On Mon, 2010-04-05 at 16:15 -0500, Jamie Strandboge wrote: > 2_apparmor-remove-unloaded-profile-is-not-fatal.patch: Don't exit with > error if the user unloaded the profile outside of libvirt[2] -- Jamie Strandboge | http://www.canonical.com
Description: Don't exit with error if the user unloaded the profile outside of libvirt Author: Jamie Strandboge <jamie@xxxxxxxxxxxxx> Bug-Ubuntu: https://launchpad.net/ubuntu/bugs/530400 Index: libvirt-0.7.7/src/security/virt-aa-helper.c =================================================================== --- libvirt-0.7.7.orig/src/security/virt-aa-helper.c 2010-03-05 09:45:23.000000000 -0600 +++ libvirt-0.7.7/src/security/virt-aa-helper.c 2010-03-24 13:13:43.000000000 -0500 @@ -182,6 +182,8 @@ { char flag[3]; char profile[PATH_MAX]; + int status; + int ret; if (strchr("arR", cmd) == NULL) { vah_error(NULL, 0, "invalid flag"); @@ -203,9 +205,17 @@ const char * const argv[] = { "/sbin/apparmor_parser", flag, profile, NULL }; - if (virRun(argv, NULL) != 0) { - vah_error(NULL, 0, "failed to run apparmor_parser"); - return -1; + if ((ret = virRun(argv, &status)) != 0 || + (WIFEXITED(status) && WEXITSTATUS(status) != 0)) { + if (ret != 0) { + vah_error(NULL, 0, "failed to run apparmor_parser"); + return -1; + } else if (cmd == 'R' && WIFEXITED(status) && WEXITSTATUS(status) == 234) { + vah_warning("unable to unload already unloaded profile (non-fatal)"); + } else { + vah_error(NULL, 0, "apparmor_parser exited with error"); + return -1; + } } }
Attachment:
signature.asc
Description: This is a digitally signed message part
-- libvir-list mailing list libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list