mir/lxc
2
0
Fork 0
mirror of git://github.com/lxc/lxc synced 2025-09-02 07:49:36 +00:00
Code Issues Releases Wiki Activity

lsm/apparmor: log failure to write AppArmor profile

Browse Source 
Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
This commit is contained in:
Christian Brauner
2021-08-09 15:58:53 +02:00
parent f14d72ba0f
commit 0e8effda05
1 changed files with 6 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/lxc/lsm/apparmor.c
View File

@@ -1163,7 +1163,8 @@ static int apparmor_process_label_fd_get(struct lsm_ops *ops, pid_t pid, bool on
return __apparmor_process_label_open(ops, pid, O_RDWR, on_exec); return __apparmor_process_label_open(ops, pid, O_RDWR, on_exec);
} }
static int apparmor_process_label_set_at(struct lsm_ops *ops, int label_fd, const char *label, bool on_exec) static int apparmor_process_label_set_at(struct lsm_ops *ops, int label_fd,
const char *label, bool on_exec)
{ {
__do_free char *command = NULL; __do_free char *command = NULL;
int ret = -1; int ret = -1;
@@ -1182,9 +1183,12 @@ static int apparmor_process_label_set_at(struct lsm_ops *ops, int label_fd, cons
return -EFBIG; return -EFBIG;
ret = lxc_write_nointr(label_fd, command, len - 1); ret = lxc_write_nointr(label_fd, command, len - 1);
if (ret < 0)
return syserror("Failed to write AppArmor profile \"%s\" to %d",
label, label_fd);
INFO("Set AppArmor label to \"%s\"", label); INFO("Set AppArmor label to \"%s\"", label);
return ret; return 0;
} }
/* /*