From nobody Tue Feb 10 23:14:40 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of redhat.com designates
 170.10.133.124 as permitted sender) client-ip=170.10.133.124;
 envelope-from=libvir-list-bounces@redhat.com;
 helo=us-smtp-delivery-124.mimecast.com;
Authentication-Results: mx.zohomail.com;
	spf=pass (zohomail.com: domain of redhat.com designates 170.10.133.124 as
 permitted sender)  smtp.mailfrom=libvir-list-bounces@redhat.com;
	dmarc=fail(p=none dis=none)  header.from=canonical.com
Return-Path: <libvir-list-bounces@redhat.com>
Received: from us-smtp-delivery-124.mimecast.com
 (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.zohomail.com
	with SMTPS id 1633629785034417.42652287340957;
 Thu, 7 Oct 2021 11:03:05 -0700 (PDT)
Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com
 [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id
 us-mta-384-_XAAMZ4QOqi_8jm18CDLOw-1; Thu, 07 Oct 2021 14:03:01 -0400
Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com
 [10.5.11.12])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7AEF3802B40;
	Thu,  7 Oct 2021 18:02:56 +0000 (UTC)
Received: from colo-mx.corp.redhat.com
 (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 5B278610A7;
	Thu,  7 Oct 2021 18:02:56 +0000 (UTC)
Received: from lists01.pubmisc.prod.ext.phx2.redhat.com
 (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33])
	by colo-mx.corp.redhat.com (Postfix) with ESMTP id 297F157DC5;
	Thu,  7 Oct 2021 18:02:56 +0000 (UTC)
Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.rdu2.redhat.com
	[10.11.54.4])
	by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP
	id 197HWvj0020114 for <libvir-list@listman.util.phx.redhat.com>;
	Thu, 7 Oct 2021 13:32:57 -0400
Received: by smtp.corp.redhat.com (Postfix)
	id 596212026D48; Thu,  7 Oct 2021 17:32:57 +0000 (UTC)
Received: from mimecast-mx02.redhat.com
	(mimecast06.extmail.prod.ext.rdu2.redhat.com [10.11.55.22])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 54AA32026D46
	for <libvir-list@redhat.com>; Thu,  7 Oct 2021 17:32:57 +0000 (UTC)
Received: from us-smtp-1.mimecast.com (us-smtp-delivery-1.mimecast.com
	[207.211.31.120])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 3C0B1185A794
	for <libvir-list@redhat.com>; Thu,  7 Oct 2021 17:32:57 +0000 (UTC)
Received: from smtp-relay-internal-1.canonical.com
	(smtp-relay-internal-1.canonical.com [185.125.188.123]) (Using TLS) by
	relay.mimecast.com with ESMTP id us-mta-473-9Ve7XMzbP1akBmsHl2E6tQ-1;
	Thu, 07 Oct 2021 13:32:55 -0400
Received: from mail-wr1-f72.google.com (mail-wr1-f72.google.com
	[209.85.221.72])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest
	SHA256) (No client certificate requested)
	by smtp-relay-internal-1.canonical.com (Postfix) with ESMTPS id
	45C743FFE3
	for <libvir-list@redhat.com>; Thu,  7 Oct 2021 17:25:45 +0000 (UTC)
Received: by mail-wr1-f72.google.com with SMTP id
	e12-20020a056000178c00b001606927de88so5254831wrg.10
	for <libvir-list@redhat.com>; Thu, 07 Oct 2021 10:25:45 -0700 (PDT)
Received: from localhost (o5wzrf.static.otenet.gr. [2.84.75.34])
	by smtp.gmail.com with ESMTPSA id 73sm5531wmb.40.2021.10.07.10.25.43
	(version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256);
	Thu, 07 Oct 2021 10:25:43 -0700 (PDT)
X-MC-Unique: _XAAMZ4QOqi_8jm18CDLOw-1
X-MC-Unique: 9Ve7XMzbP1akBmsHl2E6tQ-1
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20210112;
	h=x-gm-message-state:from:to:subject:date:message-id:in-reply-to
	:references;
	bh=vzRHX0Plw46XkI7LCaO3XOG4F4NnBfh75dq1rsotobk=;
	b=G0uXzWL3WEExOxF9wFto6QUaVOh5gpy4UNEqTIP7L7ZewoNnAQKnP/MB/2TzSWJr7v
	JECdtROnZTy4soW2juSI/hPtsRZjF3dz7fc9xwFENGaRXKIPmPh4SjihLGw4/0E/Qo+E
	8Xg64cD6svPlhtFby66Wulh9YrYjHWyE9dom20VnmGwSAaJMzBwuJYOiw32wLBIgqPg0
	5J6G48cpbdVDd/3kqiWo07r4GTRumiEwN+1s9wjSyQAdd4gZEIdLqH+suH0s/6+uQReI
	haM5ZaTXq1XqhMeVrDGcn4E0zWjag1qS++7ooB69d/jVnHdEdFBB7VvE5vgoNjFK9cdd
	MLdw==
X-Gm-Message-State: AOAM533pd6H4YwVAKi4s9UJNwmV3pS8YNopJiT+Cf23E2C3C6Oxg0QtZ
	pB5C2SFtWIY0eIye/u/+IUQfinODYhl5F2OziOUm8yQ2lkfzqAMhMhl3sNQZV5Pl4zSH0HoZfvH
	nitoBSEXuDuiH3VVSa2Xm48j/FQZGE+OYxQ==
X-Received: by 2002:a7b:c841:: with SMTP id c1mr3876985wml.40.1633627544545;
	Thu, 07 Oct 2021 10:25:44 -0700 (PDT)
X-Google-Smtp-Source: 
 ABdhPJyT8dHBqXmOFpnZz38ifx0+drID0Oc/yMzXRnxc5Xkib96+cVh5PZiM2fPDWMMhOVO0/tQu/g==
X-Received: by 2002:a7b:c841:: with SMTP id c1mr3876960wml.40.1633627544296;
	Thu, 07 Oct 2021 10:25:44 -0700 (PDT)
From: Ioanna Alifieraki <ioanna-maria.alifieraki@canonical.com>
To: libvir-list@redhat.com, christian.ehrhardt@canonical.com,
	alejandro.santoyo@canonical.com
Subject: [PATCH 2/4] virt-aa-helper: Add new purge (-P) option
