mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2024-12-24 14:45:24 +00:00
virt-aa-helper should not fail if profile was removed
Don't exit with error if the user unloaded the profile outside of libvirt * src/security/virt-aa-helper.c: check the exit error from apparmor_parser before exiting with a failure
This commit is contained in:
parent
e68792c112
commit
ba32e11d41
@ -182,6 +182,8 @@ parserCommand(const char *profile_name, const char cmd)
|
||||
{
|
||||
char flag[3];
|
||||
char profile[PATH_MAX];
|
||||
int status;
|
||||
int ret;
|
||||
|
||||
if (strchr("arR", cmd) == NULL) {
|
||||
vah_error(NULL, 0, "invalid flag");
|
||||
@ -203,9 +205,17 @@ parserCommand(const char *profile_name, const char cmd)
|
||||
const char * const argv[] = {
|
||||
"/sbin/apparmor_parser", flag, profile, NULL
|
||||
};
|
||||
if (virRun(argv, NULL) != 0) {
|
||||
vah_error(NULL, 0, "failed to run apparmor_parser");
|
||||
return -1;
|
||||
if ((ret = virRun(argv, &status)) != 0 ||
|
||||
(WIFEXITED(status) && WEXITSTATUS(status) != 0)) {
|
||||
if (ret != 0) {
|
||||
vah_error(NULL, 0, "failed to run apparmor_parser");
|
||||
return -1;
|
||||
} else if (cmd == 'R' && WIFEXITED(status) && WEXITSTATUS(status) == 234) {
|
||||
vah_warning("unable to unload already unloaded profile (non-fatal)");
|
||||
} else {
|
||||
vah_error(NULL, 0, "apparmor_parser exited with error");
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user