABEL_DYNAMIC) {
if ((rc = remove_profile(secdef->label)) != 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("could not remove profile for \'%s\'"),
_("could not remove profile for \'%1$s\'"),
secdef->label);
}
}
@ -544,9 +543,7 @@ AppArmorSetSecurityProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (STRNEQ(SECURITY_APPARMOR_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"\'%s\' model configured for domain, but "
"hypervisor driver is \'%s\'."),
_("security label driver mismatch: \'%1$s\' model configured for domain, but hypervisor driver is \'%2$s\'."),
secdef->model, SECURITY_APPARMOR_NAME);
if (use_apparmor() > 0)
return -1;
@ -583,9 +580,7 @@ AppArmorSetSecurityChildProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (STRNEQ(SECURITY_APPARMOR_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"\'%s\' model configured for domain, but "
"hypervisor driver is \'%s\'."),
_("security label driver mismatch: \'%1$s\' model configured for domain, but hypervisor driver is \'%2$s\'."),
secdef->model, SECURITY_APPARMOR_NAME);
if (use_apparmor() > 0)
return -1;
@ -648,7 +643,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr,
case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
if (!virFileExists(mem->nvdimmPath)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("%s: \'%s\' does not exist"),
_("%1$s: \'%2$s\' does not exist"),
__func__, mem->nvdimmPath);
return -1;
}
@ -687,13 +682,13 @@ AppArmorSetInputLabel(virSecurityManager *mgr,
case VIR_DOMAIN_INPUT_TYPE_EVDEV:
if (input->source.evdev == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("%s: passthrough input device has no source"),
_("%1$s: passthrough input device has no source"),
__func__);
return -1;
}
if (!virFileExists(input->source.evdev)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("%s: \'%s\' does not exist"),
_("%1$s: \'%2$s\' does not exist"),
__func__, input->source.evdev);
return -1;
}
@ -745,7 +740,7 @@ AppArmorSetSecurityImageLabelInternal(virSecurityManager *mgr,
/* if the device doesn't exist, error out */
if (!virFileExists(path)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("\'%s\' does not exist"),
_("\'%1$s\' does not exist"),
path);
return -1;
}
@ -790,7 +785,7 @@ AppArmorSecurityVerify(virSecurityManager *mgr G_GNUC_UNUSED,
if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC) {
if (use_apparmor() < 0 || profile_status(secdef->label, 0) < 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid security label \'%s\'"),
_("Invalid security label \'%1$s\'"),
secdef->label);
return -1;
}

28
src/security/security_dac.c
View File

@ -689,7 +689,7 @@ virSecurityDACSetOwnershipInternal(const virSecurityDACData *priv,
return 0;
if (stat(path, &sb) < 0) {
virReportSystemError(errno, _("unable to stat: %s"), path);
virReportSystemError(errno, _("unable to stat: %1$s"), path);
return -1;
}
@ -721,8 +721,7 @@ virSecurityDACSetOwnershipInternal(const virSecurityDACData *priv,
(long)uid, (long)gid, NULLSTR(path));
} else {
virReportSystemError(errno,
_("unable to set user and group to '%ld:%ld' "
"on '%s'"),
_("unable to set user and group to '%1$ld:%2$ld' on '%3$s'"),
(long)uid, (long)gid, NULLSTR(path));
return -1;
}
@ -760,7 +759,7 @@ virSecurityDACSetOwnership(virSecurityManager *mgr,
if (remember && path) {
if (stat(path, &sb) < 0) {
virReportSystemError(errno, _("unable to stat: %s"), path);
virReportSystemError(errno, _("unable to stat: %1$s"), path);
return -1;
}
@ -778,8 +777,8 @@ virSecurityDACSetOwnership(virSecurityManager *mgr,
* XATTRs so decrease it. */
if (sb.st_uid != uid || sb.st_gid != gid) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("Setting different DAC user or group on %s "
