From c3425b3656c75e1171fcea378d8d72cae788a214 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Fri, 4 Mar 2016 14:29:33 -0500 Subject: [PATCH] Improve analysis INFO level logging. Make it more informative for GUI use. --- setools/boolquery.py | 2 +- setools/boundsquery.py | 2 +- setools/categoryquery.py | 2 +- setools/commonquery.py | 2 +- setools/constraintquery.py | 2 +- setools/defaultquery.py | 2 +- setools/dta.py | 18 ++++++++++-------- setools/fsusequery.py | 2 +- setools/genfsconquery.py | 2 +- setools/infoflow.py | 20 ++++++++++++-------- setools/initsidquery.py | 2 +- setools/mlsrulequery.py | 2 +- setools/netifconquery.py | 2 +- setools/nodeconquery.py | 2 +- setools/objclassquery.py | 2 +- setools/polcapquery.py | 2 +- setools/portconquery.py | 2 +- setools/rbacrulequery.py | 2 +- setools/rolequery.py | 2 +- setools/sensitivityquery.py | 2 +- setools/terulequery.py | 2 +- setools/typeattrquery.py | 2 +- setools/typequery.py | 2 +- setools/userquery.py | 2 +- 24 files changed, 44 insertions(+), 38 deletions(-) diff --git a/setools/boolquery.py b/setools/boolquery.py index 1c3fd2d..1624e79 100644 --- a/setools/boolquery.py +++ b/setools/boolquery.py @@ -56,7 +56,7 @@ class BoolQuery(compquery.ComponentQuery): def results(self): """Generator which yields all Booleans matching the criteria.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating Boolean results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Default: {0.default}".format(self)) diff --git a/setools/boundsquery.py b/setools/boundsquery.py index fa7011a..6c2d688 100644 --- a/setools/boundsquery.py +++ b/setools/boundsquery.py @@ -47,7 +47,7 @@ class BoundsQuery(PolicyQuery): def results(self): """Generator which yields all matching *bounds statements.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating bounds results from {0.policy}".format(self)) self.log.debug("Ruletypes: {0.ruletype}".format(self)) self.log.debug("Parent: {0.parent!r}, regex: {0.parent_regex}".format(self)) self.log.debug("Child: {0.child!r}, regex: {0.child_regex}".format(self)) diff --git a/setools/categoryquery.py b/setools/categoryquery.py index d6fab90..dbbf684 100644 --- a/setools/categoryquery.py +++ b/setools/categoryquery.py @@ -45,7 +45,7 @@ class CategoryQuery(mixins.MatchAlias, compquery.ComponentQuery): def results(self): """Generator which yields all matching categories.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating category results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Alias: {0.alias}, regex: {0.alias_regex}".format(self)) diff --git a/setools/commonquery.py b/setools/commonquery.py index 5e332b7..a8b78e8 100644 --- a/setools/commonquery.py +++ b/setools/commonquery.py @@ -49,7 +49,7 @@ class CommonQuery(mixins.MatchPermission, compquery.ComponentQuery): def results(self): """Generator which yields all matching commons.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating common results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Perms: {0.perms!r}, regex: {0.perms_regex}, eq: {0.perms_equal}". format(self)) diff --git a/setools/constraintquery.py b/setools/constraintquery.py index 020282e..e1ccc03 100644 --- a/setools/constraintquery.py +++ b/setools/constraintquery.py @@ -99,7 +99,7 @@ class ConstraintQuery(mixins.MatchObjClass, mixins.MatchPermission, query.Policy def results(self): """Generator which yields all matching constraints rules.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating constraint results from {0.policy}".format(self)) self.log.debug("Ruletypes: {0.ruletype}".format(self)) self.log.debug("Class: {0.tclass!r}, regex: {0.tclass_regex}".format(self)) self.log.debug("Perms: {0.perms!r}, regex: {0.perms_regex}, eq: {0.perms_equal}". diff --git a/setools/defaultquery.py b/setools/defaultquery.py index 686dfdf..447e14a 100644 --- a/setools/defaultquery.py +++ b/setools/defaultquery.py @@ -52,7 +52,7 @@ class DefaultQuery(MatchObjClass, PolicyQuery): def results(self): """Generator which yields all matching default_* statements.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating default_* results from {0.policy}".format(self)) self.log.debug("Ruletypes: {0.ruletype}".format(self)) self.log.debug("Class: {0.tclass!r}, regex: {0.tclass_regex}".format(self)) self.log.debug("Default: {0.default}".format(self)) diff --git a/setools/dta.py b/setools/dta.py index abe5a1d..cc9f757 100644 --- a/setools/dta.py +++ b/setools/dta.py @@ -107,7 +107,7 @@ class DomainTransitionAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating one shortest path from {0} to {1}...".format(s, t)) + self.log.info("Generating one domain transition path from {0} to {1}...".format(s, t)) try: yield self.