[libvirt PATCH 35/51] security: Update format strings in translated messages

Jiri Denemark jdenemar at redhat.com
Fri Mar 10 16:09:51 UTC 2023


Signed-off-by: Jiri Denemark <jdenemar at redhat.com>
---
 src/security/security_apparmor.c |  37 +++++-----
 src/security/security_dac.c      |  28 ++++----
 src/security/security_driver.c   |   4 +-
 src/security/security_manager.c  |   6 +-
 src/security/security_selinux.c  | 114 ++++++++++++++-----------------
 src/security/security_util.c     |  16 ++---
 src/security/virt-aa-helper.c    |  10 +--
 7 files changed, 97 insertions(+), 118 deletions(-)

diff --git a/src/security/security_apparmor.c b/src/security/security_apparmor.c
index b63b248975..e619919604 100644
--- a/src/security/security_apparmor.c
+++ b/src/security/security_apparmor.c
@@ -85,8 +85,8 @@ profile_status(const char *str, const int check_enforcing)
 
     if (virFileReadAll(APPARMOR_PROFILES_PATH, MAX_FILE_LEN, &content) < 0) {
         virReportSystemError(errno,
-                             _("Failed to read AppArmor profiles list "
-                             "\'%s\'"), APPARMOR_PROFILES_PATH);
+                             _("Failed to read AppArmor profiles list \'%1$s\'"),
+                             APPARMOR_PROFILES_PATH);
         return -2;
     }
 
@@ -128,7 +128,7 @@ profile_status_file(const char *str)
 
     if ((len = virFileReadAll(profile, MAX_FILE_LEN, &content)) < 0) {
         virReportSystemError(errno,
-                             _("Failed to read \'%s\'"), profile);
+                             _("Failed to read \'%1$s\'"), profile);
         goto failed;
     }
 
@@ -265,8 +265,7 @@ reload_profile(virSecurityManager *mgr,
     if (profile_loaded(secdef->imagelabel) >= 0) {
         if (load_profile(mgr, secdef->imagelabel, def, fn, append) < 0) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("cannot update AppArmor profile "
-                             "\'%s\'"),
+                           _("cannot update AppArmor profile \'%1$s\'"),
                            secdef->imagelabel);
             return -1;
         }
@@ -327,12 +326,12 @@ AppArmorSecurityManagerProbe(const char *virtDriver G_GNUC_UNUSED)
 
     if (!virFileExists(template_qemu)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("template \'%s\' does not exist"), template_qemu);
+                       _("template \'%1$s\' does not exist"), template_qemu);
         return SECURITY_DRIVER_DISABLE;
     }
     if (!virFileExists(template_lxc)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("template \'%s\' does not exist"), template_lxc);
+                       _("template \'%1$s\' does not exist"), template_lxc);
         return SECURITY_DRIVER_DISABLE;
     }
 
@@ -414,8 +413,8 @@ AppArmorGenSecurityLabel(virSecurityManager *mgr G_GNUC_UNUSED,
     /* Now that we have a label, load the profile into the kernel. */
     if (load_profile(mgr, secdef->label, def, NULL, false) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("cannot load AppArmor profile "
-                       "\'%s\'"), secdef->label);
+                       _("cannot load AppArmor profile \'%1$s\'"),
+                       secdef->label);
         goto err;
     }
 
