Make "search -A" output reproducible

With Python 3, the values in a set are randomly organised. Therefore the representation of the set of permissions of an allow/dontaudit/... statement is not stable across execution. Sort the permissions when converting them as strings.
2025-02-20 22:17:03 +00:00 · 2016-11-12 22:38:32 +01:00 · 2016-11-12 22:38:32 +01:00 · 988da4d1f2
commit 988da4d1f2
parent 42c2bbd606
1 changed files with 1 additions and 1 deletions
--- a/setools/policyrep/terule.py
+++ b/setools/policyrep/terule.py
@ -164,7 +164,7 @@ class AVRule(BaseTERule):
            # allow/dontaudit/auditallow/neverallow rules
            perms = self.perms
            if len(perms) > 1:
-                self._rule_string += "{{ {0} }};".format(' '.join(perms))
+                self._rule_string += "{{ {0} }};".format(' '.join(sorted(perms)))
            else:
                # convert to list since sets cannot be indexed
                self._rule_string += "{0};".format(list(perms)[0])