Christian reported that `apparmor_parser -r /file/not/found` returns 0 indicating that the profile was loaded as expected even though /file/not/found does not exist in the filesystem. This patch ensures that a non-zero error code is returned when a specified file or directory is not found, can't be opened for reading, etc.
Signed-off-by: Tyler Hicks <[email protected]> Tested-by: Christian Boltz <[email protected]> Acked-by: John Johansen <[email protected]> --- parser/lib.c | 3 +++ parser/parser_main.c | 2 ++ 2 files changed, 5 insertions(+) diff --git a/parser/lib.c b/parser/lib.c index 11c2210..053765e 100644 --- a/parser/lib.c +++ b/parser/lib.c @@ -16,6 +16,7 @@ * Ltd. */ +#include <errno.h> #include <string.h> #include <sys/stat.h> @@ -32,10 +33,12 @@ int dirat_for_each(int dirfd, const char *name, void *data, int (* cb)(int, const char *, struct stat *, void *)) { int retval = _aa_dirat_for_each(dirfd, name, data, cb); + int save = errno; if (retval) PDEBUG("dirat_for_each failed: %m\n"); + errno = save; return retval; } diff --git a/parser/parser_main.c b/parser/parser_main.c index 80c243d..8f1af4f 100644 --- a/parser/parser_main.c +++ b/parser/parser_main.c @@ -1159,6 +1159,7 @@ int main(int argc, char *argv[]) continue; if (profilename && stat(profilename, &stat_file) == -1) { + last_error = errno; PERROR("File %s not found, skipping...\n", profilename); continue; } @@ -1175,6 +1176,7 @@ int main(int argc, char *argv[]) cb = binary_input ? binary_dir_cb : profile_dir_cb; if ((retval = dirat_for_each(AT_FDCWD, profilename, &cb_data, cb))) { + last_error = errno; PDEBUG("Failed loading profiles from %s\n", profilename); } -- 2.7.4 -- AppArmor mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