@@ -518,7 +517,7 @@ AppArmorRestoreSecurityAllLabel(virSecurityManager *mgr G_GNUC_UNUSED,
     if (secdef->type == VIR_DOMAIN_SECLABEL_DYNAMIC) {
         if ((rc = remove_profile(secdef->label)) != 0) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("could not remove profile for \'%s\'"),
+                           _("could not remove profile for \'%1$s\'"),
                            secdef->label);
         }
     }
@@ -544,9 +543,7 @@ AppArmorSetSecurityProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (STRNEQ(SECURITY_APPARMOR_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "\'%s\' model configured for domain, but "
-                         "hypervisor driver is \'%s\'."),
+                       _("security label driver mismatch: \'%1$s\' model configured for domain, but hypervisor driver is \'%2$s\'."),
                        secdef->model, SECURITY_APPARMOR_NAME);
         if (use_apparmor() > 0)
             return -1;
@@ -582,9 +579,7 @@ AppArmorSetSecurityChildProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (STRNEQ(SECURITY_APPARMOR_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "\'%s\' model configured for domain, but "
-                         "hypervisor driver is \'%s\'."),
+                       _("security label driver mismatch: \'%1$s\' model configured for domain, but hypervisor driver is \'%2$s\'."),
                        secdef->model, SECURITY_APPARMOR_NAME);
         if (use_apparmor() > 0)
             return -1;
@@ -647,7 +642,7 @@ AppArmorSetMemoryLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_MEMORY_MODEL_VIRTIO_PMEM:
         if (!virFileExists(mem->nvdimmPath)) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("%s: \'%s\' does not exist"),
+                           _("%1$s: \'%2$s\' does not exist"),
                            __func__, mem->nvdimmPath);
             return -1;
         }
@@ -686,13 +681,13 @@ AppArmorSetInputLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_INPUT_TYPE_EVDEV:
         if (input->source.evdev == NULL) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("%s: passthrough input device has no source"),
+                           _("%1$s: passthrough input device has no source"),
                            __func__);
             return -1;
         }
         if (!virFileExists(input->source.evdev)) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("%s: \'%s\' does not exist"),
+                           _("%1$s: \'%2$s\' does not exist"),
                            __func__, input->source.evdev);
             return -1;
         }
@@ -744,7 +739,7 @@ AppArmorSetSecurityImageLabelInternal(virSecurityManager *mgr,
     /* if the device doesn't exist, error out */
     if (!virFileExists(path)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("\'%s\' does not exist"),
+                       _("\'%1$s\' does not exist"),
                        path);
         return -1;
     }
@@ -789,7 +784,7 @@ AppArmorSecurityVerify(virSecurityManager *mgr G_GNUC_UNUSED,
     if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC) {
         if (use_apparmor() < 0 || profile_status(secdef->label, 0) < 0) {
             virReportError(VIR_ERR_XML_ERROR,
-                           _("Invalid security label \'%s\'"),
+                           _("Invalid security label \'%1$s\'"),
                            secdef->label);
             return -1;
         }
diff --git a/src/security/security_dac.c b/src/security/security_dac.c
index 9be8f458d1..1c1d6f0cff 100644
--- a/src/security/security_dac.c
+++ b/src/security/security_dac.c
@@ -689,7 +689,7 @@ virSecurityDACSetOwnershipInternal(const virSecurityDACData *priv,
             return 0;
 
         if (stat(path, &sb) < 0) {
-            virReportSystemError(errno, _("unable to stat: %s"), path);
+            virReportSystemError(errno, _("unable to stat: %1$s"), path);
             return -1;
         }
 
@@ -721,8 +721,7 @@ virSecurityDACSetOwnershipInternal(const virSecurityDACData *priv,
                      (long)uid, (long)gid, NULLSTR(path));
         } else {
             virReportSystemError(errno,
-                                 _("unable to set user and group to '%ld:%ld' "
-                                   "on '%s'"),
+                                 _("unable to set user and group to '%1$ld:%2$ld' on '%3$s'"),
                                  (long)uid, (long)gid, NULLSTR(path));
             return -1;
         }
@@ -760,7 +759,7 @@ virSecurityDACSetOwnership(virSecurityManager *mgr,
 
     if (remember && path) {
         if (stat(path, &sb) < 0) {
-            virReportSystemError(errno, _("unable to stat: %s"), path);
+            virReportSystemError(errno, _("unable to stat: %1$s"), path);
             return -1;
         }
 
@@ -778,8 +777,8 @@ virSecurityDACSetOwnership(virSecurityManager *mgr,
              * XATTRs so decrease it. */
             if (sb.st_uid != uid || sb.st_gid != gid) {
                 virReportError(VIR_ERR_OPERATION_INVALID,
-                               _("Setting different DAC user or group on %s "
-                                 "which is already in use"), path);
+                               _("Setting different DAC user or group on %1$s which is already in use"),
+                               path);
                 goto error;
             }
         }
@@ -2323,8 +2322,7 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
     if (seclabel->model
         && STRNEQ(seclabel->model, SECURITY_DAC_NAME)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label model %s is not supported "
-                         "with selinux"),
+                       _("security label model %1$s is not supported with selinux"),
                        seclabel->model);
             return rc;
     }
@@ -2333,8 +2331,8 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_SECLABEL_STATIC:
         if (seclabel->label == NULL) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("missing label for static security "
-                             "driver in domain %s"), def->name);
+                           _("missing label for static security driver in domain %1$s"),
+                           def->name);
             return rc;
         }
         break;
@@ -2343,8 +2341,8 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
                                           (unsigned int)priv->group);
         if (seclabel->label == NULL) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
-                           _("cannot generate dac user and group id "
-                             "for domain %s"), def->name);
+                           _("cannot generate dac user and group id for domain %1$s"),
+                           def->name);
             return rc;
         }
         break;
@@ -2354,7 +2352,7 @@ virSecurityDACGenLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_SECLABEL_DEFAULT:
     case VIR_DOMAIN_SECLABEL_LAST:
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("unexpected security label type '%s'"),
+                       _("unexpected security label type '%1$s'"),
                        virDomainSeclabelTypeToString(seclabel->type));
         return rc;
     }
@@ -2394,7 +2392,7 @@ virSecurityDACGetProcessLabelInternal(pid_t pid,
 
