Currently there is no way to remove the profile file. This commit provides this functionality (required for next commit). Signed-off-by: Ioanna Alifieraki <ioanna-maria.alifieraki@xxxxxxxxxxxxx> --- src/security/virt-aa-helper.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c index 269c372704..5ec0fb8807 100644 --- a/src/security/virt-aa-helper.c +++ b/src/security/virt-aa-helper.c @@ -101,6 +101,7 @@ vah_usage(void) " -a | --add load profile\n" " -c | --create create profile from template\n" " -D | --delete unload profile and delete generated rules\n" + " -P | --purge purge profile\n" " -r | --replace reload profile\n" " -R | --remove unload profile\n" " Options:\n" @@ -1361,13 +1362,14 @@ vahParseArgv(vahControl * ctl, int argc, char **argv) {"add-file", 0, 0, 'f'}, {"append-file", 0, 0, 'F'}, {"help", 0, 0, 'h'}, + {"purge", 0, 0, 'P'}, {"replace", 0, 0, 'r'}, {"remove", 0, 0, 'R'}, {"uuid", 1, 0, 'u'}, {0, 0, 0, 0} }; - while ((arg = getopt_long(argc, argv, "acdDhrRH:b:u:p:f:F:", opt, + while ((arg = getopt_long(argc, argv, "acdDhPrRH:b:u:p:f:F:", opt, &idx)) != -1) { switch (arg) { case 'a': @@ -1391,6 +1393,9 @@ vahParseArgv(vahControl * ctl, int argc, char **argv) vah_usage(); exit(EXIT_SUCCESS); break; + case 'P': + ctl->cmd = 'P'; + break; case 'r': ctl->cmd = 'r'; break; @@ -1456,7 +1461,7 @@ static int create_profile(vahControl *ctl, char *profile, char *include_file) return rc; } -static int remove_profile(vahControl *ctl, char *include_file) +static int remove_profile(vahControl *ctl, char *profile, char *include_file) { int rc = 0; @@ -1464,6 +1469,8 @@ static int remove_profile(vahControl *ctl, char *include_file) return rc; if (ctl->cmd == 'D') unlink(include_file); + if (ctl->cmd == 'P') + unlink(profile); return rc; } @@ -1519,7 +1526,7 @@ main(int argc, char **argv) if (ctl->cmd == 'a') { rc = parserLoad(ctl->uuid); } else if (ctl->cmd == 'R' || ctl->cmd == 'D') { - rc = remove_profile(ctl, include_file); + rc = remove_profile(ctl, profile, include_file); } else if (ctl->cmd == 'c' || ctl->cmd == 'r') { char *included_files = NULL; g_auto(virBuffer) buf = VIR_BUFFER_INITIALIZER; -- 2.17.1