71 lines
2.1 KiB
Diff
71 lines
2.1 KiB
Diff
diff --exclude-from=exclude -N -u -r nsalibsemanage/src/direct_api.c libsemanage-1.9.1/src/direct_api.c
|
|
--- nsalibsemanage/src/direct_api.c 2006-11-16 17:14:02.000000000 -0500
|
|
+++ libsemanage-1.9.1/src/direct_api.c 2006-12-22 11:36:55.000000000 -0500
|
|
@@ -603,7 +603,8 @@
|
|
|
|
/* Create new policy object, then attach to policy databases
|
|
* that work with a policydb */
|
|
- if (semanage_expand_sandbox(sh, base, &out) < 0)
|
|
+ retval = semanage_expand_sandbox(sh, base, &out);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
|
|
dbase_policydb_attach((dbase_policydb_t *) pusers_base->dbase,
|
|
@@ -615,13 +616,16 @@
|
|
|
|
/* ============= Apply changes, and verify =============== */
|
|
|
|
- if (semanage_base_merge_components(sh) < 0)
|
|
+ retval = semanage_base_merge_components(sh);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
-
|
|
- if (semanage_write_policydb(sh, out) < 0)
|
|
+
|
|
+ retval = semanage_write_policydb(sh, out);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
-
|
|
- if (semanage_verify_kernel(sh) != 0)
|
|
+
|
|
+ retval = semanage_verify_kernel(sh);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
}
|
|
|
|
@@ -635,26 +639,30 @@
|
|
* merged into the main file_contexts. We won't check the
|
|
* large file_contexts - checked at compile time */
|
|
if (sh->do_rebuild || modified || fcontexts_modified) {
|
|
- if (semanage_fcontext_validate_local(sh, out) < 0)
|
|
+ retval = semanage_fcontext_validate_local(sh, out);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
}
|
|
|
|
/* Validate local seusers against policy */
|
|
if (sh->do_rebuild || modified || seusers_modified) {
|
|
- if (semanage_seuser_validate_local(sh, out) < 0)
|
|
+ retval = semanage_seuser_validate_local(sh, out);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
}
|
|
|
|
/* Validate local ports for overlap */
|
|
if (sh->do_rebuild || ports_modified) {
|
|
- if (semanage_port_validate_local(sh) < 0)
|
|
+ retval = semanage_port_validate_local(sh);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
}
|
|
|
|
/* ================== Write non-policydb components ========= */
|
|
|
|
/* Commit changes to components */
|
|
- if (semanage_commit_components(sh) < 0)
|
|
+ retval = semanage_commit_components(sh);
|
|
+ if (retval < 0)
|
|
goto cleanup;
|
|
|
|
retval = semanage_install_sandbox(sh);
|