"which is already in use"), path);
_("Setting different DAC user or group on %1$s which is already in use"),
path);
goto error;
}
}
@ -2324,8 +2323,7 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
if (seclabel->model
&& STRNEQ(seclabel->model, SECURITY_DAC_NAME)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label model %s is not supported "
"with selinux"),
_("security label model %1$s is not supported with selinux"),
seclabel->model);
return rc;
}
@ -2334,8 +2332,8 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
case VIR_DOMAIN_SECLABEL_STATIC:
if (seclabel->label == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("missing label for static security "
"driver in domain %s"), def->name);
_("missing label for static security driver in domain %1$s"),
def->name);
return rc;
}
break;
@ -2344,8 +2342,8 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
(unsigned int)priv->group);
if (seclabel->label == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot generate dac user and group id "
"for domain %s"), def->name);
_("cannot generate dac user and group id for domain %1$s"),
def->name);
return rc;
}
break;
@ -2355,7 +2353,7 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
case VIR_DOMAIN_SECLABEL_DEFAULT:
case VIR_DOMAIN_SECLABEL_LAST:
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unexpected security label type '%s'"),
_("unexpected security label type '%1$s'"),
virDomainSeclabelTypeToString(seclabel->type));
return rc;
}
@ -2395,7 +2393,7 @@ virSecurityDACGetProcessLabelInternal(pid_t pid,
if (g_lstat(path, &sb) < 0) {
virReportSystemError(errno,
_("unable to get uid and gid for PID %d via procfs"),
_("unable to get uid and gid for PID %1$d via procfs"),
pid);
return -1;
}
@ -2420,7 +2418,7 @@ virSecurityDACGetProcessLabelInternal(pid_t pid,
if (sysctl(mib, 4, &p, &len, NULL, 0) < 0) {
virReportSystemError(errno,
_("unable to get PID %d uid and gid via sysctl"),
_("unable to get PID %1$d uid and gid via sysctl"),
pid);
return -1;
}

4
src/security/security_driver.c
View File

@ -70,7 +70,7 @@ virSecurityDriver *virSecurityDriverLookup(const char *name,
VIR_DEBUG("Not enabled name=%s", tmp->name);
if (name && STREQ(tmp->name, name)) {
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Security driver %s not enabled"),
_("Security driver %1$s not enabled"),
name);
return NULL;
}
@ -84,7 +84,7 @@ virSecurityDriver *virSecurityDriverLookup(const char *name,
if (!drv) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Security driver %s not found"),
_("Security driver %1$s not found"),
NULLSTR(name));
return NULL;
}

6
src/security/security_manager.c
View File

@ -728,7 +728,7 @@ static int virSecurityManagerCheckModel(virSecurityManager *mgr,
}
virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
_("Security driver model '%s' is not available"),
_("Security driver model '%1$s' is not available"),
secmodel);
cleanup:
VIR_FREE(sec_managers);
@ -1358,7 +1358,7 @@ virSecurityManagerMetadataLock(virSecurityManager *mgr G_GNUC_UNUSED,
}
virReportSystemError(errno,
_("unable to open %s"),
_("unable to open %1$s"),
p);
goto cleanup;
}
@ -1373,7 +1373,7 @@ virSecurityManagerMetadataLock(virSecurityManager *mgr G_GNUC_UNUSED,
continue;
} else {
virReportSystemError(errno,
_("unable to lock %s for metadata change"),
_("unable to lock %1$s for metadata change"),
p);
VIR_FORCE_CLOSE(fd);
goto cleanup;

118
src/security/security_selinux.c
View File

@ -361,7 +361,7 @@ virSecuritySELinuxMCSFind(virSecurityManager *mgr,
if (catRange < 8) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Category range c%d-c%d too small"),
