1 /******************************************************************************/ 2 /* This program is free software; you can redistribute it and/or modify */ 3 /* it under the terms of the GNU General Public License as published by */ 4 /* the Free Software Foundation; either version 2 of the License, or */ 5 /* (at your option) any later version. */ 6 /* */ 7 /* This program is distributed in the hope that it will be useful, */ 8 /* but WITHOUT ANY WARRANTY; without even the implied warranty of */ 9 /* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See */ 10 /* the GNU General Public License for more details. */ 11 /* */ 12 /* You should have received a copy of the GNU General Public License */ 13 /* along with this program; if not, write to the Free Software */ 14 /* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA */ 15 /* */ 16 /******************************************************************************/ 17 /* 18 * tomoyo_new_file_test.c 19 * 20 * Testing program for security/tomoyo/ 21 * 22 * Copyright (C) 2005-2010 NTT DATA CORPORATION 23 */ 24 #include "include.h" 25 26 static const char *policy = ""; 27 28 static void show_result(int result, char should_success) 29 { 30 int error = errno; 31 printf("%s : ", policy); 32 if (should_success) { 33 if (result != EOF) 34 printf("OK\n"); 35 else 36 printf("FAILED: %s\n", strerror(error)); 37 } else { 38 if (result == EOF) { 39 if (error == EPERM) 40 printf("OK: Permission denied.\n"); 41 else 42 printf("FAILED: %s\n", strerror(error)); 43 } else { 44 printf("BUG: didn't fail.\n"); 45 } 46 } 47 } 48 49 static void create2(const char *pathname) 50 { 51 set_profile(0, "file::create"); 52 set_profile(0, "file::open"); 53 close(creat(pathname, 0600)); 54 set_profile(3, "file::create"); 55 set_profile(3, "file::open"); 56 errno = 0; 57 } 58 59 static void mkdir2(const char *pathname) 60 { 61 set_profile(0, "file::mkdir"); 62 mkdir(pathname, 0600); 63 set_profile(3, "file::mkdir"); 64 errno = 0; 65 } 66 67 static void unlink2(const char *pathname) 68 { 69 set_profile(0, "file::unlink"); 70 unlink(pathname); 71 set_profile(3, "file::unlink"); 72 errno = 0; 73 } 74 75 static void rmdir2(const char *pathname) 76 { 77 set_profile(0, "file::rmdir"); 78 rmdir(pathname); 79 set_profile(3, "file::rmdir"); 80 errno = 0; 81 } 82 83 static void mkfifo2(const char *pathname) 84 { 85 set_profile(0, "file::mkfifo"); 86 mkfifo(pathname, 0600); 87 set_profile(3, "file::mkfifo"); 88 errno = 0; 89 } 90 91 static void stage_file_test(void) 92 { 93 const char buffer[] = "32768 61000"; 94 int pipe_fd[2] = { EOF, EOF }; 95 int error = 0; 96 int fd; 97 char pbuffer[1024]; 98 struct stat sbuf; 99 struct sockaddr_un addr; 100 struct ifreq ifreq; 101 char *filename = ""; 102 set_profile(3, "file::execute"); 103 set_profile(3, "file::open"); 104 set_profile(3, "file::create"); 105 set_profile(3, "file::unlink"); 106 set_profile(3, "file::mkdir"); 107 set_profile(3, "file::rmdir"); 108 set_profile(3, "file::mkfifo"); 109 set_profile(3, "file::mksock"); 110 set_profile(3, "file::truncate"); 111 set_profile(3, "file::symlink"); 112 set_profile(3, "file::rewrite"); 113 set_profile(3, "file::mkblock"); 114 set_profile(3, "file::mkchar"); 115 set_profile(3, "file::link"); 116 