diff options
| author | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-08-22 11:32:03 -0700 |
|---|---|---|
| committer | Joe Richey joerichey@google.com <joerichey@google.com> | 2017-08-22 11:32:03 -0700 |
| commit | 50256fab010adfde1b349160460659fb03d8c8ac (patch) | |
| tree | 3e79eee2f6e266ea7cd4eab7473bde7faa01e585 /security/keyring.go | |
| parent | 151e8965fa3a9c8f65e316430f9df0fa763fb02d (diff) | |
security: Fixed typo and improved error handling
Diffstat (limited to 'security/keyring.go')
| -rw-r--r-- | security/keyring.go | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/security/keyring.go b/security/keyring.go index e312df2..f75b189 100644 --- a/security/keyring.go +++ b/security/keyring.go @@ -95,7 +95,7 @@ var keyringIDCache = make(map[int]int) // simpler approach would be to use // unix.KeyctlGetKeyringID(unix.KEY_SPEC_USER_KEYRING, false) // which would work in almost all cases. However, despite the fact that the rest -// of the keyrings API using the _effective_ UID throughout, the translation of +// of the keyrings API uses the _effective_ UID throughout, the translation of // KEY_SPEC_USER_KEYRING is done with respect to the _real_ UID. This means that // a simpler implementation would not respect permissions dropping. func getUserKeyringID() (int, error) { @@ -150,10 +150,12 @@ func getUserKeyringID() (int, error) { func keyringLink(keyID int, keyringID int) error { _, err := unix.KeyctlInt(unix.KEYCTL_LINK, keyID, keyringID, 0, 0) - return errors.Wrapf(err, "linking key %d into keyring %d", keyID, keyringID) + log.Printf("KeyctlLink(%d, %d) = %v", keyID, keyringID, err) + return errors.Wrap(ErrKeyringLink, err.Error()) } func keyringUnlink(keyID int, keyringID int) error { _, err := unix.KeyctlInt(unix.KEYCTL_UNLINK, keyID, keyringID, 0, 0) - return errors.Wrapf(err, "unlinking key %d from keyring %d", keyID, keyringID) + log.Printf("KeyctlUnlink(%d, %d) = %v", keyID, keyringID, err) + return errors.Wrap(ErrKeyringUnlink, err.Error()) } |