_("Category range c%1$d-c%2$d too small"),
catMin, catMax);
return NULL;
}
@ -438,7 +438,7 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
}
if (!(ourContext = context_new(ourSecContext))) {
virReportSystemError(errno,
_("Unable to parse current SELinux context '%s'"),
_("Unable to parse current SELinux context '%1$s'"),
ourSecContext);
goto cleanup;
}
@ -470,14 +470,14 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
tmp = cat;
if (tmp[0] != 'c') {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse category in %s"),
_("Cannot parse category in %1$s"),
cat);
goto cleanup;
}
tmp++;
if (virStrToLong_i(tmp, &tmp, 10, catMin) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse category in %s"),
_("Cannot parse category in %1$s"),
cat);
goto cleanup;
}
@ -493,21 +493,21 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
/* Find & extract category max (if any) */
if (tmp[0] != '.') {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse category in %s"),
_("Cannot parse category in %1$s"),
cat);
goto cleanup;
}
tmp++;
if (tmp[0] != 'c') {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse category in %s"),
_("Cannot parse category in %1$s"),
cat);
goto cleanup;
}
tmp++;
if (virStrToLong_i(tmp, &tmp, 10, catMax) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("Cannot parse category in %s"),
_("Cannot parse category in %1$s"),
cat);
goto cleanup;
}
@ -542,7 +542,7 @@ virSecuritySELinuxContextAddRange(const char *src,
if (context_range_set(dstcon, context_range_get(srccon)) == -1) {
virReportSystemError(errno,
_("unable to set security context range '%s'"), dst);
_("unable to set security context range '%1$s'"), dst);
goto cleanup;
}
@ -580,7 +580,7 @@ virSecuritySELinuxContextSetFromFile(const char *origLabel,
}
if (getfilecon(binaryPath, &binaryCon) < 0) {
virReportSystemError(errno, _("unable to get SELinux context for '%s'"),
virReportSystemError(errno, _("unable to get SELinux context for '%1$s'"),
binaryPath);
return NULL;
}
@ -589,7 +589,7 @@ virSecuritySELinuxContextSetFromFile(const char *origLabel,
string_to_security_class("process"),
&naturalLabel) < 0) {
virReportSystemError(errno,
_("unable create new SELinux label based on label '%s' and file '%s'"),
_("unable create new SELinux label based on label '%1$s' and file '%2$s'"),
origLabel, binaryPath);
return NULL;
}
@ -627,7 +627,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
}
if (!(ourContext = context_new(ourSecContext))) {
virReportSystemError(errno,
_("Unable to parse current SELinux context '%s'"),
_("Unable to parse current SELinux context '%1$s'"),
ourSecContext);
goto cleanup;
}
@ -635,7 +635,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
if (!(context = context_new(basecontext))) {
virReportSystemError(errno,
_("Unable to parse base SELinux context '%s'"),
_("Unable to parse base SELinux context '%1$s'"),
basecontext);
goto cleanup;
}
@ -643,7 +643,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
if (context_user_set(context,
context_user_get(ourContext)) != 0) {
virReportSystemError(errno,
_("Unable to set SELinux context user '%s'"),
_("Unable to set SELinux context user '%1$s'"),
context_user_get(ourContext));
goto cleanup;
}
@ -652,14 +652,14 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
context_role_set(context,
context_role_get(ourContext)) != 0) {
virReportSystemError(errno,
_("Unable to set SELinux context role '%s'"),
_("Unable to set SELinux context role '%1$s'"),
context_role_get(ourContext));
goto cleanup;
}
if (context_range_set(context, mcs) != 0) {
virReportSystemError(errno,
_("Unable to set SELinux context MCS '%s'"),
_("Unable to set SELinux context MCS '%1$s'"),