set_profile(3, "file::rename"); 117 set_profile(3, "file::chmod"); 118 set_profile(3, "file::chown"); 119 set_profile(3, "file::chgrp"); 120 set_profile(3, "file::ioctl"); 121 set_profile(3, "file::chroot"); 122 set_profile(3, "file::mount"); 123 set_profile(3, "file::umount"); 124 set_profile(3, "file::pivot_root"); 125 126 policy = "allow_read /proc/sys/net/ipv4/ip_local_port_range"; 127 write_domain_policy(policy, 0); 128 show_result(read_sysctl(TEST_SYSCTL_PATH, NULL, 0), 1); 129 write_domain_policy(policy, 1); 130 show_result(read_sysctl(TEST_SYSCTL_PATH, NULL, 0), 0); 131 132 policy = "allow_write /proc/sys/net/ipv4/ip_local_port_range"; 133 write_domain_policy(policy, 0); 134 show_result(write_sysctl(TEST_SYSCTL_PATH, buffer), 1); 135 write_domain_policy(policy, 1); 136 show_result(write_sysctl(TEST_SYSCTL_PATH, buffer), 0); 137 138 policy = "allow_read/write /proc/sys/net/ipv4/ip_local_port_range"; 139 write_domain_policy(policy, 0); 140 show_result(read_sysctl(TEST_SYSCTL_PATH, NULL, 0) && 141 write_sysctl(TEST_SYSCTL_PATH, buffer), 1); 142 write_domain_policy(policy, 1); 143 show_result(read_sysctl(TEST_SYSCTL_PATH, NULL, 0) && 144 write_sysctl(TEST_SYSCTL_PATH, buffer), 0); 145 146 policy = "allow_read /bin/true"; 147 write_domain_policy(policy, 0); 148 show_result(uselib("/bin/true"), 1); 149 write_domain_policy(policy, 1); 150 show_result(uselib("/bin/true"), 0); 151 152 policy = "allow_execute /bin/true"; 153 write_domain_policy(policy, 0); 154 fflush(stdout); 155 fflush(stderr); 156 if (pipe(pipe_fd) == -1) 157 err(1, "pipe"); 158 if (fork() == 0) { 159 execl("/bin/true", "/bin/true", NULL); 160 if (write(pipe_fd[1], &errno, sizeof(errno)) == -1) 161 err(1, "write"); 162 exit(0); 163 } 164 close(pipe_fd[1]); 165 (void)read(pipe_fd[0], &error, sizeof(error)); 166 close(pipe_fd[0]); 167 wait(NULL); 168 errno = error; 169 show_result(error ? EOF : 0, 1); 170 write_domain_policy(policy, 1); 171 fflush(stdout); 172 fflush(stderr); 173 if (pipe(pipe_fd) == -1) 174 err(1, "pipe"); 175 if (fork() == 0) { 176 execl("/bin/true", "/bin/true", NULL); 177 if (write(pipe_fd[1], &errno, sizeof(errno)) == -1) 178 err(1, "write"); 179 _exit(0); 180 } 181 close(pipe_fd[1]); 182 (void)read(pipe_fd[0], &error, sizeof(error)); 183 close(pipe_fd[0]); 184 wait(NULL); 185 errno = error; 186 show_result(errno ? EOF : 0, 0); 187 188 policy = "allow_read /dev/null"; 189 write_domain_policy(policy, 0); 190 fd = open("/dev/null", O_RDONLY); 191 show_result(fd, 1); 192 if (fd != EOF) 193 close(fd); 194 write_domain_policy(policy, 1); 195 fd = open("/dev/null", O_RDONLY); 196 show_result(fd, 0); 197 if (fd != EOF) 198 close(fd); 199 200 policy = "allow_read /dev/null"; 201 write_domain_policy(policy, 0); 202 fd = open("/dev/null", O_RDONLY); 203 show_result(fd, 1); 204 if (fd != EOF) 205 close(fd); 206 write_domain_policy(policy, 1); 207 fd = open("/dev/null", O_RDONLY); 208 show_result(fd, 0); 209 if (fd != EOF) 210 close(fd); 211 212 policy = "allow_read /dev/null"; 213 write_domain_policy(policy, 0); 214 fd = open("/dev/null", O_RDONLY); 215 show_result(fd, 1); 216 if (fd != EOF) 217 close(fd); 218 write_domain_policy(policy, 1); 219 fd = open("/dev/null", O_RDONLY); 220 show_result(fd, 0); 221 if (fd != EOF) 222 close(fd); 