diff options
author | Timo Teräs <timo.teras@iki.fi> | 2023-04-10 20:18:21 +0300 |
---|---|---|
committer | Timo Teräs <timo.teras@iki.fi> | 2023-04-11 20:55:13 +0300 |
commit | b33825b6a41730d11e8e1dfd15ae479ce2ea8bc2 (patch) | |
tree | 41d8b73eb542bb64571a96a463bddc21949b88e9 /src/database.c | |
parent | b3c4636ee213d8e37f21ecaae2748876b1063076 (diff) | |
download | apk-tools-b33825b6a41730d11e8e1dfd15ae479ce2ea8bc2.tar.gz apk-tools-b33825b6a41730d11e8e1dfd15ae479ce2ea8bc2.tar.bz2 apk-tools-b33825b6a41730d11e8e1dfd15ae479ce2ea8bc2.tar.xz apk-tools-b33825b6a41730d11e8e1dfd15ae479ce2ea8bc2.zip |
audit: add --protected-paths to override the audit exceptions
Diffstat (limited to 'src/database.c')
-rw-r--r-- | src/database.c | 12 |
1 files changed, 8 insertions, 4 deletions
diff --git a/src/database.c b/src/database.c index 9cad108..282e3a0 100644 --- a/src/database.c +++ b/src/database.c @@ -1653,11 +1653,15 @@ int apk_db_open(struct apk_database *db, struct apk_db_options *dbopts) } } - blob = APK_BLOB_STR("+etc\n" "@etc/init.d\n" "!etc/apk\n"); - apk_blob_for_each_segment(blob, "\n", add_protected_path, db); + if (!APK_BLOB_IS_NULL(dbopts->protected_paths)) { + apk_blob_for_each_segment(dbopts->protected_paths, "\n", add_protected_path, db); + } else { + blob = APK_BLOB_STR("+etc\n" "@etc/init.d\n" "!etc/apk\n"); + apk_blob_for_each_segment(blob, "\n", add_protected_path, db); - apk_dir_foreach_file(openat(db->root_fd, "etc/apk/protected_paths.d", O_RDONLY | O_CLOEXEC), - add_protected_paths_from_file, db); + apk_dir_foreach_file(openat(db->root_fd, "etc/apk/protected_paths.d", O_RDONLY | O_CLOEXEC), + add_protected_paths_from_file, db); + } /* figure out where to have the cache */ fd = openat(db->root_fd, dbopts->cache_dir, O_RDONLY | O_CLOEXEC); |