Profile access errors (was Re: Profile include support)

[Greg Hudson]

On Mon, 2010-08-23 at 17:37 -0400, Greg Hudson wrote:
> That's probably a bug.  profile_init() treats ENOENT, EACCESS, and EPERM
> as non-fatal errors, when it should probably only treat ENOENT as
> non-fatal.  I'll fix that right now since it's a one-liner.

Actually, this is more complicated than I thought.  There was a
deliberate change to make EACCESS (and later EPERM) non-fatal, with the
log message:

        prof_init.c, prof_tree.c: Fixed calls to
        profile_update_file/profile_open_file to handle the possibility
        that we have lost permission to read one of the configuration
        files in the file list (say it's in AFS).  We should only fail
        catastrophically if we can't read all of the files in the
        profile.

If no profile file can be read, the code returns ENOENT, which is
ignored by init_os_ctx.c since libkrb5 can work in some environments
without any configuration.

A relatively non-controversial thing to do would be to make
profile_init() return EACCESS or EPERM if it saw one of those errors
when failing to read any profile file.  I guess I'll do that for now.  I
feel like the error-handling semantics here are very muddy, though; I'm
not at all convinced that the proper response to "I had an access error
reading one but not all configuration files" is to soldier on with the
ones you can read.