RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-03-25 04:26:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

Reflow lines with new max line length.

Browse Source 
Undo past whitespace fixes that are now unnecessary now that the max
line length increased to 100.
This commit is contained in:
Chris PeBenito 2015-02-14 10:40:38 -05:00
parent f73e1d2850
commit 2f44b599ca
12 changed files with 38 additions and 78 deletions

13
sedta
View File

@ -70,12 +70,10 @@ parser = argparse.ArgumentParser(
description="SELinux policy domain transition analysis tool.",
epilog="If no analysis is selected, all forward transitions out of the source will be printed.")
parser.add_argument("--version", action="version", version=setools.__version__)
parser.add_argument(
"-p", "--policy", help="Path to SELinux policy to analyze.", required=True)
parser.add_argument(
"-s", "--source", help="Source type of the analysis.", required=True, default="")
parser.add_argument(
"-t", "--target", help="Target type of the analysis.", default="")
parser.add_argument("-p", "--policy", help="Path to SELinux policy to analyze.", required=True)
parser.add_argument("-s", "--source", help="Source type of the analysis.",
required=True, default="")
parser.add_argument("-t", "--target", help="Target type of the analysis.", default="")
parser.add_argument("--stats", action="store_true",
help="Display statistics at the end of the analysis.")
@ -88,8 +86,7 @@ alg.add_argument("-A", "--all_paths", type=int, metavar="MAX_STEPS",
opts = parser.add_argument_group("Analysis options")
opts.add_argument("-r", "--reverse", action="store_true", default=False,
help="Perform a reverse DTA.")
opts.add_argument(
"exclude", help="List of excluded types in the analysis.", nargs="*")
opts.add_argument("exclude", help="List of excluded types in the analysis.", nargs="*")
args = parser.parse_args()

9
seinfo
View File

@ -105,8 +105,7 @@ try:
if args.initialsidquery or args.all:
if isinstance(args.initialsidquery, str):
q = setools.initsidquery.InitialSIDQuery(
p, name=args.initialsidquery)
q = setools.initsidquery.InitialSIDQuery(p, name=args.initialsidquery)
else:
q = setools.initsidquery.InitialSIDQuery(p)
components.append(("Initial SIDs", q))
@ -139,16 +138,14 @@ try:
try:
ports = [int(i) for i in args.portconquery.split("-")]
except:
parser.error(
"Enter a port number or range, e.g. 22 or 6000-6020")
parser.error("Enter a port number or range, e.g. 22 or 6000-6020")
if len(ports) == 2:
q.set_ports((ports[0], ports[1]))
elif len(ports) == 1:
q.set_ports((ports[0], ports[0]))
else:
parser.error(
"Enter a port number or range, e.g. 22 or 6000-6020")
parser.error("Enter a port number or range, e.g. 22 or 6000-6020")
else:
q = setools.portconquery.PortconQuery(p)

3
sesearch
View File

@ -101,8 +101,7 @@ if not args.tertypes and not args.mlsrtypes and not args.rbacrtypes:
parser.error("At least one rule type must be specified.")
if (args.tertypes or args.mlsrtypes) and args.rbacrtypes:
parser.error(
"TE/MLS rule searches cannot be mixed with RBAC rule searches.")
parser.error("TE/MLS rule searches cannot be mixed with RBAC rule searches.")
try:
p = setools.SELinuxPolicy(args.policy)

3
setools/contextquery.py
View File

@ -73,8 +73,7 @@ class ContextQuery(query.PolicyQuery):
return False
if range_:
raise NotImplementedError(
"Context range queries are not yet implemented.")
raise NotImplementedError
return True