     if (g_lstat(path, &sb) < 0) {
         virReportSystemError(errno,
-                             _("unable to get uid and gid for PID %d via procfs"),
+                             _("unable to get uid and gid for PID %1$d via procfs"),
                              pid);
         return -1;
     }
@@ -2419,7 +2417,7 @@ virSecurityDACGetProcessLabelInternal(pid_t pid,
 
     if (sysctl(mib, 4, &p, &len, NULL, 0) < 0) {
         virReportSystemError(errno,
-                             _("unable to get PID %d uid and gid via sysctl"),
+                             _("unable to get PID %1$d uid and gid via sysctl"),
                              pid);
         return -1;
     }
diff --git a/src/security/security_driver.c b/src/security/security_driver.c
index b663b53244..ae11f595eb 100644
--- a/src/security/security_driver.c
+++ b/src/security/security_driver.c
@@ -70,7 +70,7 @@ virSecurityDriver *virSecurityDriverLookup(const char *name,
             VIR_DEBUG("Not enabled name=%s", tmp->name);
             if (name && STREQ(tmp->name, name)) {
                 virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                               _("Security driver %s not enabled"),
+                               _("Security driver %1$s not enabled"),
                                name);
                 return NULL;
             }
@@ -84,7 +84,7 @@ virSecurityDriver *virSecurityDriverLookup(const char *name,
 
     if (!drv) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("Security driver %s not found"),
+                       _("Security driver %1$s not found"),
                        NULLSTR(name));
         return NULL;
     }
diff --git a/src/security/security_manager.c b/src/security/security_manager.c
index 2f8e89cb04..5846d499d9 100644
--- a/src/security/security_manager.c
+++ b/src/security/security_manager.c
@@ -728,7 +728,7 @@ static int virSecurityManagerCheckModel(virSecurityManager *mgr,
     }
 
     virReportError(VIR_ERR_CONFIG_UNSUPPORTED,
-                   _("Security driver model '%s' is not available"),
+                   _("Security driver model '%1$s' is not available"),
                    secmodel);
  cleanup:
     VIR_FREE(sec_managers);
@@ -1354,7 +1354,7 @@ virSecurityManagerMetadataLock(virSecurityManager *mgr G_GNUC_UNUSED,
             }
 
             virReportSystemError(errno,
-                                 _("unable to open %s"),
+                                 _("unable to open %1$s"),
                                  p);
             goto cleanup;
         }
@@ -1369,7 +1369,7 @@ virSecurityManagerMetadataLock(virSecurityManager *mgr G_GNUC_UNUSED,
                     continue;
                 } else {
                     virReportSystemError(errno,
-                                         _("unable to lock %s for metadata change"),
+                                         _("unable to lock %1$s for metadata change"),
                                          p);
                     VIR_FORCE_CLOSE(fd);
                     goto cleanup;
diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
index e43962435f..19d30c1039 100644
--- a/src/security/security_selinux.c
+++ b/src/security/security_selinux.c
@@ -361,7 +361,7 @@ virSecuritySELinuxMCSFind(virSecurityManager *mgr,
 