Date: Thu,  7 Oct 2021 20:25:36 +0300
Message-Id: <20211007172539.25224-3-ioanna-maria.alifieraki@canonical.com>
In-Reply-To: <20211007172539.25224-1-ioanna-maria.alifieraki@canonical.com>
References: <20211007172539.25224-1-ioanna-maria.alifieraki@canonical.com>
X-Mimecast-Impersonation-Protect: Policy=CLT - Impersonation Protection
	Definition; Similar Internal Domain=false;
	Similar Monitored External Domain=false;
	Custom External Domain=false; Mimecast External Domain=false;
	Newly Observed Domain=false; Internal User Name=false;
	Custom Display Name List=false; Reply-to Address Mismatch=false;
	Targeted Threat Dictionary=false;
	Mimecast Threat Dictionary=false; Custom Threat Dictionary=false
X-Scanned-By: MIMEDefang 2.78 on 10.11.54.4
X-loop: libvir-list@redhat.com
X-BeenThere: libvir-list@redhat.com
X-Mailman-Version: 2.1.12
Precedence: junk
List-Id: Development discussions about the libvirt library & tools
	<libvir-list.redhat.com>
List-Unsubscribe: <https://listman.redhat.com/mailman/options/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=unsubscribe>
List-Archive: <https://listman.redhat.com/archives/libvir-list>
List-Post: <mailto:libvir-list@redhat.com>
List-Help: <mailto:libvir-list-request@redhat.com?subject=help>
List-Subscribe: <https://listman.redhat.com/mailman/listinfo/libvir-list>,
	<mailto:libvir-list-request@redhat.com?subject=subscribe>
Sender: libvir-list-bounces@redhat.com
Errors-To: libvir-list-bounces@redhat.com
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12
Authentication-Results: relay.mimecast.com;
	auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com
X-Mimecast-Spam-Score: 2
X-Mimecast-Originator: redhat.com
X-ZM-MESSAGEID: 1633629785514100001
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"

Currently there is no way to remove the profile file.
This commit provides this functionality (required for next commit).

Signed-off-by: Ioanna Alifieraki <ioanna-maria.alifieraki@canonical.com>
---
 src/security/virt-aa-helper.c | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index 269c372704..5ec0fb8807 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -101,6 +101,7 @@ vah_usage(void)
             "    -a | --add                     load profile\n"
             "    -c | --create                  create profile from templa=
te\n"
             "    -D | --delete                  unload profile and delete =
generated rules\n"
+            "    -P | --purge                   purge profile\n"
             "    -r | --replace                 reload profile\n"
             "    -R | --remove                  unload profile\n"
             "  Options:\n"
@@ -1361,13 +1362,14 @@ vahParseArgv(vahControl * ctl, int argc, char **arg=
v)
         {"add-file", 0, 0, 'f'},
         {"append-file", 0, 0, 'F'},
         {"help", 0, 0, 'h'},
+        {"purge", 0, 0, 'P'},
         {"replace", 0, 0, 'r'},
         {"remove", 0, 0, 'R'},
         {"uuid", 1, 0, 'u'},
         {0, 0, 0, 0}
     };
=20
-    while ((arg =3D getopt_long(argc, argv, "acdDhrRH:b:u:p:f:F:", opt,
+    while ((arg =3D getopt_long(argc, argv, "acdDhPrRH:b:u:p:f:F:", opt,
             &idx)) !=3D -1) {
         switch (arg) {
             case 'a':
@@ -1391,6 +1393,9 @@ vahParseArgv(vahControl * ctl, int argc, char **argv)
                 vah_usage();
                 exit(EXIT_SUCCESS);
                 break;
+            case 'P':
+                ctl->cmd =3D 'P';
+                break;
             case 'r':
                 ctl->cmd =3D 'r';
                 break;
@@ -1456,7 +1461,7 @@ static int create_profile(vahControl *ctl, char *prof=
ile, char *include_file)
         return rc;
 }
=20
-static int remove_profile(vahControl *ctl, char *include_file)
+static int remove_profile(vahControl *ctl, char *profile, char *include_fi=
le)
 {
         int rc =3D 0;
=20
@@ -1464,6 +1469,8 @@ static int remove_profile(vahControl *ctl, char *incl=
ude_file)
                 return rc;
         if (ctl->cmd =3D=3D 'D')
                 unlink(include_file);
+        if (ctl->cmd =3D=3D 'P')
+                unlink(profile);
=20
         return rc;
 }
@@ -1519,7 +1526,7 @@ main(int argc, char **argv)
     if (ctl->cmd =3D=3D 'a') {
         rc =3D parserLoad(ctl->uuid);
     } else if (ctl->cmd =3D=3D 'R' || ctl->cmd =3D=3D 'D') {
-            rc =3D remove_profile(ctl, include_file);
+            rc =3D remove_profile(ctl, profile, include_file);
     } else if (ctl->cmd =3D=3D 'c' || ctl->cmd =3D=3D 'r') {
         char *included_files =3D NULL;
         g_auto(virBuffer) buf =3D VIR_BUFFER_INITIALIZER;
--=20
2.17.1