__generate_steps(nx.shortest_path(self.subG, s, t)) @@ -143,7 +143,8 @@ class DomainTransitionAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating all paths from {0} to {1}, max len {2}...".format(s, t, maxlen)) + self.log.info("Generating all domain transition paths from {0} to {1}, max length {2}...". + format(s, t, maxlen)) try: for path in nx.all_simple_paths(self.subG, s, t, maxlen): @@ -175,7 +176,8 @@ class DomainTransitionAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating all shortest paths from {0} to {1}...".format(s, t)) + self.log.info("Generating all shortest domain transition paths from {0} to {1}...". + format(s, t)) try: for path in nx.all_shortest_paths(self.subG, s, t): @@ -207,7 +209,7 @@ class DomainTransitionAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating all transitions {1} {0}". + self.log.info("Generating all domain transitions {1} {0}". format(s, "in to" if self.reverse else "out from")) try: @@ -361,7 +363,7 @@ class DomainTransitionAnalysis(object): self.G.clear() self.G.name = "Domain transition graph for {0}.".format(self.policy) - self.log.info("Building graph from {0}...".format(self.policy)) + self.log.info("Building domain transition graph from {0}...".format(self.policy)) # hash tables keyed on domain type setexec = defaultdict(list) @@ -500,7 +502,7 @@ class DomainTransitionAnalysis(object): self.rebuildgraph = False self.rebuildsubgraph = True - self.log.info("Completed building graph.") + self.log.info("Completed building domain transition graph.") def __remove_excluded_entrypoints(self): invalid_edges = [] @@ -535,7 +537,7 @@ class DomainTransitionAnalysis(object): if self.rebuildgraph: self._build_graph() - self.log.info("Building subgraph.") + self.log.info("Building domain transition subgraph.") self.log.debug("Excluding {0}".format(self.exclude)) self.log.debug("Reverse {0}".format(self.reverse)) @@ -553,7 +555,7 @@ class DomainTransitionAnalysis(object): self.__remove_excluded_entrypoints() self.rebuildsubgraph = False - self.log.info("Completed building subgraph.") + self.log.info("Completed building domain transition subgraph.") class Edge(object): diff --git a/setools/fsusequery.py b/setools/fsusequery.py index 0aa44ec..cfacbc1 100644 --- a/setools/fsusequery.py +++ b/setools/fsusequery.py @@ -66,7 +66,7 @@ class FSUseQuery(contextquery.ContextQuery): def results(self): """Generator which yields all matching fs_use_* statements.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating fs_use_* results from {0.policy}".format(self)) self.log.debug("Ruletypes: {0.ruletype}".format(self)) self.log.debug("FS: {0.fs!r}, regex: {0.fs_regex}".format(self)) self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self)) diff --git a/setools/genfsconquery.py b/setools/genfsconquery.py index f179fdd..a5d04dd 100644 --- a/setools/genfsconquery.py +++ b/setools/genfsconquery.py @@ -70,7 +70,7 @@ class GenfsconQuery(contextquery.ContextQuery): def results(self): """Generator which yields all matching genfscons.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating genfscon results from {0.policy}".format(self)) self.log.debug("FS: {0.fs!r}, regex: {0.fs_regex}".format(self)) self.log.debug("Path: {0.path!r}, regex: {0.path_regex}".format(self)) self.log.debug("Filetype: {0.filetype!r}".format(self)) diff --git a/setools/infoflow.py b/setools/infoflow.py index 32e734d..72a07e8 100644 --- a/setools/infoflow.py +++ b/setools/infoflow.py @@ -113,7 +113,8 @@ class InfoFlowAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating one shortest path from {0} to {1}...".format(s, t)) + self.log.info("Generating one shortest information flow path from {0} to {1}...". + format(s, t)) try: yield self.