     if (catRange < 8) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("Category range c%d-c%d too small"),
+                       _("Category range c%1$d-c%2$d too small"),
                        catMin, catMax);
         return NULL;
     }
@@ -438,7 +438,7 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
     }
     if (!(ourContext = context_new(ourSecContext))) {
         virReportSystemError(errno,
-                             _("Unable to parse current SELinux context '%s'"),
+                             _("Unable to parse current SELinux context '%1$s'"),
                              ourSecContext);
         goto cleanup;
     }
@@ -470,14 +470,14 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
     tmp = cat;
     if (tmp[0] != 'c') {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("Cannot parse category in %s"),
+                       _("Cannot parse category in %1$s"),
                        cat);
         goto cleanup;
     }
     tmp++;
     if (virStrToLong_i(tmp, &tmp, 10, catMin) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("Cannot parse category in %s"),
+                       _("Cannot parse category in %1$s"),
                        cat);
         goto cleanup;
     }
@@ -493,21 +493,21 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
     /* Find & extract category max (if any) */
     if (tmp[0] != '.') {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("Cannot parse category in %s"),
+                       _("Cannot parse category in %1$s"),
                        cat);
         goto cleanup;
     }
     tmp++;
     if (tmp[0] != 'c') {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("Cannot parse category in %s"),
+                       _("Cannot parse category in %1$s"),
                        cat);
         goto cleanup;
     }
     tmp++;
     if (virStrToLong_i(tmp, &tmp, 10, catMax) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("Cannot parse category in %s"),
+                       _("Cannot parse category in %1$s"),
                        cat);
         goto cleanup;
     }
@@ -542,7 +542,7 @@ virSecuritySELinuxContextAddRange(char *src,
 
     if (context_range_set(dstcon, context_range_get(srccon)) == -1) {
         virReportSystemError(errno,
-                             _("unable to set security context range '%s'"), dst);
+                             _("unable to set security context range '%1$s'"), dst);
         goto cleanup;
     }
 
@@ -581,7 +581,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
     }
     if (!(ourContext = context_new(ourSecContext))) {
         virReportSystemError(errno,
-                             _("Unable to parse current SELinux context '%s'"),
+                             _("Unable to parse current SELinux context '%1$s'"),
                              ourSecContext);
         goto cleanup;
     }
@@ -589,7 +589,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
 
     if (!(context = context_new(basecontext))) {
         virReportSystemError(errno,
-                             _("Unable to parse base SELinux context '%s'"),
+                             _("Unable to parse base SELinux context '%1$s'"),
                              basecontext);
         goto cleanup;
     }
@@ -597,7 +597,7 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
     if (context_user_set(context,
                          context_user_get(ourContext)) != 0) {
         virReportSystemError(errno,
-                             _("Unable to set SELinux context user '%s'"),
+                             _("Unable to set SELinux context user '%1$s'"),
                              context_user_get(ourContext));
         goto cleanup;
     }
@@ -606,14 +606,14 @@ virSecuritySELinuxGenNewContext(const char *basecontext,
         context_role_set(context,
                          context_role_get(ourContext)) != 0) {
         virReportSystemError(errno,
-                             _("Unable to set SELinux context role '%s'"),
+                             _("Unable to set SELinux context role '%1$s'"),
                              context_role_get(ourContext));
         goto cleanup;
     }
 
     if (context_range_set(context, mcs) != 0) {
         virReportSystemError(errno,
-                             _("Unable to set SELinux context MCS '%s'"),
+                             _("Unable to set SELinux context MCS '%1$s'"),
                              mcs);
         goto cleanup;
     }
@@ -655,7 +655,7 @@ virSecuritySELinuxLXCInitialize(virSecurityManager *mgr)
 
     if (!data->domain_context) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("missing 'process' value in selinux lxc contexts file '%s'"),
+                       _("missing 'process' value in selinux lxc contexts file '%1$s'"),
                        selinux_lxc_contexts_path());
         goto error;
     }
@@ -665,7 +665,7 @@ virSecuritySELinuxLXCInitialize(virSecurityManager *mgr)
 
     if (!data->file_context) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("missing 'file' value in selinux lxc contexts file '%s'"),
+                       _("missing 'file' value in selinux lxc contexts file '%1$s'"),
                        selinux_lxc_contexts_path());
         goto error;
     }
@@ -675,7 +675,7 @@ virSecuritySELinuxLXCInitialize(virSecurityManager *mgr)
 
     if (!data->content_context) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("missing 'content' value in selinux lxc contexts file '%s'"),
+                       _("missing 'content' value in selinux lxc contexts file '%1$s'"),
                        selinux_lxc_contexts_path());
         goto error;
     }
@@ -711,7 +711,7 @@ virSecuritySELinuxQEMUInitialize(virSecurityManager *mgr)
 
