QubesOS/qubes-core-admin-linux
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

qrexec: don't call exit directly from qrexec-policy main

Browse Source 
Use `return` instead. This makes possible to implement unit tests on
this function. And also makes static analysis a little happier.
This commit is contained in:
Marek Marczykowski-Górecki 2016-08-16 03:20:36 +02:00
parent 9a5bd57d1b
commit 9192bb0d44
No known key found for this signature in database
GPG Key ID: 063938BA42CFA724
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
qrexec/qrexec-policy
View File

@ -244,7 +244,7 @@ def main():
text = "Domain '%s' doesn't exist (service %s called by domain %s)." % ( text = "Domain '%s' doesn't exist (service %s called by domain %s)." % (
args.target, args.service_name, args.domain) args.target, args.service_name, args.domain)
info_dialog("error", text) info_dialog("error", text)
exit(1) return 1
policy_list = read_policy_file(args.service_name) policy_list = read_policy_file(args.service_name)
if policy_list is None: if policy_list is None:
@ -271,9 +271,9 @@ def main():
if args.just_evaluate: if args.just_evaluate:
if policy_dict["action"] == "allow": if policy_dict["action"] == "allow":
exit(0) return 0
else: else:
exit(1) return 1
if policy_dict["action"] == "allow": if policy_dict["action"] == "allow":
if "action.target" in policy_dict: if "action.target" in policy_dict:
@ -286,6 +286,7 @@ def main():
do_execute(args.domain, args.target, user, args.service_name, process_ident, vm=vm) do_execute(args.domain, args.target, user, args.service_name, process_ident, vm=vm)
print >> sys.stderr, "Rpc denied:", args.domain, args.target, args.service_name print >> sys.stderr, "Rpc denied:", args.domain, args.target, args.service_name
exit(1) return 1
main() if __name__ == '__main__':
sys.exit(main())