func()

in audit.go [276:308]

• 27 lines of code
• 6 McCabe index (conditional complexity)

func (c *AuditClient) AddRule(rule []byte) error {
	msg := syscall.NetlinkMessage{
		Header: syscall.NlMsghdr{
			Type:  uint16(auparse.AUDIT_ADD_RULE),
			Flags: syscall.NLM_F_REQUEST | syscall.NLM_F_ACK,
		},
		Data: rule,
	}

	// Send AUDIT_ADD_RULE message to the kernel.
	seq, err := c.Netlink.Send(msg)
	if err != nil {
		return fmt.Errorf("failed sending add rule request: %w", err)
	}

	ack, err := c.getReply(seq)
	if err != nil {
		return fmt.Errorf("failed to get ACK to add rule request: %w", err)
	}

	if ack.Header.Type != syscall.NLMSG_ERROR {
		return fmt.Errorf("unexpected ACK to AUDIT_ADD_RULE, got type=%d", ack.Header.Type)
	}

	if err = ParseNetlinkError(ack.Data); err != nil {
		if errors.Is(err, syscall.EEXIST) {
			return errors.New("rule exists")
		}
		return fmt.Errorf("error adding audit rule: %w", err)
	}

	return nil
}