On Wed, 10.06.15 15:38, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote:
> ima_write_policy() expects data to be written as one or more > rules, no more than PAGE_SIZE at a time. Easiest way to ensure > that we are not splitting rules is to read and write on line at > a time. > > https://bugzilla.redhat.com/show_bug.cgi?id=1226948 > --- > src/core/ima-setup.c | 39 +++++++++++++++++---------------------- > 1 file changed, 17 insertions(+), 22 deletions(-) > > diff --git a/src/core/ima-setup.c b/src/core/ima-setup.c > index 4d8b638115..5b3d16cd31 100644 > --- a/src/core/ima-setup.c > +++ b/src/core/ima-setup.c > @@ -23,9 +23,6 @@ > > #include <unistd.h> > #include <errno.h> > -#include <fcntl.h> > -#include <sys/stat.h> > -#include <sys/mman.h> > > #include "ima-setup.h" > #include "util.h" > @@ -36,20 +33,19 @@ > #define IMA_POLICY_PATH "/etc/ima/ima-policy" > > int ima_setup(void) { > - int r = 0; > - > #ifdef HAVE_IMA > - _cleanup_close_ int policyfd = -1, imafd = -1; > - struct stat st; > - char *policy; > + _cleanup_fclose_ FILE *input = NULL; > + _cleanup_close_ int imafd = -1; > + char line[LINE_MAX]; Hmm, I wonder if this might bite us. LINE_MAX is a good choice as max line length for formats we define in systemd, but the question of course is what the the max line length is for IMA... Looks good otherwise. Lennart -- Lennart Poettering, Red Hat _______________________________________________ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
