aa_may_manage

Name:aa_may_manage_policy - can the current task manage policy*@label: label to check if it can manage policy*@op: the policy manipulation operation being done* Returns: 0 if the task is allowed to manipulate policy else error

Proto:int aa_may_manage_policy(struct aa_label *label, struct aa_ns *ns, unsigned int mask)

Type:int

Parameter:

Type	Parameter	Name
struct aa_label *	label
struct aa_ns *	ns
unsigned int	mask

684

If mask & AA_MAY_REMOVE_POLICY Then op = OP_PROF_RM

686

Else if mask & AA_MAY_REPLACE_POLICY Then op = OP_PROF_REPL

688

Else op = OP_PROF_LOAD

692

If aa_g_lock_policy Then Return audit_policy - Do auditing of policy changes*@label: label to check if it can manage policy*@op: policy operation being performed*@ns_name: name of namespace being manipulated*@name: name of profile being manipulated (NOT NULL)*@info: any extra

696

If Not policy_admin_capable(ns) Then Return audit_policy - Do auditing of policy changes*@label: label to check if it can manage policy*@op: policy operation being performed*@ns_name: name of namespace being manipulated*@name: name of profile being manipulated (NOT NULL)*@info: any extra

701

Return 0

**Caller**
Name	Describe
profile_remove	.remove file hook fn to remove loaded policy
ns_mkdir_op
ns_rmdir_op

Source code conversion tool public plug-in interface	X
Support c/c++/esqlc/java Oracle/Informix/Mysql Plug-in can realize: logical Report Code generation and batch code conversion

Function report