From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Date: Mon, 25 Nov 2013 13:08:20 +0000 (+0200)
Subject: utils: more verbose error reporting when applying rules
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=8fd016791883705fc17598b89a3d54633c3dc5ca;p=framework%2Fsecurity%2Fsmack.git

utils: more verbose error reporting when applying rules

Add more verbose error reporting when applying either access
rules or CIPSO. The key point is to be able to separate whether
error occured during reading or applying phase.

Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
---

diff --git a/utils/common.c b/utils/common.c
index 15b4ed7..6b82cd1 100644
--- a/utils/common.c
+++ b/utils/common.c
@@ -58,7 +58,7 @@ int clear(void)
 		return -1;
 	}
 
-	ret = apply_rules_file(fd, 1);
+	ret = apply_rules_file(path, fd, 1);
 	close(fd);
 	return ret;
 }
@@ -85,10 +85,7 @@ int apply_rules(const char *path, int clear)
 		return -1;
 	}
 
-	ret = apply_rules_file(fd, clear);
-	if (ret)
-		fprintf(stderr, "Applying rules failed for the file '%s'.\n",
-			path);
+	ret = apply_rules_file(path, fd, clear);
 	close(fd);
 	return ret;
 }
@@ -115,15 +112,12 @@ int apply_cipso(const char *path)
 		return -1;
 	}
 
-	ret = apply_cipso_file(fd);
-	if (ret)
-		fprintf(stderr, "Applying CIPSO failed for the file '%s'.\n",
-			path);
+	ret = apply_cipso_file(path, fd);
 	close(fd);
 	return ret;
 }
 
-int apply_rules_file(int fd, int clear)
+int apply_rules_file(const char *path, int fd, int clear)
 {
 	struct smack_accesses *rules = NULL;
 	int ret = 0;
@@ -133,20 +127,29 @@ int apply_rules_file(int fd, int clear)
 
 	if (smack_accesses_add_from_file(rules, fd)) {
 		smack_accesses_free(rules);
+		if (path)
+			fprintf(stderr, "Reading rules from '%s' failed.\n",
+				path);
+		else
+			fputs("Reading rules from STDIN failed.\n", stderr);
 		return -1;
 	}
 
-	if (!clear)
-		ret = smack_accesses_apply(rules);
-	else
+	if (clear) {
 		ret = smack_accesses_clear(rules);
+		if (ret)
+			fputs("Clearing rules failed.\n", stderr);
+	} else {
+		ret = smack_accesses_apply(rules);
+		if (ret)
+			fputs("Applying rules failed.\n", stderr);
+	}
 
 	smack_accesses_free(rules);
-
 	return ret;
 }
 
-int apply_cipso_file(int fd)
+int apply_cipso_file(const char *path, int fd)
 {
 	struct smack_cipso *cipso = NULL;
 	int ret;
@@ -157,14 +160,23 @@ int apply_cipso_file(int fd)
 
 	ret = smack_cipso_add_from_file(cipso, fd);
 	if (ret) {
+		if (path)
+			fprintf(stderr, "Reading CIPSO from '%s' failed.\n",
+				path);
+		else
+			fputs("Reading CIPSO from STDIN failed.\n",
+			      stderr);
 		smack_cipso_free(cipso);
 		return -1;
 	}
 
 	ret = smack_cipso_apply(cipso);
 	smack_cipso_free(cipso);
-	if (ret)
+	if (ret) {
+		fprintf(stderr, "Applying CIPSO failed.\n",
+			path);
 		return -1;
+	}
 
 	return 0;
 }
@@ -187,10 +199,7 @@ static int apply_rules_cb(const char *fpath, const struct stat *sb,
 		return -1;
 	}
 
-	ret = apply_rules_file(fd, 0) ? FTW_STOP : FTW_CONTINUE;
-	if (ret == FTW_STOP)
-		fprintf(stderr, "Applying rules failed for the file '%s'.\n",
-			fpath);
+	ret = apply_rules_file(fpath, fd, 0) ? FTW_STOP : FTW_CONTINUE;
 	close(fd);
 	return ret;
 }
@@ -213,10 +222,7 @@ static int apply_cipso_cb(const char *fpath, const struct stat *sb,
 		return -1;
 	}
 
-	ret = apply_cipso_file(fd) ? FTW_STOP : FTW_CONTINUE;
-	if (ret == FTW_STOP)
-		fprintf(stderr, "Applying CIPSO failed for the file '%s'.\n",
-			fpath);
+	ret = apply_cipso_file(fpath, fd) ? FTW_STOP : FTW_CONTINUE;
 	close(fd);
 	return ret;
 }
diff --git a/utils/common.h b/utils/common.h
index 4eb7df2..1eab142 100644
--- a/utils/common.h
+++ b/utils/common.h
@@ -1,7 +1,7 @@
 /*
  * This file is part of libsmack.
  *
- * Copyright (C) 2011 Intel Corporation
+ * Copyright (C) 2011-2013 Intel Corporation
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public License
@@ -27,7 +27,7 @@
 int clear(void);
 int apply_rules(const char *path, int clear);
 int apply_cipso(const char *path);
-int apply_rules_file(int fd, int clear);
-int apply_cipso_file(int fd);
+int apply_rules_file(const char *path, int fd, int clear);
+int apply_cipso_file(const char *path, int fd);
 
 #endif // COMMON_H
diff --git a/utils/smackcipso.c b/utils/smackcipso.c
index da124ca..643f080 100644
--- a/utils/smackcipso.c
+++ b/utils/smackcipso.c
@@ -36,7 +36,7 @@ int main(int argc, char **argv)
 	}
 
 	if (argc == 1) {
-		if (apply_cipso_file(STDIN_FILENO))
+		if (apply_cipso_file(NULL, STDIN_FILENO))
 			exit(1);
 	} else {
 		if (apply_cipso(argv[1]))
diff --git a/utils/smackload.c b/utils/smackload.c
index a0c6b33..04aca44 100644
--- a/utils/smackload.c
+++ b/utils/smackload.c
@@ -50,7 +50,7 @@ int main(int argc, char **argv)
 	}
 
 	if (optind == argc) {
-		if (apply_rules_file(STDIN_FILENO, clear))
+		if (apply_rules_file(NULL, STDIN_FILENO, clear))
 			exit(1);
 	} else {
 		if (apply_rules(argv[optind], clear))