Merge pull request #57 from fermitools/drop-more-returns

jcpunk · web-flow · commit 5ffb63f9658b · 2024-05-29T11:39:15.000-05:00
Not checking return code, so drop them
diff --git a/src/C/kcron_seccomp.h b/src/C/kcron_seccomp.h
@@ -65,39 +65,39 @@ int set_kcron_seccomp(void) {
   /* Basic features */
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(rt_sigreturn), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'rt_sigreturn'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(brk), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'brk'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'exit'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(exit_group), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'exit_group'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
   /* Permitted actions */
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(geteuid), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'geteuid'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getuid), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'getuid'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(getgid), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'getgid'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
@@ -107,7 +107,7 @@ int set_kcron_seccomp(void) {
   */
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1, SCMP_A0(SCMP_CMP_EQ, 1)) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'write' to stdout.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
@@ -116,7 +116,7 @@ int set_kcron_seccomp(void) {
   */
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1, SCMP_A0(SCMP_CMP_EQ, 2)) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'write' to stderr.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
@@ -127,13 +127,13 @@ int set_kcron_seccomp(void) {
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(openat), 0) != 0) {
     /* not sure how to restrict this to the args I want */
     (void)fprintf(stderr, "%s: Cannot set allowlist 'openat'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 1, SCMP_A0(SCMP_CMP_EQ, 3)) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'close'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
@@ -142,22 +142,22 @@ int set_kcron_seccomp(void) {
   */
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(write), 1, SCMP_A0(SCMP_CMP_EQ, 4)) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'write' to our file handle.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(close), 1, SCMP_A0(SCMP_CMP_EQ, 4)) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'close'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fsync), 1, SCMP_A0(SCMP_CMP_EQ, 4)) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'fsync' on file handle.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fchmod), 2, SCMP_A0(SCMP_CMP_EQ, 4), SCMP_A1(SCMP_CMP_EQ, _0600)) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'fchmod' for mode 0600 only.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
@@ -166,49 +166,49 @@ int set_kcron_seccomp(void) {
   */
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fstat), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'fstat'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(stat), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'stat'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(newfstatat), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'newfstatat'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(mkdir), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'mkdir'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(fchown), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'fchown'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 
 
 #if USE_CAPABILITIES == 1
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(capget), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'capget'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
   if (seccomp_rule_add(ctx, SCMP_ACT_ALLOW, SCMP_SYS(capset), 0) != 0) {
     (void)fprintf(stderr, "%s: Cannot set allowlist 'capset'.\n", __PROGRAM_NAME);
-    seccomp_release(ctx);
+    (void)seccomp_release(ctx);
     exit(EXIT_FAILURE);
   }
 #endif
 
   /* Load rules */
-  seccomp_load(ctx);
+  (void)seccomp_load(ctx);
 
   /* Release memory */
-  seccomp_release(ctx);
+  (void)seccomp_release(ctx);
 
   return 0;
 }