223 224 policy = "allow_read /dev/null"; 225 write_domain_policy(policy, 0); 226 fd = open("/dev/null", O_RDONLY); 227 show_result(fd, 1); 228 if (fd != EOF) 229 close(fd); 230 write_domain_policy(policy, 1); 231 fd = open("/dev/null", O_RDONLY); 232 show_result(fd, 0); 233 if (fd != EOF) 234 close(fd); 235 236 set_profile(3, "file::mkfifo"); 237 policy = "allow_mkfifo /tmp/mknod_fifo_test 0644"; 238 write_domain_policy(policy, 0); 239 filename = "/tmp/mknod_fifo_test"; 240 show_result(mknod(filename, S_IFIFO | 0644, 0), 1); 241 write_domain_policy(policy, 1); 242 unlink2(filename); 243 show_result(mknod(filename, S_IFIFO | 0644, 0), 0); 244 245 memset(pbuffer, 0, sizeof(pbuffer)); 246 memset(&sbuf, 0, sizeof(sbuf)); 247 filename = "/dev/null"; 248 stat(filename, &sbuf); 249 snprintf(pbuffer, sizeof(pbuffer) - 1, "allow_write %s", filename); 250 policy = pbuffer; 251 write_domain_policy(policy, 0); 252 fd = open(filename, O_WRONLY); 253 show_result(fd, 1); 254 if (fd != EOF) 255 close(fd); 256 write_domain_policy(policy, 1); 257 fd = open(filename, O_WRONLY); 258 show_result(fd, 0); 259 if (fd != EOF) 260 close(fd); 261 262 policy = "allow_read/write /tmp/fifo"; 263 mkfifo2("/tmp/fifo"); 264 write_domain_policy(policy, 0); 265 fd = open("/tmp/fifo", O_RDWR); 266 show_result(fd, 1); 267 if (fd != EOF) 268 close(fd); 269 write_domain_policy(policy, 1); 270 fd = open("/tmp/fifo", O_RDWR); 271 show_result(fd, 0); 272 if (fd != EOF) 273 close(fd); 274 275 policy = "allow_read /dev/null"; 276 write_domain_policy(policy, 0); 277 fd = open("/dev/null", O_RDONLY); 278 show_result(fd, 1); 279 if (fd != EOF) 280 close(fd); 281 write_domain_policy(policy, 1); 282 fd = open("/dev/null", O_RDONLY); 283 show_result(fd, 0); 284 if (fd != EOF) 285 close(fd); 286 287 policy = "allow_write /dev/null"; 288 write_domain_policy(policy, 0); 289 fd = open("/dev/null", O_WRONLY); 290 show_result(fd, 1); 291 if (fd != EOF) 292 close(fd); 293 write_domain_policy(policy, 1); 294 fd = open("/dev/null", O_WRONLY); 295 show_result(fd, 0); 296 if (fd != EOF) 297 close(fd); 298 299 policy = "allow_read/write /dev/null"; 300 write_domain_policy(policy, 0); 301 fd = open("/dev/null", O_RDWR); 302 show_result(fd, 1); 303 if (fd != EOF) 304 close(fd); 305 write_domain_policy(policy, 1); 306 fd = open("/dev/null", O_RDWR); 307 show_result(fd, 0); 308 if (fd != EOF) 309 close(fd); 310 311 policy = "allow_create /tmp/open_test 0644"; 312 write_domain_policy(policy, 0); 313 policy = "allow_write /tmp/open_test"; 314 write_domain_policy(policy, 0); 315 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); 316 show_result(fd, 1); 317 if (fd != EOF) 318 close(fd); 319 unlink2("/tmp/open_test"); 320 write_domain_policy(policy, 1); 321 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); 322 show_result(fd, 0); 323 if (fd != EOF) 324 close(fd); 325 unlink2("/tmp/open_test"); 326 327 policy = "allow_create /tmp/open_test 0644"; 328 write_domain_policy(policy, 1); 329 330 policy = "allow_write /tmp/open_test"; 331 write_domain_policy(policy, 0); 332 policy = "allow_create /tmp/open_test 0644"; 333 write_domain_policy(policy, 0); 334 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); 335 show_result(fd, 1); 336 if (fd != EOF) 337 close(fd); 338 