>> Nice trick - you are using libapparmor to hide most of the code ;-) >> (that's not really bad because it avoids code duplication, but makes the >> comparison a bit unfair ;-) >> >> Oh, and the C code has a bug - like aa-status --enabled, aa-enabled >> should only set the exitcode, but not print anything. >> >> Anyway, I can live with both solutions as long as we get aa-enabled >> added ;-) >> > hrmmm, I think I'd rather leaving human readable output as the default > and having a quiet flag for just the error code. > > since we are replacing > aa-status --enabled > I don't see how > aa-enabled --quiet > is any worse, and then a user can also easily use the tool > > and along those lines, here is a v2
--- #include <errno.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <libintl.h> #define _(s) gettext(s) #include <sys/apparmor.h> void print_help(const char *command) { printf(_("%s: [options]\n" " options:\n" " -q | --quiet don't print out any messages\n" " -h | --help print help\n"), command); exit(1); } int main(int argc, char **argv) { int quiet = 0; if (argc > 2) { printf(_("unknown options\n")); print_help(argv[0]); return 1; } else if (argc == 2) { if (strcmp(argv[1], "--quiet") == 0 || strcmp(argv[1], "-q") == 0) { quiet = 1; } else if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-h") == 0) { print_help(argv[0]); } else { printf(_("unknown option '%s'\n"), argv[1]); print_help(argv[0]); } } if (aa_is_enabled()) { if (!quiet) printf(_("Yes\n")); return 0; } if (!quiet) { switch(errno) { case ENOSYS: printf(_("No - not available on this system.\n")); break; case ECANCELED: printf(_("No - disabled at boot.\n")); break; case ENOENT: printf(_("Maybe - policy interface not available.\n")); break; case EPERM: case EACCES: printf(_("Maybe - insufficient permissions to determine availability.\n")); break; default: printf(_("No\n")); } } return errno; } -- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor