[apparmor] [PATCH] various aa-notify fixes

[John Johansen]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/17/2011 05:44 AM, Jamie Strandboge wrote:
> On Tue, 2011-08-16 at 16:29 -0700, John Johansen wrote:
>>> diff:
>>> === modified file 'utils/aa-notify'
>>> --- utils/aa-notify	2010-11-04 00:03:52 +0000
>>> +++ utils/aa-notify	2011-08-16 21:57:02 +0000
>>> @@ -122,7 +122,8 @@
>>>  if ($< == 0) {
>>>      $login = "root";
>>>      if (defined($ENV{SUDO_UID}) and defined($ENV{SUDO_GID})) {
>>> -        POSIX::setgid($ENV{SUDO_GID}) or _error("Could not change gid");
>>> +        $) = "$ENV{SUDO_GID} $ENV{SUDO_GID}" or _error("Could not change egid");
>>> +        $( = $ENV{SUDO_GID} or _error("Could not change gid");
>>>          $> = $ENV{SUDO_UID} or _error("Could not change euid");
>>>          defined($ENV{SUDO_USER}) and $login = $ENV{SUDO_USER};
>>>      } else {
>>> @@ -131,7 +132,9 @@
>>>              $drop_to = $opt_u;
>>>          }
>>>          # nobody/nogroup
>>> -        POSIX::setgid(scalar(getgrnam($nobody_group))) or _error("Could not change gid to '$nobody_group'");
>>> +        my $nam = scalar(getgrnam($nobody_group));
>>> +        $) = "$nam $nam" or _error("Could not change egid");
>>> +        $( = $nam or _error("Could not change gid");
>>>          $> = scalar(getpwnam($drop_to)) or _error("Could not change euid to '$drop_to'");
>>>      }
>>>  } else {
>>>
>> Thankyou for reminding me why I HATE perl
>>
>> you need to check $! after the assignment of $( and $) for errors
> 
> I do. In each of these I do 'or _error(...)...' which will bail out of
> the script and return '1'. Is this not enough?

sigh, yes you are and it is just ignore me


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5Lvk8ACgkQxAVxIsEKI+aIhACdHuoz6K6rhxciHQVGWdw8PJCJ
dlEAnitJfsEk21kYC90fefMiyAfQolM4
=ILa5
-----END PGP SIGNATURE-----