mcs);
goto cleanup;
}
@ -701,7 +701,7 @@ virSecuritySELinuxLXCInitialize(virSecurityManager *mgr)
if (!data->domain_context) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("missing 'process' value in selinux lxc contexts file '%s'"),
_("missing 'process' value in selinux lxc contexts file '%1$s'"),
selinux_lxc_contexts_path());
goto error;
}
@ -711,7 +711,7 @@ virSecuritySELinuxLXCInitialize(virSecurityManager *mgr)
if (!data->file_context) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("missing 'file' value in selinux lxc contexts file '%s'"),
_("missing 'file' value in selinux lxc contexts file '%1$s'"),
selinux_lxc_contexts_path());
goto error;
}
@ -721,7 +721,7 @@ virSecuritySELinuxLXCInitialize(virSecurityManager *mgr)
if (!data->content_context) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("missing 'content' value in selinux lxc contexts file '%s'"),
_("missing 'content' value in selinux lxc contexts file '%1$s'"),
selinux_lxc_contexts_path());
goto error;
}
@ -757,7 +757,7 @@ virSecuritySELinuxQEMUInitialize(virSecurityManager *mgr)
if (virFileReadAll(selinux_virtual_domain_context_path(), MAX_CONTEXT, &(data->domain_context)) < 0) {
virReportSystemError(errno,
_("cannot read SELinux virtual domain context file '%s'"),
_("cannot read SELinux virtual domain context file '%1$s'"),
selinux_virtual_domain_context_path());
goto error;
}
@ -779,7 +779,7 @@ virSecuritySELinuxQEMUInitialize(virSecurityManager *mgr)
if (virFileReadAll(selinux_virtual_image_context_path(), 2*MAX_CONTEXT, &(data->file_context)) < 0) {
virReportSystemError(errno,
_("cannot read SELinux virtual image context file %s"),
_("cannot read SELinux virtual image context file %1$s"),
selinux_virtual_image_context_path());
goto error;
}
@ -868,7 +868,7 @@ virSecuritySELinuxGenLabel(virSecurityManager *mgr,
if (seclabel->model &&
STRNEQ(seclabel->model, SECURITY_SELINUX_NAME)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label model %s is not supported with selinux"),
_("security label model %1$s is not supported with selinux"),
seclabel->model);
return rc;
}
@ -879,7 +879,7 @@ virSecuritySELinuxGenLabel(virSecurityManager *mgr,
case VIR_DOMAIN_SECLABEL_STATIC:
if (!(ctx = context_new(seclabel->label))) {
virReportSystemError(errno,
_("unable to allocate socket security context '%s'"),
_("unable to allocate socket security context '%1$s'"),
seclabel->label);
return rc;
}
@ -945,7 +945,7 @@ virSecuritySELinuxGenLabel(virSecurityManager *mgr,
case VIR_DOMAIN_SECLABEL_LAST:
default:
virReportError(VIR_ERR_INTERNAL_ERROR,
_("unexpected security label type '%s'"),
_("unexpected security label type '%1$s'"),
virDomainSeclabelTypeToString(seclabel->type));
goto cleanup;
}
@ -1005,7 +1005,7 @@ virSecuritySELinuxReserveLabel(virSecurityManager *mgr,
if (getpidcon_raw(pid, &pctx) == -1) {
virReportSystemError(errno,
_("unable to get PID %d security context"), pid);
_("unable to get PID %1$d security context"), pid);
return -1;
}
@ -1022,7 +1022,7 @@ virSecuritySELinuxReserveLabel(virSecurityManager *mgr,
if (rv == 1) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("MCS level for existing domain label %s already reserved"),
_("MCS level for existing domain label %1$s already reserved"),
(char*)pctx);
goto error;
}
@ -1243,15 +1243,14 @@ virSecuritySELinuxGetProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (getpidcon_raw(pid, &ctx) == -1) {
virReportSystemError(errno,
_("unable to get PID %d security context"),
_("unable to get PID %1$d security context"),
pid);
return -1;
}
if (virStrcpy(sec->label, ctx, VIR_SECURITY_LABEL_BUFLEN) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label exceeds "