__generate_steps(nx.shortest_path(self.subG, s, t)) @@ -153,7 +154,8 @@ class InfoFlowAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating all paths from {0} to {1}, max len {2}...".format(s, t, maxlen)) + self.log.info("Generating all information flow paths from {0} to {1}, max length {2}...". + format(s, t, maxlen)) try: for path in nx.all_simple_paths(self.subG, s, t, maxlen): @@ -188,7 +190,8 @@ class InfoFlowAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating all shortest paths from {0} to {1}...".format(s, t)) + self.log.info("Generating all shortest information flow paths from {0} to {1}...". + format(s, t)) try: for path in nx.all_shortest_paths(self.subG, s, t): @@ -226,7 +229,8 @@ class InfoFlowAnalysis(object): if self.rebuildsubgraph: self._build_subgraph() - self.log.info("Generating all infoflows {0} {1}".format("out of" if out else "into", s)) + self.log.info("Generating all information flows {0} {1}". + format("out of" if out else "into", s)) if out: flows = self.subG.out_edges_iter(s) @@ -294,7 +298,7 @@ class InfoFlowAnalysis(object): self.perm_map.map_policy(self.policy) - self.log.info("Building graph from {0}...".format(self.policy)) + self.log.info("Building information flow graph from {0}...".format(self.policy)) for rule in self.policy.terules(): if rule.ruletype != "allow": @@ -318,13 +322,13 @@ class InfoFlowAnalysis(object): self.rebuildgraph = False self.rebuildsubgraph = True - self.log.info("Completed building graph.") + self.log.info("Completed building information flow graph.") def _build_subgraph(self): if self.rebuildgraph: self._build_graph() - self.log.info("Building subgraph...") + self.log.info("Building information flow subgraph...") self.log.debug("Excluding {0!r}".format(self.exclude)) self.log.debug("Min weight {0}".format(self.min_weight)) @@ -345,7 +349,7 @@ class InfoFlowAnalysis(object): self.subG.remove_edges_from(delete_list) self.rebuildsubgraph = False - self.log.info("Completed building subgraph.") + self.log.info("Completed building information flow subgraph.") class Edge(object): diff --git a/setools/initsidquery.py b/setools/initsidquery.py index 6fa01b1..0595589 100644 --- a/setools/initsidquery.py +++ b/setools/initsidquery.py @@ -60,7 +60,7 @@ class InitialSIDQuery(compquery.ComponentQuery, contextquery.ContextQuery): def results(self): """Generator which yields all matching initial SIDs.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating initial SID results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self)) self.log.debug("Role: {0.role!r}, regex: {0.role_regex}".format(self)) diff --git a/setools/mlsrulequery.py b/setools/mlsrulequery.py index 1f06470..ea174f6 100644 --- a/setools/mlsrulequery.py +++ b/setools/mlsrulequery.py @@ -62,7 +62,7 @@ class MLSRuleQuery(mixins.MatchObjClass, query.PolicyQuery): def results(self): """Generator which yields all matching MLS rules.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating MLS rule results from {0.policy}".format(self)) self.log.debug("Ruletypes: {0.ruletype}".format(self)) self.log.debug("Source: {0.source!r}, regex: {0.source_regex}".format(self)) self.log.debug("Target: {0.target!r}, regex: {0.target_regex}".format(self)) diff --git a/setools/netifconquery.py b/setools/netifconquery.py index 071ca37..9343ab7 100644 --- a/setools/netifconquery.py +++ b/setools/netifconquery.py @@ -60,7 +60,7 @@ class NetifconQuery(compquery.ComponentQuery, contextquery.ContextQuery): def results(self): """Generator which yields all matching netifcons.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating netifcon results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self)) self.log.debug("Role: {0.role!r}, regex: {0.role_regex}".format(self)) diff --git a/setools/nodeconquery.py b/setools/nodeconquery.py index bba190e..bbbb903 100644 --- a/setools/nodeconquery.py +++ b/setools/nodeconquery.py @@ -103,7 +103,7 @@ class NodeconQuery(contextquery.ContextQuery): def results(self): """Generator which yields all matching nodecons.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating nodecon results from {0.policy}".format(self)) self.log.debug("Network: {0.network!r}, overlap: {0.network_overlap}".format(self)) self.log.debug("IP Version: {0.ip_version}".format(self)) self.log.debug("User: {0.user!r}, regex: {0.user_regex}".format(self)) diff --git a/setools/objclassquery.py b/setools/objclassquery.py index 3b0ae90..1a1a2f4 100644 --- a/setools/objclassquery.py +++ b/setools/objclassquery.py @@ -66,7 +66,7 @@ class ObjClassQuery(compquery.ComponentQuery): def results(self): """Generator which yields all matching object classes.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating object class results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Common: {0.common!r}, regex: {0.common_regex}".format(self)) self.log.debug("Perms: {0.perms}, regex: {0.perms_regex}, " diff --git a/setools/polcapquery.py b/setools/polcapquery.py index 14b4af3..cc79614 100644 --- a/setools/polcapquery.py +++ b/setools/polcapquery.py @@ -41,7 +41,7 @@ class PolCapQuery(compquery.ComponentQuery): def results(self): """Generator which yields all matching policy capabilities.