RepoMirrors/setools
1
0
Fork 0
mirror of https://github.com/SELinuxProject/setools synced 2025-03-11 07:18:15 +00:00
Code Issues Packages Projects Releases Wiki Activity

SELinuxPolicy: use selinux_current_policy_path() for the running policy first

Browse Source
This commit is contained in:
Chris PeBenito 2015-10-14 16:21:56 -04:00
parent d66467f3b3
commit f3aaeb5ce5
1 changed files with 5 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
setools/policyrep/__init__.py
View File

@ -124,16 +124,15 @@ class SELinuxPolicy(object):
@staticmethod @staticmethod
def _potential_policies(): def _potential_policies():
"""Generate a list of potential policies to use.""" """Generate a list of potential policies to use."""
# Start with binary policies in the standard location # try libselinux for current policy
if selinux.selinuxfs_exists():
yield selinux.selinux_current_policy_path()
# otherwise look through the supported policy versions
base_policy_path = selinux.selinux_binary_policy_path() base_policy_path = selinux.selinux_binary_policy_path()
for version in range(qpol.QPOL_POLICY_MAX_VERSION, qpol.QPOL_POLICY_MIN_VERSION-1, -1): for version in range(qpol.QPOL_POLICY_MAX_VERSION, qpol.QPOL_POLICY_MIN_VERSION-1, -1):
yield "{0}.{1}".format(base_policy_path, version) yield "{0}.{1}".format(base_policy_path, version)
# Last chance, try selinuxfs. This is not first, to avoid
# holding kernel memory for a long time
if selinux.selinuxfs_exists():
yield selinux.selinux_current_policy_path()
def _load_running_policy(self): def _load_running_policy(self):
"""Try to load the current running policy.""" """Try to load the current running policy."""
self.log.info("Attempting to locate current running policy.") self.log.info("Attempting to locate current running policy.")