[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [libvirt] [PATCH] 2/10 AppArmor driver updates



On Mon, 2010-04-05 at 16:15 -0500, Jamie Strandboge wrote:

> 2_apparmor-remove-unloaded-profile-is-not-fatal.patch: Don't exit with
> error if the user unloaded the profile outside of libvirt[2]



-- 
Jamie Strandboge             | http://www.canonical.com
Description: Don't exit with error if the user unloaded the profile outside of
 libvirt
Author: Jamie Strandboge <jamie canonical com>
Bug-Ubuntu: https://launchpad.net/ubuntu/bugs/530400

Index: libvirt-0.7.7/src/security/virt-aa-helper.c
===================================================================
--- libvirt-0.7.7.orig/src/security/virt-aa-helper.c	2010-03-05 09:45:23.000000000 -0600
+++ libvirt-0.7.7/src/security/virt-aa-helper.c	2010-03-24 13:13:43.000000000 -0500
@@ -182,6 +182,8 @@
 {
     char flag[3];
     char profile[PATH_MAX];
+    int status;
+    int ret;
 
     if (strchr("arR", cmd) == NULL) {
         vah_error(NULL, 0, "invalid flag");
@@ -203,9 +205,17 @@
         const char * const argv[] = {
             "/sbin/apparmor_parser", flag, profile, NULL
         };
-        if (virRun(argv, NULL) != 0) {
-            vah_error(NULL, 0, "failed to run apparmor_parser");
-            return -1;
+        if ((ret = virRun(argv, &status)) != 0 ||
+            (WIFEXITED(status) && WEXITSTATUS(status) != 0)) {
+            if (ret != 0) {
+                vah_error(NULL, 0, "failed to run apparmor_parser");
+                return -1;
+            } else if (cmd == 'R' && WIFEXITED(status) && WEXITSTATUS(status) == 234) {
+                vah_warning("unable to unload already unloaded profile (non-fatal)");
+            } else {
+                vah_error(NULL, 0, "apparmor_parser exited with error");
+                return -1;
+            }
         }
     }
 

Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]