22
setools/dta.py
View File

@ -350,8 +350,7 @@ class DomainTransitionAnalysis(object):
entrypoint = defaultdict(lambda: defaultdict(list))
# hash table keyed on (domain, entrypoint, target domain)
type_trans = defaultdict(
lambda: defaultdict(lambda: defaultdict(list)))
type_trans = defaultdict(lambda: defaultdict(lambda: defaultdict(list)))
for r in self.policy.terules():
if r.ruletype == "allow":
@ -362,16 +361,12 @@ class DomainTransitionAnalysis(object):
if r.tclass == "process":
if "transition" in perms:
for s, t in itertools.product(
r.source.expand(),
r.target.expand()):
for s, t in itertools.product(r.source.expand(), r.target.expand()):
self.__add_edge(s, t)
self.G[s][t]['transition'].append(r)
if "dyntransition" in perms:
for s, t in itertools.product(
r.source.expand(),
r.target.expand()):
for s, t in itertools.product(r.source.expand(), r.target.expand()):
self.__add_edge(s, t)
self.G[s][t]['dyntransition'].append(r)
@ -391,9 +386,7 @@ class DomainTransitionAnalysis(object):
execute[s][t].append(r)
if "entrypoint" in perms:
for s, t in itertools.product(
r.source.expand(),
r.target.expand()):
for s, t in itertools.product(r.source.expand(), r.target.expand()):
entrypoint[s][t].append(r)
elif r.ruletype == "type_transition":
@ -401,9 +394,7 @@ class DomainTransitionAnalysis(object):
continue
d = r.default
for s, t in itertools.product(
r.source.expand(),
r.target.expand()):
for s, t in itertools.product(r.source.expand(), r.target.expand()):
type_trans[s][t][d].append(r)
invalid_edge = []
@ -433,8 +424,7 @@ class DomainTransitionAnalysis(object):
self.G[s][t]['execute'][m] += execute[s][m]
if type_trans[s][m][t]:
self.G[s][t]['type_transition'][
m] += type_trans[s][m][t]
self.G[s][t]['type_transition'][m] += type_trans[s][m][t]
if s in setexec:
self.G[s][t]['setexec'] += setexec[s]

3
setools/infoflow.py
View File

@ -280,8 +280,7 @@ class InfoFlowAnalysis(object):
edgecap = self.G.edge[source][target]['capacity']
self.G.edge[source][target]['capacity'] = max(edgecap, weight)
else:
self.G.add_edge(
source, target, capacity=weight, weight=1, rules=[rule])
self.G.add_edge(source, target, capacity=weight, weight=1, rules=[rule])
def _build_graph(self):
self.G.clear()

6
setools/nodeconquery.py
View File

@ -78,8 +78,7 @@ class NodeconQuery(contextquery.ContextQuery):
except NameError: # pragma: no cover
# Should never actually hit this since the self.network
# setter raises the same exception.
raise RuntimeError(
"IP address/network functions require Python 3.3+.")
raise RuntimeError("IP address/network functions require Python 3.3+.")
# Python 3.3's IPv6Network constructor does not support
# expanded netmasks, only CIDR numbers. Convert netmask
@ -142,8 +141,7 @@ class NodeconQuery(contextquery.ContextQuery):
try:
self.network = ipaddress.ip_network(net)
except NameError: # pragma: no cover
raise RuntimeError(
"IP address/network functions require Python 3.3+.")
raise RuntimeError("IP address/network functions require Python 3.3+.")
else:
# ensure self.network is set
self.network = None

5
setools/objclassquery.py
View File

@ -56,10 +56,7 @@ class ObjClassQuery(compquery.ComponentQuery):
self.policy = policy
self.set_name(name, regex=name_regex)
self.set_common(common, regex=common_regex)
self.set_perms(perms,
regex=perms_regex,
equal=perms_equal,
indirect=perms_indirect)
self.set_perms(perms, regex=perms_regex, equal=perms_equal, indirect=perms_indirect)
def results(self):
"""Generator which yields all matching object classes."""

3
setools/policyrep/__init__.py
View File

@ -69,8 +69,7 @@ class SELinuxPolicy(object):
try:
self.policy = qpol.qpol_policy_t(policyfile, 0)
except OSError as err:
raise OSError(
"Error opening policy file \"{0}\": {1}".format(policyfile, err))
raise OSError("Error opening policy file \"{0}\": {1}".format(policyfile, err))
#
# Policy properties

12
setools/policyrep/terule.py
View File

@ -105,13 +105,11 @@ class AVRule(BaseTERule):
@property
def default(self):
"""The rule's default type."""
raise rule.InvalidRuleUse(
"{0} rules do not have a default type.".format(self.ruletype))
raise rule.InvalidRuleUse("{0} rules do not have a default type.".format(self.ruletype))
@property
def filename(self):
raise rule.InvalidRuleUse(
"{0} rules do not have file names".format(self.ruletype))
raise rule.InvalidRuleUse("{0} rules do not have file names".format(self.ruletype))
class TERule(BaseTERule):
@ -146,8 +144,7 @@ class TERule(BaseTERule):
try:
return typeattr.type_factory(self.policy, self.qpol_symbol.default_type(self.policy))
except AttributeError:
raise rule.InvalidRuleUse(
"{0} rules do not have a default type.".format(self.ruletype))
raise rule.InvalidRuleUse("{0} rules do not have a default type.".format(self.ruletype))
@property
def filename(self):
@ -158,5 +155,4 @@ class TERule(BaseTERule):
if self.ruletype == "type_transition":
raise TERuleNoFilename
else:
raise rule.InvalidRuleUse(
"{0} rules do not have file names".format(self.ruletype))
raise rule.InvalidRuleUse("{0} rules do not have file names".format(self.ruletype))

