[apparmor] aa-enabled

John Johansen john.johansen at canonical.com
Wed Nov 25 05:44:05 UTC 2015 

On 11/24/2015 08:55 PM, Seth Arnold wrote:
> On Tue, Nov 24, 2015 at 04:14:27PM -0800, John Johansen wrote:
>> and along those lines, here is a v2
> 
> Woo, this is great.
> 
> main() is missing this bit of code (which I stole from apparmor_parser's
> parser_main.c):
> 
>         setlocale(LC_MESSAGES, "");
>         bindtextdomain(PACKAGE, LOCALEDIR);
>         textdomain(PACKAGE);
> 

oops, yep

>>
>>
>> #include <errno.h>
>> #include <stdio.h>
>> #include <stdlib.h>
>> #include <string.h>
>> #include <libintl.h>
>> #define _(s) gettext(s)
>>
>> #include <sys/apparmor.h>
>> void print_help(const char *command)
>> {
>> 	printf(_("%s: [options]\n"
>> 		 "  options:\n"
>> 		 "  -q | --quiet		don't print out any messages\n"
>> 		 "  -h | --help		print help\n"),
>> 	       command);
> 
> Do these line up in the output? email always makes it hard to tell when
> whitespace works out well or not.
> 
they did in testing, but I should probably move to spaces instead of tabs to make sure it works on everyones terminal

>> 	exit(1);
>> }
>>
>> int main(int argc, char **argv)
>> {
>> 	int quiet = 0;
>> 	
>> 	if (argc > 2) {
>> 		printf(_("unknown options\n"));
>> 		print_help(argv[0]);
>> 		return 1;
> 
> print_help() doesn't return, you can remove the return 1; here.
> 
yep

>> 	} else if (argc == 2) {
>> 		if (strcmp(argv[1], "--quiet") == 0 ||
>> 		    strcmp(argv[1], "-q") == 0) {
>> 			quiet = 1;
>> 		} else if (strcmp(argv[1], "--help") == 0 ||
>> 			   strcmp(argv[1], "-h") == 0) {
>> 			print_help(argv[0]);
>> 		} else {
>> 			printf(_("unknown option '%s'\n"), argv[1]);
>> 			print_help(argv[0]);
>> 		}
>> 	}
>>
>> 	if (aa_is_enabled()) {
>> 		if (!quiet)
>> 			printf(_("Yes\n"));
>> 		return 0;
>> 	}
>>
>> 	if (!quiet) {
>> 		switch(errno) {
>> 		case ENOSYS:
>> 			printf(_("No - not available on this system.\n"));
>> 			break;
>> 		case ECANCELED:
>> 			printf(_("No - disabled at boot.\n"));
>> 			break;
>> 		case ENOENT:
>> 			printf(_("Maybe - policy interface not available.\n"));
>> 			break;
>> 		case EPERM:
>> 		case EACCES:
>> 			printf(_("Maybe - insufficient permissions to determine availability.\n"));
>> 			break;
>> 		default:
>> 			printf(_("No\n"));
>> 		}
>> 	}
>>
>> 	return errno;
> 
> I think we ought to save aside the errno before the printf() calls; if
> something called by printf() fails, or if printf() itself fails, the
> return value here may not be the one we intend to return.
> 
yeah, thanks

More information about the AppArmor mailing list