mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-03-07 17:28:15 +00:00
apparmor: refactor AppArmorSetSecurityImageLabel
A lot of the code in AppArmorSetSecurityImageLabel is a duplicate of what is in reload_profile, this refactors AppArmorSetSecurityImageLabel to use reload_profile instead. Reviewed-by: Cole Robinson <crobinso@redhat.com> Acked-by: Jamie Strandboge <jamie@canonical.com> Signed-off-by: Christian Ehrhardt <christian.ehrhardt@canonical.com>
This commit is contained in:
parent
70cf0af7bf
commit
9714f270f1
@ -778,8 +778,6 @@ AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
virStorageSourcePtr src,
|
||||
virSecurityDomainImageLabelFlags flags G_GNUC_UNUSED)
|
||||
{
|
||||
int rc = -1;
|
||||
char *profile_name = NULL;
|
||||
virSecurityLabelDefPtr secdef;
|
||||
|
||||
if (!src->path || !virStorageSourceIsLocalStorage(src))
|
||||
@ -789,36 +787,18 @@ AppArmorSetSecurityImageLabel(virSecurityManagerPtr mgr,
|
||||
if (!secdef || !secdef->relabel)
|
||||
return 0;
|
||||
|
||||
if (secdef->imagelabel) {
|
||||
/* if the device doesn't exist, error out */
|
||||
if (!virFileExists(src->path)) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("\'%s\' does not exist"),
|
||||
src->path);
|
||||
return -1;
|
||||
}
|
||||
if (!secdef->imagelabel)
|
||||
return 0;
|
||||
|
||||
if ((profile_name = get_profile_name(def)) == NULL)
|
||||
return -1;
|
||||
|
||||
/* update the profile only if it is loaded */
|
||||
if (profile_loaded(secdef->imagelabel) >= 0) {
|
||||
if (load_profile(mgr, secdef->imagelabel, def,
|
||||
src->path, false) < 0) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("cannot update AppArmor profile "
|
||||
"\'%s\'"),
|
||||
secdef->imagelabel);
|
||||
goto cleanup;
|
||||
}
|
||||
}
|
||||
/* if the device doesn't exist, error out */
|
||||
if (!virFileExists(src->path)) {
|
||||
virReportError(VIR_ERR_INTERNAL_ERROR,
|
||||
_("\'%s\' does not exist"),
|
||||
src->path);
|
||||
return -1;
|
||||
}
|
||||
rc = 0;
|
||||
|
||||
cleanup:
|
||||
VIR_FREE(profile_name);
|
||||
|
||||
return rc;
|
||||
return reload_profile(mgr, def, src->path, false);
|
||||
}
|
||||
|
||||
static int
|
||||
|
Loading…
x
Reference in New Issue
Block a user