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating policy capability results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) for cap in self.policy.polcaps(): diff --git a/setools/portconquery.py b/setools/portconquery.py index f15953b..d66226d 100644 --- a/setools/portconquery.py +++ b/setools/portconquery.py @@ -120,7 +120,7 @@ class PortconQuery(contextquery.ContextQuery): def results(self): """Generator which yields all matching portcons.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating portcon results from {0.policy}".format(self)) self.log.debug("Ports: {0.ports}, overlap: {0.ports_overlap}, " "subset: {0.ports_subset}, superset: {0.ports_superset}, " "proper: {0.ports_proper}".format(self)) diff --git a/setools/rbacrulequery.py b/setools/rbacrulequery.py index 5ffc40a..7cb7008 100644 --- a/setools/rbacrulequery.py +++ b/setools/rbacrulequery.py @@ -88,7 +88,7 @@ class RBACRuleQuery(mixins.MatchObjClass, query.PolicyQuery): def results(self): """Generator which yields all matching RBAC rules.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating RBAC rule results from {0.policy}".format(self)) self.log.debug("Ruletypes: {0.ruletype}".format(self)) self.log.debug("Source: {0.source!r}, indirect: {0.source_indirect}, " "regex: {0.source_regex}".format(self)) diff --git a/setools/rolequery.py b/setools/rolequery.py index f5d44f1..2db3c99 100644 --- a/setools/rolequery.py +++ b/setools/rolequery.py @@ -55,7 +55,7 @@ class RoleQuery(compquery.ComponentQuery): def results(self): """Generator which yields all matching roles.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating role results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Types: {0.types!r}, regex: {0.types_regex}, " "eq: {0.types_equal}".format(self)) diff --git a/setools/sensitivityquery.py b/setools/sensitivityquery.py index 476ff9d..dbe1b89 100644 --- a/setools/sensitivityquery.py +++ b/setools/sensitivityquery.py @@ -55,7 +55,7 @@ class SensitivityQuery(mixins.MatchAlias, compquery.ComponentQuery): def results(self): """Generator which yields all matching sensitivities.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating sensitivity results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Alias: {0.alias}, regex: {0.alias_regex}".format(self)) self.log.debug("Sens: {0.sens!r}, dom: {0.sens_dom}, domby: {0.sens_domby}".format(self)) diff --git a/setools/terulequery.py b/setools/terulequery.py index 90e9914..fc0fb97 100644 --- a/setools/terulequery.py +++ b/setools/terulequery.py @@ -99,7 +99,7 @@ class TERuleQuery(mixins.MatchObjClass, mixins.MatchPermission, query.PolicyQuer def results(self): """Generator which yields all matching TE rules.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating TE rule results from {0.policy}".format(self)) self.log.debug("Ruletypes: {0.ruletype}".format(self)) self.log.debug("Source: {0.source!r}, indirect: {0.source_indirect}, " "regex: {0.source_regex}".format(self)) diff --git a/setools/typeattrquery.py b/setools/typeattrquery.py index 6433419..a7ae844 100644 --- a/setools/typeattrquery.py +++ b/setools/typeattrquery.py @@ -55,7 +55,7 @@ class TypeAttributeQuery(compquery.ComponentQuery): def results(self): """Generator which yields all matching types.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating type attribute results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Types: {0.types!r}, regex: {0.types_regex}, " "eq: {0.types_equal}".format(self)) diff --git a/setools/typequery.py b/setools/typequery.py index dd9db6a..413f7e4 100644 --- a/setools/typequery.py +++ b/setools/typequery.py @@ -73,7 +73,7 @@ class TypeQuery(mixins.MatchAlias, compquery.ComponentQuery): def results(self): """Generator which yields all matching types.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating type results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Alias: {0.alias}, regex: {0.alias_regex}".format(self)) self.log.debug("Attrs: {0.attrs!r}, regex: {0.attrs_regex}, " diff --git a/setools/userquery.py b/setools/userquery.py index 4ce9899..01f5ba2 100644 --- a/setools/userquery.py +++ b/setools/userquery.py @@ -80,7 +80,7 @@ class UserQuery(compquery.ComponentQuery): def results(self): """Generator which yields all matching users.""" - self.log.info("Generating results from {0.policy}".format(self)) + self.log.info("Generating user results from {0.policy}".format(self)) self.log.debug("Name: {0.name!r}, regex: {0.name_regex}".format(self)) self.log.debug("Roles: {0.roles!r}, regex: {0.roles_regex}, " "eq: {0.roles_equal}".format(self))