case ARG_INTERVAL:
case ARG_FORCE:
log_error("Forward-secure sealing not available.");
- return -ENOTSUP;
+ return -EOPNOTSUPP;
#endif
case 'p': {
#ifdef HAVE_GCRYPT
size_t mpk_size, seed_size, state_size, i;
uint8_t *mpk, *seed, *state;
- ssize_t l;
int fd = -1, r;
sd_id128_t machine, boot;
char *p = NULL, *k = NULL;
SD_ID128_FORMAT_VAL(machine)) < 0)
return log_oom();
- if (access(p, F_OK) >= 0) {
- if (arg_force) {
- r = unlink(p);
- if (r < 0) {
- log_error_errno(errno, "unlink(\"%s\") failed: %m", p);
- r = -errno;
- goto finish;
- }
- } else {
- log_error("Sealing key file %s exists already. (--force to recreate)", p);
- r = -EEXIST;
+ if (arg_force) {
+ r = unlink(p);
+ if (r < 0 && errno != ENOENT) {
+ r = log_error_errno(errno, "unlink(\"%s\") failed: %m", p);
goto finish;
}
+ } else if (access(p, F_OK) >= 0) {
+ log_error("Sealing key file %s exists already. Use --force to recreate.", p);
+ r = -EEXIST;
+ goto finish;
}
if (asprintf(&k, "/var/log/journal/" SD_ID128_FORMAT_STR "/fss.tmp.XXXXXX",
}
log_info("Generating seed...");
- l = loop_read(fd, seed, seed_size, true);
- if (l < 0 || (size_t) l != seed_size) {
- log_error_errno(EIO, "Failed to read random seed: %m");
- r = -EIO;
+ r = loop_read_exact(fd, seed, seed_size, true);
+ if (r < 0) {
+ log_error_errno(r, "Failed to read random seed: %m");
goto finish;
}
return r;
#else
log_error("Forward-secure sealing not available.");
- return -ENOTSUP;
+ return -EOPNOTSUPP;
#endif
}
ORDERED_HASHMAP_FOREACH(f, j->files, i) {
int k;
- usec_t first, validated, last;
+ usec_t first = 0, validated = 0, last = 0;
#ifdef HAVE_GCRYPT
if (!arg_verify_key && JOURNAL_HEADER_SEALED(f->header))