"maximum length: %d"),
_("security label exceeds maximum length: %1$d"),
VIR_SECURITY_LABEL_BUFLEN - 1);
freecon(ctx);
return -1;
@ -1313,8 +1312,7 @@ virSecuritySELinuxSetFileconImpl(const char *path,
const char *msg;
if (virFileIsSharedFSType(path, VIR_FILE_SHFS_NFS) == 1 &&
security_get_boolean_active("virt_use_nfs") != 1) {
msg = _("Setting security context '%s' on '%s' not supported. "
"Consider setting virt_use_nfs");
msg = _("Setting security context '%1$s' on '%2$s' not supported. Consider setting virt_use_nfs");
if (security_getenforce() == 1)
VIR_WARN(msg, tcon, path);
else
@ -1332,7 +1330,7 @@ virSecuritySELinuxSetFileconImpl(const char *path,
(security_getenforce() == 1 &&
(setfilecon_errno != EPERM || privileged))) {
virReportSystemError(setfilecon_errno,
_("unable to set security context '%s' on '%s'"),
_("unable to set security context '%1$s' on '%2$s'"),
tcon, path);
return -1;
}
@ -1369,7 +1367,7 @@ virSecuritySELinuxSetFilecon(virSecurityManager *mgr,
if (getfilecon_raw(path, &econ) < 0 &&
errno != ENOTSUP && errno != ENODATA) {
virReportSystemError(errno,
_("unable to get SELinux context of %s"),
_("unable to get SELinux context of %1$s"),
path);
goto cleanup;
}
@ -1391,8 +1389,8 @@ virSecuritySELinuxSetFilecon(virSecurityManager *mgr,
* incremented in XATTRs so decrease it. */
if (STRNEQ(econ, tcon)) {
virReportError(VIR_ERR_OPERATION_INVALID,
_("Setting different SELinux label on %s "
"which is already in use"), path);
_("Setting different SELinux label on %1$s which is already in use"),
path);
goto cleanup;
}
}
@ -1448,7 +1446,7 @@ virSecuritySELinuxFSetFilecon(int fd, char *tcon)
*/
if (fsetfilecon_errno != EOPNOTSUPP) {
virReportSystemError(fsetfilecon_errno,
_("unable to set security context '%s' on fd %d"),
_("unable to set security context '%1$s' on fd %2$d"),
tcon, fd);
if (security_getenforce() == 1)
return -1;
@ -2979,9 +2977,7 @@ virSecuritySELinuxVerify(virSecurityManager *mgr G_GNUC_UNUSED,
if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"'%s' model configured for domain, but "
"hypervisor driver is '%s'."),
_("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
secdef->model, SECURITY_SELINUX_NAME);
return -1;
}
@ -2989,7 +2985,7 @@ virSecuritySELinuxVerify(virSecurityManager *mgr G_GNUC_UNUSED,
if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC) {
if (security_check_context(secdef->label) != 0) {
virReportError(VIR_ERR_XML_ERROR,
_("Invalid security label %s"), secdef->label);
_("Invalid security label %1$s"), secdef->label);
return -1;
}
}
@ -3010,9 +3006,7 @@ virSecuritySELinuxSetProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
VIR_DEBUG("label=%s", secdef->label);
if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"'%s' model configured for domain, but "
"hypervisor driver is '%s'."),
_("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
secdef->model, SECURITY_SELINUX_NAME);
if (security_getenforce() == 1)
return -1;
@ -3020,7 +3014,7 @@ virSecuritySELinuxSetProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (setexeccon_raw(secdef->label) == -1) {
virReportSystemError(errno,
_("unable to set security context '%s'"),
_("unable to set security context '%1$s'"),
secdef->label);
if (security_getenforce() == 1)
return -1;
@ -3047,9 +3041,7 @@ virSecuritySELinuxSetChildProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
VIR_DEBUG("label=%s", secdef->label);
if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"'%s' model configured for domain, but "
"hypervisor driver is '%s'."),
_("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
secdef->model, SECURITY_SELINUX_NAME);