18
setools/policyrep/typeattr.py
View File

@ -48,8 +48,7 @@ def attribute_factory(qpol_policy, name):
qpol_symbol = _symbol_lookup(qpol_policy, name)
if not qpol_symbol.isattr(qpol_policy):
raise TypeError(
"{0} is not an attribute".format(qpol_symbol.name(qpol_policy)))
raise TypeError("{0} is not an attribute".format(qpol_symbol.name(qpol_policy)))
return TypeAttribute(qpol_policy, qpol_symbol)
@ -60,14 +59,12 @@ def type_factory(qpol_policy, name, deref=False):
qpol_symbol = _symbol_lookup(qpol_policy, name)
if qpol_symbol.isattr(qpol_policy):
raise TypeError(
"{0} is a not an attribute type".format(qpol_symbol.name(qpol_policy)))
raise TypeError("{0} is a not an attribute type".format(qpol_symbol.name(qpol_policy)))
elif qpol_symbol.isalias(qpol_policy):
if deref:
qpol_symbol = _dereference_alias(qpol_policy, qpol_symbol)
else:
raise TypeError(
"{0} is an alias.".format(qpol_symbol.name(qpol_policy)))
raise TypeError("{0} is an alias.".format(qpol_symbol.name(qpol_policy)))
return Type(qpol_policy, qpol_symbol)
@ -81,8 +78,7 @@ def typeattr_factory(qpol_policy, name, deref=False):
if deref:
qpol_symbol = _dereference_alias(qpol_policy, qpol_symbol)
else:
raise TypeError(
"{0} is an alias.".format(qpol_symbol.name(qpol_policy)))
raise TypeError("{0} is an alias.".format(qpol_symbol.name(qpol_policy)))
if qpol_symbol.isattr(qpol_policy):
return TypeAttribute(qpol_policy, qpol_symbol)
@ -163,13 +159,11 @@ class TypeAttribute(BaseType):
def attributes(self):
"""Generator that yields all attributes for this type."""
raise TypeError(
"{0} is an attribute, thus does not have attributes.".format(self))
raise TypeError("{0} is an attribute, thus does not have attributes.".format(self))
def aliases(self):
"""Generator that yields all aliases for this type."""
raise TypeError(
"{0} is an attribute, thus does not have aliases.".format(self))
raise TypeError("{0} is an attribute, thus does not have aliases.".format(self))
def statement(self):
return "attribute {0};".format(self)

19
setools/portconquery.py
View File

@ -94,23 +94,19 @@ class PortconQuery(compquery.ComponentQuery, contextquery.ContextQuery):
continue
elif self.subset:
if self.proper:
if not (
(low < self.ports[0] and self.ports[1] <= high) or (
low <= self.ports[0] and self.ports[1] < high)):
if not ((low < self.ports[0] and self.ports[1] <= high) or (
low <= self.ports[0] and self.ports[1] < high)):
continue
else:
if not (
low <= self.ports[0] and self.ports[1] <= high):
if not (low <= self.ports[0] and self.ports[1] <= high):
continue
elif self.superset:
if self.proper:
if not (
(self.ports[0] < low and high <= self.ports[1]) or (
self.ports[0] <= low and high < self.ports[1])):
if not ((self.ports[0] < low and high <= self.ports[1]) or (
self.ports[0] <= low and high < self.ports[1])):
continue
else:
if not (
self.ports[0] <= low and high <= self.ports[1]):
if not (self.ports[0] <= low and high <= self.ports[1]):
continue
else:
if not (self.ports[0] == low and self.ports[1] == high):
@ -157,8 +153,7 @@ class PortconQuery(compquery.ComponentQuery, contextquery.ContextQuery):
pending_ports = (int(ports[0]), int(ports[1]))
if (pending_ports[0] < 0 or pending_ports[1] < 0):
raise ValueError(
"Port numbers must be positive: {0[0]}-{0[1]}".format(ports))
raise ValueError("Port numbers must be positive: {0[0]}-{0[1]}".format(ports))
if (pending_ports[0] > pending_ports[1]):
raise ValueError(