     if (virFileReadAll(selinux_virtual_domain_context_path(), MAX_CONTEXT, &(data->domain_context)) < 0) {
         virReportSystemError(errno,
-                             _("cannot read SELinux virtual domain context file '%s'"),
+                             _("cannot read SELinux virtual domain context file '%1$s'"),
                              selinux_virtual_domain_context_path());
         goto error;
     }
@@ -733,7 +733,7 @@ virSecuritySELinuxQEMUInitialize(virSecurityManager *mgr)
 
     if (virFileReadAll(selinux_virtual_image_context_path(), 2*MAX_CONTEXT, &(data->file_context)) < 0) {
         virReportSystemError(errno,
-                             _("cannot read SELinux virtual image context file %s"),
+                             _("cannot read SELinux virtual image context file %1$s"),
                              selinux_virtual_image_context_path());
         goto error;
     }
@@ -822,7 +822,7 @@ virSecuritySELinuxGenLabel(virSecurityManager *mgr,
     if (seclabel->model &&
         STRNEQ(seclabel->model, SECURITY_SELINUX_NAME)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label model %s is not supported with selinux"),
+                       _("security label model %1$s is not supported with selinux"),
                        seclabel->model);
         return rc;
     }
@@ -833,7 +833,7 @@ virSecuritySELinuxGenLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_SECLABEL_STATIC:
         if (!(ctx = context_new(seclabel->label))) {
             virReportSystemError(errno,
-                                 _("unable to allocate socket security context '%s'"),
+                                 _("unable to allocate socket security context '%1$s'"),
                                  seclabel->label);
             return rc;
         }
@@ -899,7 +899,7 @@ virSecuritySELinuxGenLabel(virSecurityManager *mgr,
     case VIR_DOMAIN_SECLABEL_LAST:
     default:
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("unexpected security label type '%s'"),
+                       _("unexpected security label type '%1$s'"),
                        virDomainSeclabelTypeToString(seclabel->type));
         goto cleanup;
     }
@@ -959,7 +959,7 @@ virSecuritySELinuxReserveLabel(virSecurityManager *mgr,
 
     if (getpidcon_raw(pid, &pctx) == -1) {
         virReportSystemError(errno,
-                             _("unable to get PID %d security context"), pid);
+                             _("unable to get PID %1$d security context"), pid);
         return -1;
     }
 
@@ -976,7 +976,7 @@ virSecuritySELinuxReserveLabel(virSecurityManager *mgr,
 
     if (rv == 1) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("MCS level for existing domain label %s already reserved"),
+                       _("MCS level for existing domain label %1$s already reserved"),
                        (char*)pctx);
         goto error;
     }
@@ -1197,15 +1197,14 @@ virSecuritySELinuxGetProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (getpidcon_raw(pid, &ctx) == -1) {
         virReportSystemError(errno,
-                             _("unable to get PID %d security context"),
+                             _("unable to get PID %1$d security context"),
                              pid);
         return -1;
     }
 
