};
/*
- * profile_status returns '-1' on error, '0' if loaded
+ * profile_status returns '-2' on error, '-1' if not loaded, '0' if loaded
*
- * If check_enforcing is set to '1', then returns '-1' on error, '0' if
- * loaded in complain mode, and '1' if loaded in enforcing mode.
+ * If check_enforcing is set to '1', then returns '-2' on error, '-1' if
+ * not loaded, '0' if loaded in complain mode, and '1' if loaded in
+ * enforcing mode.
*/
static int
profile_status(const char *str, const int check_enforcing)
char *content = NULL;
char *tmp = NULL;
char *etmp = NULL;
- int rc = -1;
+ int rc = -2;
/* create string that is '<str> \0' for accurate matching */
if (virAsprintf(&tmp, "%s ", str) == -1)
if (strstr(content, tmp) != NULL)
rc = 0;
+ else
+ rc = -1; /* return -1 if not loaded */
if (check_enforcing != 0) {
if (rc == 0 && strstr(content, etmp) != NULL)
rc = 1; /* return '1' if loaded and enforcing */
goto cleanup;
rc = profile_status(libvirt_daemon, 1);
+ /* Error or unconfined should all result in -1*/
+ if (rc < 0)
+ rc = -1;
cleanup:
VIR_FREE(libvirt_daemon);
virSecurityLabelPtr sec)
{
int rc = -1;
+ int status;
char *profile_name = NULL;
if ((profile_name = get_profile_name(def)) == NULL)
return rc;
- if (virStrcpy(sec->label, profile_name,
- VIR_SECURITY_LABEL_BUFLEN) == NULL) {
+ status = profile_status(profile_name, 1);
+ if (status < -1) {
virReportError(VIR_ERR_INTERNAL_ERROR,
- "%s", _("error copying profile name"));
+ "%s", _("error getting profile status"));
goto cleanup;
+ } else if (status == -1) {
+ profile_name[0] = '\0';
}
- if ((sec->enforcing = profile_status(profile_name, 1)) < 0) {
+ if (virStrcpy(sec->label, profile_name,
+ VIR_SECURITY_LABEL_BUFLEN) == NULL) {
virReportError(VIR_ERR_INTERNAL_ERROR,
- "%s", _("error calling profile_status()"));
+ "%s", _("error copying profile name"));
goto cleanup;
}
+
+ sec->enforcing = status == 1;
rc = 0;
cleanup:
projects / thirdparty / libvirt.git / commitdiff