if (security_getenforce() == 1)
return -1;
@ -3098,16 +3090,14 @@ virSecuritySELinuxSetDaemonSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"'%s' model configured for domain, but "
"hypervisor driver is '%s'."),
_("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
secdef->model, SECURITY_SELINUX_NAME);
goto done;
}
if (getcon_raw(&scon) == -1) {
virReportSystemError(errno,
_("unable to get current process context '%s'"),
_("unable to get current process context '%1$s'"),
secdef->label);
goto done;
}
@ -3118,7 +3108,7 @@ virSecuritySELinuxSetDaemonSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
VIR_DEBUG("Setting VM %s socket context %s", def->name, str);
if (setsockcreatecon_raw(str) == -1) {
virReportSystemError(errno,
_("unable to set socket security context '%s'"), str);
_("unable to set socket security context '%1$s'"), str);
goto done;
}
@ -3145,9 +3135,7 @@ virSecuritySELinuxSetSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"'%s' model configured for domain, but "
"hypervisor driver is '%s'."),
_("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
secdef->model, SECURITY_SELINUX_NAME);
goto done;
}
@ -3156,7 +3144,7 @@ virSecuritySELinuxSetSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
vm->name, secdef->label);
if (setsockcreatecon_raw(secdef->label) == -1) {
virReportSystemError(errno,
_("unable to set socket security context '%s'"),
_("unable to set socket security context '%1$s'"),
secdef->label);
goto done;
}
@ -3183,9 +3171,7 @@ virSecuritySELinuxClearSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("security label driver mismatch: "
"'%s' model configured for domain, but "
"hypervisor driver is '%s'."),
_("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
secdef->model, SECURITY_SELINUX_NAME);
if (security_getenforce() == 1)
return -1;
@ -3193,7 +3179,7 @@ virSecuritySELinuxClearSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
if (setsockcreatecon_raw(NULL) == -1) {
virReportSystemError(errno,
_("unable to clear socket security context '%s'"),
_("unable to clear socket security context '%1$s'"),
secdef->label);
if (security_getenforce() == 1)
return -1;
@ -3405,13 +3391,13 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManager *mgr,
return 0;
if (fstat(fd, &buf) < 0) {
virReportSystemError(errno, _("cannot stat tap fd %d"), fd);
virReportSystemError(errno, _("cannot stat tap fd %1$d"), fd);
goto cleanup;
}
if ((buf.st_mode & S_IFMT) != S_IFCHR) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("tap fd %d is not character device"), fd);
_("tap fd %1$d is not character device"), fd);
goto cleanup;
}
@ -3420,7 +3406,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManager *mgr,
if (virFileResolveLink(proc, &fd_path) < 0) {
virReportSystemError(errno,
_("Unable to resolve link: %s"), proc);
_("Unable to resolve link: %1$s"), proc);
goto cleanup;
}
@ -3433,7 +3419,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManager *mgr,
if (getContext(mgr, fd_path, buf.st_mode, &fcon) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("cannot lookup default selinux label for tap fd %d"), fd);
_("cannot lookup default selinux label for tap fd %1$d"), fd);
goto cleanup;
}
@ -3469,7 +3455,7 @@ virSecuritySELinuxGenImageLabel(virSecurityManager *mgr,
if (secdef->label) {
ctx = context_new(secdef->label);
if (!ctx) {
virReportSystemError(errno, _("unable to create selinux context for: %s"),
virReportSystemError(errno, _("unable to create selinux context for: %1$s"),
secdef->label);
goto cleanup;
}
@ -3599,7 +3585,7 @@ virSecuritySELinuxSetFileLabels(virSecurityManager *mgr,
break;
}
if (ret < 0)