     if (virStrcpy(sec->label, ctx, VIR_SECURITY_LABEL_BUFLEN) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label exceeds "
-                         "maximum length: %d"),
+                       _("security label exceeds maximum length: %1$d"),
                        VIR_SECURITY_LABEL_BUFLEN - 1);
         freecon(ctx);
         return -1;
@@ -1267,8 +1266,7 @@ virSecuritySELinuxSetFileconImpl(const char *path,
             const char *msg;
             if (virFileIsSharedFSType(path, VIR_FILE_SHFS_NFS) == 1 &&
                 security_get_boolean_active("virt_use_nfs") != 1) {
-                msg = _("Setting security context '%s' on '%s' not supported. "
-                        "Consider setting virt_use_nfs");
+                msg = _("Setting security context '%1$s' on '%2$s' not supported. Consider setting virt_use_nfs");
                 if (security_getenforce() == 1)
                     VIR_WARN(msg, tcon, path);
                 else
@@ -1286,7 +1284,7 @@ virSecuritySELinuxSetFileconImpl(const char *path,
                 (security_getenforce() == 1 &&
                  (setfilecon_errno != EPERM || privileged))) {
                 virReportSystemError(setfilecon_errno,
-                                     _("unable to set security context '%s' on '%s'"),
+                                     _("unable to set security context '%1$s' on '%2$s'"),
                                      tcon, path);
                 return -1;
             }
@@ -1323,7 +1321,7 @@ virSecuritySELinuxSetFilecon(virSecurityManager *mgr,
         if (getfilecon_raw(path, &econ) < 0 &&
             errno != ENOTSUP && errno != ENODATA) {
             virReportSystemError(errno,
-                                 _("unable to get SELinux context of %s"),
+                                 _("unable to get SELinux context of %1$s"),
                                  path);
             goto cleanup;
         }
@@ -1345,8 +1343,8 @@ virSecuritySELinuxSetFilecon(virSecurityManager *mgr,
                  * incremented in XATTRs so decrease it. */
                 if (STRNEQ(econ, tcon)) {
                     virReportError(VIR_ERR_OPERATION_INVALID,
-                                   _("Setting different SELinux label on %s "
-                                     "which is already in use"), path);
+                                   _("Setting different SELinux label on %1$s which is already in use"),
+                                   path);
                     goto cleanup;
                 }
             }
@@ -1402,7 +1400,7 @@ virSecuritySELinuxFSetFilecon(int fd, char *tcon)
          */
         if (fsetfilecon_errno != EOPNOTSUPP) {
             virReportSystemError(fsetfilecon_errno,
-                                 _("unable to set security context '%s' on fd %d"),
+                                 _("unable to set security context '%1$s' on fd %2$d"),
                                  tcon, fd);
             if (security_getenforce() == 1)
                 return -1;
@@ -2933,9 +2931,7 @@ virSecuritySELinuxVerify(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "'%s' model configured for domain, but "
-                         "hypervisor driver is '%s'."),
+                       _("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
                        secdef->model, SECURITY_SELINUX_NAME);
         return -1;
     }
@@ -2943,7 +2939,7 @@ virSecuritySELinuxVerify(virSecurityManager *mgr G_GNUC_UNUSED,
     if (secdef->type == VIR_DOMAIN_SECLABEL_STATIC) {
         if (security_check_context(secdef->label) != 0) {
             virReportError(VIR_ERR_XML_ERROR,
-                           _("Invalid security label %s"), secdef->label);
+                           _("Invalid security label %1$s"), secdef->label);
             return -1;
         }
     }
@@ -2964,9 +2960,7 @@ virSecuritySELinuxSetProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
     VIR_DEBUG("label=%s", secdef->label);
     if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "'%s' model configured for domain, but "
-                         "hypervisor driver is '%s'."),
+                       _("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
                        secdef->model, SECURITY_SELINUX_NAME);
         if (security_getenforce() == 1)
             return -1;
@@ -2974,7 +2968,7 @@ virSecuritySELinuxSetProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (setexeccon_raw(secdef->label) == -1) {
         virReportSystemError(errno,
-                             _("unable to set security context '%s'"),
+                             _("unable to set security context '%1$s'"),
                              secdef->label);
         if (security_getenforce() == 1)
             return -1;
@@ -2998,9 +2992,7 @@ virSecuritySELinuxSetChildProcessLabel(virSecurityManager *mgr G_GNUC_UNUSED,
     VIR_DEBUG("label=%s", secdef->label);
     if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "'%s' model configured for domain, but "
-                         "hypervisor driver is '%s'."),
+                       _("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
                        secdef->model, SECURITY_SELINUX_NAME);
         if (security_getenforce() == 1)
             return -1;
@@ -3027,16 +3019,14 @@ virSecuritySELinuxSetDaemonSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "'%s' model configured for domain, but "
-                         "hypervisor driver is '%s'."),
+                       _("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
                        secdef->model, SECURITY_SELINUX_NAME);
         goto done;
     }
 
     if (getcon_raw(&scon) == -1) {
         virReportSystemError(errno,
-                             _("unable to get current process context '%s'"),
+                             _("unable to get current process context '%1$s'"),
                              secdef->label);
         goto done;
     }
@@ -3047,7 +3037,7 @@ virSecuritySELinuxSetDaemonSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
     VIR_DEBUG("Setting VM %s socket context %s", def->name, str);
     if (setsockcreatecon_raw(str) == -1) {
         virReportSystemError(errno,
-                             _("unable to set socket security context '%s'"), str);
+                             _("unable to set socket security context '%1$s'"), str);
         goto done;
     }
 
