TODO: drop implemented entry

[thirdparty/systemd.git] / src / core / smack-setup.c

diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c
index 79c480847340bedac6b4cc058e67db4346386451..7ea902b6f9cb59e0c3c1dcf8057cd08f63ebe698 100644 (file)
--- a/src/core/smack-setup.c
+++ b/src/core/smack-setup.c
@@ -11,6 +11,8 @@
 #include <stdlib.h>
 #include <unistd.h>
 
+#include "sd-messages.h"
+
 #include "alloc-util.h"
 #include "dirent-util.h"
 #include "fd-util.h"
@@ -19,7 +21,6 @@
 #include "macro.h"
 #include "smack-setup.h"
 #include "string-util.h"
-#include "util.h"
 
 #if ENABLE_SMACK
 
@@ -49,10 +50,9 @@ static int fdopen_unlocked_at(int dfd, const char *dir, const char *name, int *s
 }
 
 static int write_access2_rules(const char *srcdir) {
-        _cleanup_close_ int load2_fd = -1, change_fd = -1;
+        _cleanup_close_ int load2_fd = -EBADF, change_fd = -EBADF;
         _cleanup_closedir_ DIR *dir = NULL;
-        struct dirent *entry;
-        int dfd = -1, r = 0;
+        int dfd = -EBADF, r = 0;
 
         load2_fd = open("/sys/fs/smackfs/load2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
         if (load2_fd < 0)  {
@@ -122,10 +122,9 @@ static int write_access2_rules(const char *srcdir) {
 }
 
 static int write_cipso2_rules(const char *srcdir) {
-        _cleanup_close_ int cipso2_fd = -1;
+        _cleanup_close_ int cipso2_fd = -EBADF;
         _cleanup_closedir_ DIR *dir = NULL;
-        struct dirent *entry;
-        int dfd = -1, r = 0;
+        int dfd = -EBADF, r = 0;
 
         cipso2_fd = open("/sys/fs/smackfs/cipso2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
         if (cipso2_fd < 0)  {
@@ -184,8 +183,7 @@ static int write_cipso2_rules(const char *srcdir) {
 static int write_netlabel_rules(const char *srcdir) {
         _cleanup_fclose_ FILE *dst = NULL;
         _cleanup_closedir_ DIR *dir = NULL;
-        struct dirent *entry;
-        int dfd = -1, r = 0;
+        int dfd = -EBADF, r = 0;
 
         dst = fopen("/sys/fs/smackfs/netlabel", "we");
         if (!dst)  {
@@ -242,7 +240,7 @@ static int write_netlabel_rules(const char *srcdir) {
 }
 
 static int write_onlycap_list(void) {
-        _cleanup_close_ int onlycap_fd = -1;
+        _cleanup_close_ int onlycap_fd = -EBADF;
         _cleanup_free_ char *list = NULL;
         _cleanup_fclose_ FILE *f = NULL;
         size_t len = 0;
@@ -307,7 +305,7 @@ int mac_smack_setup(bool *loaded_policy) {
         assert(loaded_policy);
 
         r = write_access2_rules("/etc/smack/accesses.d/");
-        switch(r) {
+        switch (r) {
         case -ENOENT:
                 log_debug("Smack is not enabled in the kernel.");
                 return 0;
@@ -322,7 +320,7 @@ int mac_smack_setup(bool *loaded_policy) {
                 return 0;
         }
 
-#ifdef SMACK_RUN_LABEL
+#if HAVE_SMACK_RUN_LABEL
         r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL, WRITE_STRING_FILE_DISABLE_BUFFER);
         if (r < 0)
                 log_warning_errno(r, "Failed to set SMACK label \"" SMACK_RUN_LABEL "\" on self: %m");
@@ -339,7 +337,7 @@ int mac_smack_setup(bool *loaded_policy) {
 #endif
 
         r = write_cipso2_rules("/etc/smack/cipso.d/");
-        switch(r) {
+        switch (r) {
         case -ENOENT:
                 log_debug("Smack/CIPSO is not enabled in the kernel.");
                 return 0;
@@ -355,7 +353,7 @@ int mac_smack_setup(bool *loaded_policy) {
         }
 
         r = write_netlabel_rules("/etc/smack/netlabel.d/");
-        switch(r) {
+        switch (r) {
         case -ENOENT:
                 log_debug("Smack/CIPSO is not enabled in the kernel.");
                 return 0;
@@ -371,7 +369,7 @@ int mac_smack_setup(bool *loaded_policy) {
         }
 
         r = write_onlycap_list();
-        switch(r) {
+        switch (r) {
         case -ENOENT:
                 log_debug("Smack is not enabled in the kernel.");
                 break;
@@ -382,7 +380,9 @@ int mac_smack_setup(bool *loaded_policy) {
                 log_info("Successfully wrote Smack onlycap list.");
                 break;
         default:
-                return log_emergency_errno(r, "Failed to write Smack onlycap list: %m");
+                return log_struct_errno(LOG_EMERG, r,
+                                        LOG_MESSAGE("Failed to write Smack onlycap list: %m"),
+                                        "MESSAGE_ID=" SD_MESSAGE_SMACK_FAILED_WRITE_STR);
         }
 
         *loaded_policy = true;