virReportSystemError(errno, _("Unable to label files under %s"),
virReportSystemError(errno, _("Unable to label files under %1$s"),
path);
return ret;
@ -3642,7 +3628,7 @@ virSecuritySELinuxRestoreFileLabels(virSecurityManager *mgr,
break;
}
if (ret < 0)
virReportSystemError(errno, _("Unable to restore file labels under %s"),
virReportSystemError(errno, _("Unable to restore file labels under %1$s"),
path);
return ret;

16
src/security/security_util.c
View File

@ -183,7 +183,7 @@ virSecurityValidateTimestamp(const char *name,
return -2;
} else if (errno != ENODATA) {
virReportSystemError(errno,
_("Unable to get XATTR %s on %s"),
_("Unable to get XATTR %1$s on %2$s"),
timestamp_name,
path);
return -1;
@ -290,7 +290,7 @@ virSecurityGetRememberedLabel(const char *name,
return -2;
virReportSystemError(errno,
_("Unable to get XATTR %s on %s"),
_("Unable to get XATTR %1$s on %2$s"),
ref_name,
path);
return -1;
@ -312,7 +312,7 @@ virSecurityGetRememberedLabel(const char *name,
if (virStrToLong_ui(value, NULL, 10, &refcount) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("malformed refcount %s on %s"),
_("malformed refcount %1$s on %2$s"),
value, path);
return -1;
}
@ -388,7 +388,7 @@ virSecuritySetRememberedLabel(const char *name,
return -2;
} else if (errno != ENODATA) {
virReportSystemError(errno,
_("Unable to get XATTR %s on %s"),
_("Unable to get XATTR %1$s on %2$s"),
ref_name,
path);
return -1;
@ -412,7 +412,7 @@ virSecuritySetRememberedLabel(const char *name,
if (value &&
virStrToLong_ui(value, NULL, 10, &refcount) < 0) {
virReportError(VIR_ERR_INTERNAL_ERROR,
_("malformed refcount %s on %s"),
_("malformed refcount %1$s on %2$s"),
value, path);
return -1;
}
@ -479,7 +479,7 @@ virSecurityMoveRememberedLabel(const char *name,
return -2;
} else if (errno != ENODATA) {
virReportSystemError(errno,
_("Unable to get XATTR %s on %s"),
_("Unable to get XATTR %1$s on %2$s"),
ref_name, src);
return -1;
}
@ -490,7 +490,7 @@ virSecurityMoveRememberedLabel(const char *name,
return -2;
} else if (errno != ENODATA) {
virReportSystemError(errno,
_("Unable to get XATTR %s on %s"),
_("Unable to get XATTR %1$s on %2$s"),
attr_name, src);
return -1;
}
@ -501,7 +501,7 @@ virSecurityMoveRememberedLabel(const char *name,
return -2;
} else if (errno != ENODATA) {
virReportSystemError(errno,
_("Unable to get XATTR %s on %s"),
_("Unable to get XATTR %1$s on %2$s"),
attr_name, src);
return -1;
}

10
src/security/virt-aa-helper.c
View File

@ -96,7 +96,7 @@ vahDeinit(vahControl * ctl)
static void
vah_usage(void)
{
printf(_("\n%s mode [options] [extra file] [< def.xml]\n\n"
printf(_("\n%1$s mode [options] [extra file] [< def.xml]\n\n"
" Modes:\n"
" -a | --add load profile\n"
" -c | --create create profile from template\n"
@ -120,7 +120,7 @@ vah_usage(void)
static void
vah_error(vahControl * ctl, int doexit, const char *str)
{
fprintf(stderr, _("%s: error: %s%c"), progname, str, '\n');
fprintf(stderr, _("%1$s: error: %2$s%3$c"), progname, str, '\n');
if (doexit) {
if (ctl != NULL)
@ -132,13 +132,13 @@ vah_error(vahControl * ctl, int doexit, const char *str)
static void
vah_warning(const char *str)
{
fprintf(stderr, _("%s: warning: %s%c"), progname, str, '\n');
fprintf(stderr, _("%1$s: warning: %2$s%3$c"), progname, str, '\n');
}
static void
vah_info(const char *str)
{
fprintf(stderr, _("%s:\n%s%c"), progname, str, '\n');
fprintf(stderr, _("%1$s:\n%2$s%3$c"), progname, str, '\n');
}
/*
@ -1442,7 +1442,7 @@ main(int argc, char **argv)
if (virGettextInitialize() < 0 ||
virErrorInitialize() < 0) {
fprintf(stderr, _("%s: initialization failed\n"), argv[0]);
fprintf(stderr, _("%1$s: initialization failed\n"), argv[0]);
exit(EXIT_FAILURE);
}