@@ -3074,9 +3064,7 @@ virSecuritySELinuxSetSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "'%s' model configured for domain, but "
-                         "hypervisor driver is '%s'."),
+                       _("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
                        secdef->model, SECURITY_SELINUX_NAME);
         goto done;
     }
@@ -3085,7 +3073,7 @@ virSecuritySELinuxSetSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
               vm->name, secdef->label);
     if (setsockcreatecon_raw(secdef->label) == -1) {
         virReportSystemError(errno,
-                             _("unable to set socket security context '%s'"),
+                             _("unable to set socket security context '%1$s'"),
                              secdef->label);
         goto done;
     }
@@ -3112,9 +3100,7 @@ virSecuritySELinuxClearSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (STRNEQ(SECURITY_SELINUX_NAME, secdef->model)) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("security label driver mismatch: "
-                         "'%s' model configured for domain, but "
-                         "hypervisor driver is '%s'."),
+                       _("security label driver mismatch: '%1$s' model configured for domain, but hypervisor driver is '%2$s'."),
                        secdef->model, SECURITY_SELINUX_NAME);
         if (security_getenforce() == 1)
             return -1;
@@ -3122,7 +3108,7 @@ virSecuritySELinuxClearSocketLabel(virSecurityManager *mgr G_GNUC_UNUSED,
 
     if (setsockcreatecon_raw(NULL) == -1) {
         virReportSystemError(errno,
-                             _("unable to clear socket security context '%s'"),
+                             _("unable to clear socket security context '%1$s'"),
                              secdef->label);
         if (security_getenforce() == 1)
             return -1;
@@ -3334,13 +3320,13 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManager *mgr,
         return 0;
 
     if (fstat(fd, &buf) < 0) {
-        virReportSystemError(errno, _("cannot stat tap fd %d"), fd);
+        virReportSystemError(errno, _("cannot stat tap fd %1$d"), fd);
         goto cleanup;
     }
 
     if ((buf.st_mode & S_IFMT) != S_IFCHR) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("tap fd %d is not character device"), fd);
+                       _("tap fd %1$d is not character device"), fd);
         goto cleanup;
     }
 
@@ -3349,7 +3335,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManager *mgr,
 
     if (virFileResolveLink(proc, &fd_path) < 0) {
         virReportSystemError(errno,
-                             _("Unable to resolve link: %s"), proc);
+                             _("Unable to resolve link: %1$s"), proc);
         goto cleanup;
     }
 
@@ -3362,7 +3348,7 @@ virSecuritySELinuxSetTapFDLabel(virSecurityManager *mgr,
 
     if (getContext(mgr, fd_path, buf.st_mode, &fcon) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("cannot lookup default selinux label for tap fd %d"), fd);
+                       _("cannot lookup default selinux label for tap fd %1$d"), fd);
         goto cleanup;
     }
 
@@ -3398,7 +3384,7 @@ virSecuritySELinuxGenImageLabel(virSecurityManager *mgr,
     if (secdef->label) {
         ctx = context_new(secdef->label);
         if (!ctx) {
-            virReportSystemError(errno, _("unable to create selinux context for: %s"),
+            virReportSystemError(errno, _("unable to create selinux context for: %1$s"),
                                  secdef->label);
             goto cleanup;
         }
@@ -3528,7 +3514,7 @@ virSecuritySELinuxSetFileLabels(virSecurityManager *mgr,
             break;
     }
     if (ret < 0)
-        virReportSystemError(errno, _("Unable to label files under %s"),
+        virReportSystemError(errno, _("Unable to label files under %1$s"),
                              path);
 
     return ret;
@@ -3571,7 +3557,7 @@ virSecuritySELinuxRestoreFileLabels(virSecurityManager *mgr,
             break;
     }
     if (ret < 0)
-        virReportSystemError(errno, _("Unable to restore file labels under %s"),
+        virReportSystemError(errno, _("Unable to restore file labels under %1$s"),
                              path);
 
     return ret;
diff --git a/src/security/security_util.c b/src/security/security_util.c
index 83eb2edcae..a4e6687561 100644
--- a/src/security/security_util.c
+++ b/src/security/security_util.c
@@ -183,7 +183,7 @@ virSecurityValidateTimestamp(const char *name,
             return -2;
         } else if (errno != ENODATA) {
             virReportSystemError(errno,
-                                 _("Unable to get XATTR %s on %s"),
+                                 _("Unable to get XATTR %1$s on %2$s"),
                                  timestamp_name,
                                  path);
             return -1;
@@ -290,7 +290,7 @@ virSecurityGetRememberedLabel(const char *name,
             return -2;
 
