#include "alloc-util.h"
#include "dirent-util.h"
+#include "errno-util.h"
#include "fd-util.h"
#include "fileio.h"
#include "log.h"
static int write_access2_rules(const char *srcdir) {
_cleanup_close_ int load2_fd = -EBADF, change_fd = -EBADF;
_cleanup_closedir_ DIR *dir = NULL;
- int dfd = -EBADF, r = 0;
+ int dfd, r;
- load2_fd = open("/sys/fs/smackfs/load2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
- if (load2_fd < 0) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/load2");
- return -errno; /* negative error */
+ load2_fd = r = RET_NERRNO(open("/sys/fs/smackfs/load2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY));
+ if (r < 0) {
+ if (r != -ENOENT)
+ log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/load2");
+ return r;
}
- change_fd = open("/sys/fs/smackfs/change-rule", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
- if (change_fd < 0) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/change-rule");
- return -errno; /* negative error */
+ change_fd = r = RET_NERRNO(open("/sys/fs/smackfs/change-rule", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY));
+ if (r < 0) {
+ if (r != -ENOENT)
+ log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/change-rule");
+ return r;
}
/* write rules to load2 or change-rule from every file in the directory */
dfd = dirfd(dir);
assert(dfd >= 0);
+ r = 0;
FOREACH_DIRENT(entry, dir, return 0) {
_cleanup_fclose_ FILE *policy = NULL;
continue;
}
- if (write(isempty(acc2) ? load2_fd : change_fd, buf, strlen(buf)) < 0) {
- if (r == 0)
- r = -errno;
- log_error_errno(errno, "%s/%s: failed to write '%s' to '%s': %m",
+ q = RET_NERRNO(write(isempty(acc2) ? load2_fd : change_fd, buf, strlen(buf)));
+ if (q < 0) {
+ log_error_errno(q, "%s/%s: failed to write '%s' to '%s': %m",
srcdir, entry->d_name,
buf, isempty(acc2) ? "/sys/fs/smackfs/load2" : "/sys/fs/smackfs/change-rule");
+ RET_GATHER(r, q);
}
}
}
static int write_cipso2_rules(const char *srcdir) {
_cleanup_close_ int cipso2_fd = -EBADF;
_cleanup_closedir_ DIR *dir = NULL;
- int dfd = -EBADF, r = 0;
+ int dfd, r;
- cipso2_fd = open("/sys/fs/smackfs/cipso2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
- if (cipso2_fd < 0) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/cipso2");
- return -errno; /* negative error */
+ cipso2_fd = r = RET_NERRNO(open("/sys/fs/smackfs/cipso2", O_RDWR|O_CLOEXEC|O_NONBLOCK|O_NOCTTY));
+ if (r < 0) {
+ if (r != -ENOENT)
+ log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/cipso2");
+ return r;
}
/* write rules to cipso2 from every file in the directory */
dfd = dirfd(dir);
assert(dfd >= 0);
+ r = 0;
FOREACH_DIRENT(entry, dir, return 0) {
_cleanup_fclose_ FILE *policy = NULL;
if (isempty(buf) || strchr(COMMENTS, buf[0]))
continue;
- if (write(cipso2_fd, buf, strlen(buf)) < 0) {
- if (r == 0)
- r = -errno;
- log_error_errno(errno, "%s/%s: failed to write '%s' to %s: %m",
+ q = RET_NERRNO(write(cipso2_fd, buf, strlen(buf)));
+ if (q < 0) {
+ log_error_errno(q, "%s/%s: failed to write '%s' to %s: %m",
srcdir, entry->d_name,
buf, "/sys/fs/smackfs/cipso2");
+ RET_GATHER(r, q);
break;
}
}
static int write_netlabel_rules(const char *srcdir) {
_cleanup_fclose_ FILE *dst = NULL;
_cleanup_closedir_ DIR *dir = NULL;
- int dfd = -EBADF, r = 0;
+ int dfd, r;
dst = fopen("/sys/fs/smackfs/netlabel", "we");
if (!dst) {
dfd = dirfd(dir);
assert(dfd >= 0);
+ r = 0;
FOREACH_DIRENT(entry, dir, return 0) {
_cleanup_fclose_ FILE *policy = NULL;
break;
if (!fputs(buf, dst)) {
- if (r == 0)
- r = -EINVAL;
log_error_errno(errno, "Failed to write line to %s: %m", "/sys/fs/smackfs/netlabel");
+ RET_GATHER(r, -errno);
break;
}
q = fflush_and_check(dst);
if (q < 0) {
- if (r == 0)
- r = q;
log_error_errno(q, "Failed to flush %s: %m", "/sys/fs/smackfs/netlabel");
+ RET_GATHER(r, q);
break;
}
}
list[len - 1] = 0;
- onlycap_fd = open("/sys/fs/smackfs/onlycap", O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY);
- if (onlycap_fd < 0) {
- if (errno != ENOENT)
- log_warning_errno(errno, "Failed to open %s: %m", "/sys/fs/smackfs/onlycap");
- return -errno; /* negative error */
+ onlycap_fd = r = RET_NERRNO(open("/sys/fs/smackfs/onlycap", O_WRONLY|O_CLOEXEC|O_NONBLOCK|O_NOCTTY));
+ if (r < 0) {
+ if (r != -ENOENT)
+ log_warning_errno(r, "Failed to open %s: %m", "/sys/fs/smackfs/onlycap");
+ return r;
}
- r = write(onlycap_fd, list, len);
+ r = RET_NERRNO(write(onlycap_fd, list, len));
if (r < 0)
- return log_error_errno(errno, "%s: failed to write onlycap list(%s): %m",
+ return log_error_errno(r, "%s: failed to write onlycap list(%s): %m",
"/sys/fs/smackfs/onlycap", list);
return 0;
int mac_smack_setup(bool *loaded_policy) {
#if ENABLE_SMACK
-
int r;
assert(loaded_policy);
projects / thirdparty / systemd.git / commitdiff