unlink2("/tmp/open_test"); 339 write_domain_policy(policy, 1); 340 fd = open("/tmp/open_test", O_WRONLY | O_CREAT | O_EXCL, 0644); 341 show_result(fd, 0); 342 if (fd != EOF) 343 close(fd); 344 unlink2("/tmp/open_test"); 345 policy = "allow_write /tmp/open_test"; 346 write_domain_policy(policy, 1); 347 348 filename = "/tmp/truncate_test"; 349 create2(filename); 350 351 policy = "allow_truncate /tmp/truncate_test"; 352 write_domain_policy(policy, 0); 353 policy = "allow_write /tmp/truncate_test"; 354 write_domain_policy(policy, 0); 355 fd = open(filename, O_WRONLY | O_TRUNC); 356 show_result(fd, 1); 357 if (fd != EOF) 358 close(fd); 359 write_domain_policy(policy, 1); 360 fd = open(filename, O_WRONLY | O_TRUNC); 361 show_result(fd, 0); 362 if (fd != EOF) 363 close(fd); 364 policy = "allow_truncate /tmp/truncate_test"; 365 write_domain_policy(policy, 1); 366 367 policy = "allow_write /tmp/truncate_test"; 368 write_domain_policy(policy, 0); 369 policy = "allow_truncate /tmp/truncate_test"; 370 write_domain_policy(policy, 0); 371 fd = open(filename, O_WRONLY | O_TRUNC); 372 show_result(fd, 1); 373 if (fd != EOF) 374 close(fd); 375 write_domain_policy(policy, 1); 376 fd = open(filename, O_WRONLY | O_TRUNC); 377 show_result(fd, 0); 378 if (fd != EOF) 379 close(fd); 380 policy = "allow_write /tmp/truncate_test"; 381 write_domain_policy(policy, 1); 382 383 policy = "allow_truncate /tmp/truncate_test"; 384 write_domain_policy(policy, 0); 385 show_result(truncate(filename, 0), 1); 386 write_domain_policy(policy, 1); 387 show_result(truncate(filename, 0), 0); 388 389 policy = "allow_truncate /tmp/truncate_test"; 390 write_domain_policy(policy, 0); 391 set_profile(0, "file::open"); 392 fd = open(filename, O_WRONLY); 393 set_profile(3, "file::open"); 394 show_result(ftruncate(fd, 0), 1); 395 write_domain_policy(policy, 1); 396 show_result(ftruncate(fd, 0), 0); 397 if (fd != EOF) 398 close(fd); 399 400 unlink2(filename); 401 402 policy = "allow_create /tmp/mknod_reg_test 0644"; 403 write_domain_policy(policy, 0); 404 filename = "/tmp/mknod_reg_test"; 405 show_result(mknod(filename, S_IFREG | 0644, 0), 1); 406 write_domain_policy(policy, 1); 407 unlink2(filename); 408 show_result(mknod(filename, S_IFREG | 0644, 0), 0); 409 410 policy = "allow_mkchar /tmp/mknod_chr_test 0644 1 3"; 411 write_domain_policy(policy, 0); 412 filename = "/tmp/mknod_chr_test"; 413 show_result(mknod(filename, S_IFCHR | 0644, MKDEV(1, 3)), 1); 414 write_domain_policy(policy, 1); 415 unlink2(filename); 416 show_result(mknod(filename, S_IFCHR | 0644, MKDEV(1, 3)), 0); 417 418 policy = "allow_mkblock /tmp/mknod_blk_test 0644 1 0"; 419 write_domain_policy(policy, 0); 420 filename = "/tmp/mknod_blk_test"; 421 show_result(mknod(filename, S_IFBLK | 0644, MKDEV(1, 0)), 1); 422 write_domain_policy(policy, 1); 423 unlink2(filename); 424 show_result(mknod(filename, S_IFBLK | 0644, MKDEV(1, 0)), 0); 425 426 policy = "allow_mkfifo /tmp/mknod_fifo_test 0644"; 427 write_domain_policy(policy, 0); 428 filename = "/tmp/mknod_fifo_test"; 429 show_result(mknod(filename, S_IFIFO | 0644, 0), 1); 430 write_domain_policy(policy, 1); 431 unlink2(filename); 432 show_result(mknod(filename, S_IFIFO | 0644, 0), 0); 433 434 policy = "allow_mksock /tmp/mknod_sock_test 0644"; 435 