apparmor: exec should not be returning ENOENT when it denies

The current behavior is confusing as it causes exec failures to report the executable is missing instead of identifying that apparmor caused the failure. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>

apparmor: exec should not be returning ENOENT when it denies
The current behavior is confusing as it causes exec failures to report the executable is missing instead of identifying that apparmor caused the failure. Signed-off-by: John Johansen <john.johansen@canonical.com> Acked-by: Seth Arnold <seth.arnold@canonical.com>
9049a792 · John Johansen · b6b1b81b · 9049a792
Commit 9049a792 authored Jul 25, 2014 by John Johansen
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

security/apparmor/domain.c security/apparmor/domain.c +1 -1

No files found.
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -433,7 +433,7 @@ int apparmor_bprm_set_creds(struct linux_binprm *bprm)
 				new_profile = aa_get_newest_profile(ns->unconfined);
 				info = "ux fallback";
 			} else {
-				error = -ENOENT;
+				error = -EACCES;
 				info = "profile not found";
 				/* remove MAY_EXEC to audit as failure */
 				perms.allow &= ~MAY_EXEC;