On Thu, 2019-02-28 at 23:00 +0100, Petr Vorel wrote: > > + local keypair1="$2" > > + local keypair2="$3" > > + > > + mount_securityfs > > + > > + local ima_policy=$SECURITYFS/ima/policy > > + if [ ! -e $ima_policy ]; then > > + log_fail "$ima_policy not found" > > + fi > > + > > + if [ -n $keypair2 ]; then > > + grep -e "^$action.*$keypair1" "$ima_policy" | \ > > + grep -q -e "$keypair2" > > + else > > + grep -q -e "^$action.*$keypair1" "$ima_policy" > > + fi > > + > > + [ $? -eq 0 ] && ret=1 || ret=0 > > + return $ret > return $? is enough here (+ ret was not defined as local and mixing tabs with > spaces)
"grep -q" exits with zero if any match is found. This line inverts the result so that 1 is returned for found. v3 will make "ret" local and fix the tabs/spaces. Mimi