         virReportSystemError(errno,
-                             _("Unable to get XATTR %s on %s"),
+                             _("Unable to get XATTR %1$s on %2$s"),
                              ref_name,
                              path);
         return -1;
@@ -312,7 +312,7 @@ virSecurityGetRememberedLabel(const char *name,
 
     if (virStrToLong_ui(value, NULL, 10, &refcount) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("malformed refcount %s on %s"),
+                       _("malformed refcount %1$s on %2$s"),
                        value, path);
         return -1;
     }
@@ -388,7 +388,7 @@ virSecuritySetRememberedLabel(const char *name,
             return -2;
         } else if (errno != ENODATA) {
             virReportSystemError(errno,
-                                 _("Unable to get XATTR %s on %s"),
+                                 _("Unable to get XATTR %1$s on %2$s"),
                                  ref_name,
                                  path);
             return -1;
@@ -412,7 +412,7 @@ virSecuritySetRememberedLabel(const char *name,
     if (value &&
         virStrToLong_ui(value, NULL, 10, &refcount) < 0) {
         virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("malformed refcount %s on %s"),
+                       _("malformed refcount %1$s on %2$s"),
                        value, path);
         return -1;
     }
@@ -479,7 +479,7 @@ virSecurityMoveRememberedLabel(const char *name,
             return -2;
         } else if (errno != ENODATA) {
             virReportSystemError(errno,
-                                 _("Unable to get XATTR %s on %s"),
+                                 _("Unable to get XATTR %1$s on %2$s"),
                                  ref_name, src);
             return -1;
         }
@@ -490,7 +490,7 @@ virSecurityMoveRememberedLabel(const char *name,
             return -2;
         } else if (errno != ENODATA) {
             virReportSystemError(errno,
-                                 _("Unable to get XATTR %s on %s"),
+                                 _("Unable to get XATTR %1$s on %2$s"),
                                  attr_name, src);
             return -1;
         }
@@ -501,7 +501,7 @@ virSecurityMoveRememberedLabel(const char *name,
             return -2;
         } else if (errno != ENODATA) {
             virReportSystemError(errno,
-                                 _("Unable to get XATTR %s on %s"),
+                                 _("Unable to get XATTR %1$s on %2$s"),
                                  attr_name, src);
             return -1;
         }
diff --git a/src/security/virt-aa-helper.c b/src/security/virt-aa-helper.c
index d65d459850..3ee59b32bb 100644
--- a/src/security/virt-aa-helper.c
+++ b/src/security/virt-aa-helper.c
@@ -96,7 +96,7 @@ vahDeinit(vahControl * ctl)
 static void
 vah_usage(void)
 {
-    printf(_("\n%s mode [options] [extra file] [< def.xml]\n\n"
+    printf(_("\n%1$s mode [options] [extra file] [< def.xml]\n\n"
             "  Modes:\n"
             "    -a | --add                     load profile\n"
             "    -c | --create                  create profile from template\n"
@@ -120,7 +120,7 @@ vah_usage(void)
 static void
 vah_error(vahControl * ctl, int doexit, const char *str)
 {
-    fprintf(stderr, _("%s: error: %s%c"), progname, str, '\n');
+    fprintf(stderr, _("%1$s: error: %2$s%3$c"), progname, str, '\n');
 
     if (doexit) {
         if (ctl != NULL)
@@ -132,13 +132,13 @@ vah_error(vahControl * ctl, int doexit, const char *str)
 static void
 vah_warning(const char *str)
 {
-    fprintf(stderr, _("%s: warning: %s%c"), progname, str, '\n');
+    fprintf(stderr, _("%1$s: warning: %2$s%3$c"), progname, str, '\n');
 }
 
 static void
 vah_info(const char *str)
 {
-    fprintf(stderr, _("%s:\n%s%c"), progname, str, '\n');
+    fprintf(stderr, _("%1$s:\n%2$s%3$c"), progname, str, '\n');
 }
 
 /*
@@ -1442,7 +1442,7 @@ main(int argc, char **argv)
 
     if (virGettextInitialize() < 0 ||
         virErrorInitialize() < 0) {
-        fprintf(stderr, _("%s: initialization failed\n"), argv[0]);
+        fprintf(stderr, _("%1$s: initialization failed\n"), argv[0]);
         exit(EXIT_FAILURE);
     }
 
-- 
2.39.2



More information about the libvir-list mailing list