write_domain_policy(policy, 0); 436 filename = "/tmp/mknod_sock_test"; 437 show_result(mknod(filename, S_IFSOCK | 0644, 0), 1); 438 write_domain_policy(policy, 1); 439 unlink2(filename); 440 show_result(mknod(filename, S_IFSOCK | 0644, 0), 0); 441 442 policy = "allow_mkdir /tmp/mkdir_test/ 0600"; 443 write_domain_policy(policy, 0); 444 filename = "/tmp/mkdir_test"; 445 show_result(mkdir(filename, 0600), 1); 446 write_domain_policy(policy, 1); 447 rmdir2(filename); 448 show_result(mkdir(filename, 0600), 0); 449 450 policy = "allow_rmdir /tmp/rmdir_test/"; 451 write_domain_policy(policy, 0); 452 filename = "/tmp/rmdir_test"; 453 mkdir2(filename); 454 show_result(rmdir(filename), 1); 455 write_domain_policy(policy, 1); 456 mkdir2(filename); 457 show_result(rmdir(filename), 0); 458 rmdir2(filename); 459 460 policy = "allow_unlink /tmp/unlink_test"; 461 write_domain_policy(policy, 0); 462 filename = "/tmp/unlink_test"; 463 create2(filename); 464 show_result(unlink(filename), 1); 465 write_domain_policy(policy, 1); 466 create2(filename); 467 show_result(unlink(filename), 0); 468 unlink2(filename); 469 470 policy = "allow_symlink /tmp/symlink_source_test"; 471 write_domain_policy(policy, 0); 472 filename = "/tmp/symlink_source_test"; 473 show_result(symlink("/tmp/symlink_dest_test", filename), 1); 474 write_domain_policy(policy, 1); 475 unlink2(filename); 476 show_result(symlink("/tmp/symlink_dest_test", filename), 0); 477 478 policy = "allow_symlink /tmp/symlink_source_test"; 479 write_domain_policy(policy, 0); 480 filename = "/tmp/symlink_source_test"; 481 show_result(symlink("/tmp/symlink_dest_test", filename), 1); 482 write_domain_policy(policy, 1); 483 unlink2(filename); 484 show_result(symlink("/tmp/symlink_dest_test", filename), 0); 485 486 policy = "allow_symlink /tmp/symlink_source_test"; 487 write_domain_policy(policy, 0); 488 filename = "/tmp/symlink_source_test"; 489 show_result(symlink("/tmp/symlink_dest_test", filename), 1); 490 write_domain_policy(policy, 1); 491 unlink2(filename); 492 show_result(symlink("/tmp/symlink_dest_test", filename), 0); 493 494 policy = "allow_symlink /tmp/symlink_source_test"; 495 write_domain_policy(policy, 0); 496 filename = "/tmp/symlink_source_test"; 497 show_result(symlink("/tmp/symlink_dest_test", filename), 1); 498 write_domain_policy(policy, 1); 499 unlink2(filename); 500 show_result(symlink("/tmp/symlink_dest_test", filename), 0); 501 502 policy = "allow_symlink /tmp/symlink_source_test"; 503 write_domain_policy(policy, 0); 504 filename = "/tmp/symlink_source_test"; 505 show_result(symlink("/tmp/symlink_dest_test", filename), 1); 506 write_domain_policy(policy, 1); 507 unlink2(filename); 508 show_result(symlink("/tmp/symlink_dest_test", filename), 0); 509 510 policy = "allow_link /tmp/link_source_test /tmp/link_dest_test"; 511 write_domain_policy(policy, 0); 512 filename = "/tmp/link_source_test"; 513 create2(filename); 514 show_result(link(filename, "/tmp/link_dest_test"), 1); 515 write_domain_policy(policy, 1); 516 unlink2("/tmp/link_dest_test"); 517 show_result(link(filename, "/tmp/link_dest_test"), 0); 518 unlink2(filename); 519 520 policy = "allow_rename /tmp/rename_source_test /tmp/rename_dest_test"; 521 write_domain_policy(policy, 0); 522 filename = "/tmp/rename_source_test"; 523 create2(filename); 524 show_result(rename(filename, "/tmp/rename_dest_test"), 1); 525 write_domain_policy(policy, 1); 526 unlink2("/tmp/rename_dest_test"); 527 create2(filename); 528 show_result(rename(filename, "/tmp/rename_dest_test"), 0); 529 unlink2(filename); 530 531 policy = "allow_mksock /tmp/socket_test 0755"; 532 write_domain_policy(policy, 0); 533 filename = "/tmp/socket_test"; 534 memset(&addr, 0, sizeof(addr)); 535 addr.sun_family = AF_UNIX; 536 strncpy(addr.sun_path, filename, sizeof(addr.sun_path) - 1); 537 fd = socket(AF_UNIX, SOCK_STREAM, 0); 538 show_result(bind(fd, (struct sockaddr *)&addr, sizeof(addr)), 1); 539 if (fd != EOF) 540 close(fd); 541 write_domain_policy(policy, 1); 542 unlink2(filename); 543 fd = socket(AF_UNIX, SOCK_STREAM, 0); 544 show_result(bind(fd, (struct sockaddr *)&addr, sizeof(addr)), 0); 545 if (fd != EOF) 546 close(fd); 547 548 filename = "/tmp/rewrite_test"; 549 create2(filename); 550 policy = "allow_read/write /tmp/rewrite_test"; 551 write_domain_policy(policy, 0); 552 write_exception_policy("deny_rewrite /tmp/rewrite_test", 0); 553 policy = "allow_truncate /tmp/rewrite_test"; 554 write_domain_policy(policy, 0); 555 556 fd = open(filename, O_RDONLY); 557 show_result(fd, 1); 558 if (fd != EOF) 559 close(fd); 560 561 fd = open(filename, O_WRONLY | O_APPEND); 562 show_result(fd, 1); 563 if (fd != EOF) 564 close(fd); 565 566 fd = open(filename, O_WRONLY); 567 show_result(fd, 0); 568 if (fd != EOF) 569 close(fd); 570 571 fd = open(filename, O_WRONLY | O_TRUNC); 572 show_result(fd, 0); 573 if (fd != EOF) 574 close(fd); 575 576 fd = open(filename, O_WRONLY | O_TRUNC | O_APPEND); 577 show_result(fd, 0); 578 if (fd != EOF) 579 close(fd); 580 581 show_result(truncate(filename, 0), 0); 582 583 set_profile(0, "file::open"); 584 fd = open(filename, O_WRONLY | O_APPEND); 585 set_profile(3, "file::open"); 586 show_result(ftruncate(fd, 0), 0); 587 588 show_result(fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_APPEND), 0); 589 if (fd != EOF) 590 close(fd); 591 592 write_domain_policy(policy, 1); 593 594 policy = "allow_read/write /tmp/rewrite_test"; 595 write_domain_policy(policy, 1); 596 write_exception_policy("deny_rewrite /tmp/rewrite_test", 1); 597 598 unlink2(filename); 599 600 policy = "allow_ioctl socket:[family=2:type=2:protocol=17] " 601 "35122-35124"; 602 write_domain_policy(policy, 0); 603 fd = socket(PF_INET, SOCK_DGRAM, IPPROTO_IP); 604 memset(&ifreq, 0, sizeof(ifreq)); 605 snprintf(ifreq.ifr_name, sizeof(ifreq.ifr_name) - 1, "lo"); 606 show_result(ioctl(fd, 35123, &ifreq), 1); 607 write_domain_policy(policy, 1); 608 policy = "allow_ioctl " "socket:[family=2:type=2:protocol=17] 0-35122"; 609 write_domain_policy(policy, 0); 610 show_result(ioctl(fd, 35123, &ifreq), 0); 611 write_domain_policy(policy, 1); 612 if (fd != EOF) 613 close(fd); 614 } 615 616 int main(int argc, char *argv[]) 617 { 618 tomoyo_test_init(); 619 fprintf(domain_fp, "%s /bin/true\n", self_domain); 620 fprintf(domain_fp, "use_profile 255\n"); 621 fprintf(domain_fp, "select pid=%u\n", pid); 622 fprintf(profile_fp, "255-PREFERENCE::audit={ max_reject_log=1024 }\n"); 623 stage_file_test(); 624 fprintf(domain_fp, "use_profile 0\n"); 625 clear_status(); 626 return 0; 627 } 628