RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-04-27 05:08:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

python/semanage: Stop rejecting aliases in semanage commands

Browse Source 
Resolves:

\# semanage fcontext -a -t svirt_sandbox_file_t /pokus
ValueError: Type svirt_sandbox_file_t is invalid, must be a file or device type
\# semanage fcontext -d -t svirt_sandbox_file_t /pokus
ValueError: File context for /pokus is not defined

\# seinfo -tsvirt_sandbox_file_t -x
   TypeName container_file_t
   Aliases
      svirt_sandbox_file_t
      svirt_lxc_file_t

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
This commit is contained in:
Vit Mojzis 2018-10-16 12:05:33 +02:00 committed by Nicolas Iooss
parent 4c63b8e7b6
commit 48aeea9ce6
No known key found for this signature in database
GPG Key ID: C191415F340DAAA0
1 changed files with 10 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
python/semanage/seobject.py
View File

@ -1081,7 +1081,7 @@ class portRecords(semanageRecords):
if type == "": if type == "":
raise ValueError(_("Type is required")) raise ValueError(_("Type is required"))
if type not in self.valid_types: if sepolicy.get_real_type_name(type) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a port type") % type) raise ValueError(_("Type %s is invalid, must be a port type") % type)
(k, proto_d, low, high) = self.__genkey(port, proto) (k, proto_d, low, high) = self.__genkey(port, proto)
@ -1145,7 +1145,7 @@ class portRecords(semanageRecords):
else: else:
raise ValueError(_("Requires setype")) raise ValueError(_("Requires setype"))
if setype and setype not in self.valid_types: if setype and sepolicy.get_real_type_name(setype) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a port type") % setype) raise ValueError(_("Type %s is invalid, must be a port type") % setype)
(k, proto_d, low, high) = self.__genkey(port, proto) (k, proto_d, low, high) = self.__genkey(port, proto)
@ -1349,7 +1349,7 @@ class ibpkeyRecords(semanageRecords):
if type == "": if type == "":
raise ValueError(_("Type is required")) raise ValueError(_("Type is required"))
if type not in self.valid_types: if sepolicy.get_real_type_name(type) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a ibpkey type") % type) raise ValueError(_("Type %s is invalid, must be a ibpkey type") % type)
(k, subnet_prefix, low, high) = self.__genkey(pkey, subnet_prefix) (k, subnet_prefix, low, high) = self.__genkey(pkey, subnet_prefix)
@ -1411,7 +1411,7 @@ class ibpkeyRecords(semanageRecords):
else: else:
raise ValueError(_("Requires setype")) raise ValueError(_("Requires setype"))
if setype and setype not in self.valid_types: if setype and sepolicy.get_real_type_name(setype) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a ibpkey type") % setype) raise ValueError(_("Type %s is invalid, must be a ibpkey type") % setype)
(k, subnet_prefix, low, high) = self.__genkey(pkey, subnet_prefix) (k, subnet_prefix, low, high) = self.__genkey(pkey, subnet_prefix)
@ -1597,7 +1597,7 @@ class ibendportRecords(semanageRecords):
if type == "": if type == "":
raise ValueError(_("Type is required")) raise ValueError(_("Type is required"))
if type not in self.valid_types: if sepolicy.get_real_type_name(type) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be an ibendport type") % type) raise ValueError(_("Type %s is invalid, must be an ibendport type") % type)
(k, ibendport, port) = self.__genkey(ibendport, ibdev_name) (k, ibendport, port) = self.__genkey(ibendport, ibdev_name)
@ -1658,7 +1658,7 @@ class ibendportRecords(semanageRecords):
else: else:
raise ValueError(_("Requires setype")) raise ValueError(_("Requires setype"))
if setype and setype not in self.valid_types: if setype and sepolicy.get_real_type_name(setype) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be an ibendport type") % setype) raise ValueError(_("Type %s is invalid, must be an ibendport type") % setype)
(k, ibdev_name, port) = self.__genkey(ibendport, ibdev_name) (k, ibdev_name, port) = self.__genkey(ibendport, ibdev_name)
@ -1847,7 +1847,7 @@ class nodeRecords(semanageRecords):
if ctype == "": if ctype == "":
raise ValueError(_("SELinux node type is required")) raise ValueError(_("SELinux node type is required"))
if ctype not in self.valid_types: if sepolicy.get_real_type_name(ctype) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a node type") % ctype) raise ValueError(_("Type %s is invalid, must be a node type") % ctype)
(rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto)
@ -1916,7 +1916,7 @@ class nodeRecords(semanageRecords):
if serange == "" and setype == "": if serange == "" and setype == "":
raise ValueError(_("Requires setype or serange")) raise ValueError(_("Requires setype or serange"))
if setype and setype not in self.valid_types: if setype and sepolicy.get_real_type_name(setype) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a node type") % setype) raise ValueError(_("Type %s is invalid, must be a node type") % setype)
(rc, k) = semanage_node_key_create(self.sh, addr, mask, proto) (rc, k) = semanage_node_key_create(self.sh, addr, mask, proto)
@ -2235,7 +2235,6 @@ class fcontextRecords(semanageRecords):
try: try:
valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "file_type"))[0]["types"]) valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "file_type"))[0]["types"])
valid_types += list(list(sepolicy.info(sepolicy.ATTRIBUTE, "device_node"))[0]["types"]) valid_types += list(list(sepolicy.info(sepolicy.ATTRIBUTE, "device_node"))[0]["types"])
valid_types.append("<<none>>")
except RuntimeError: except RuntimeError:
valid_types = [] valid_types = []
@ -2363,7 +2362,7 @@ class fcontextRecords(semanageRecords):
if type == "": if type == "":
raise ValueError(_("SELinux Type is required")) raise ValueError(_("SELinux Type is required"))
if type not in self.valid_types: if type != "<<none>>" and sepolicy.get_real_type_name(type) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a file or device type") % type) raise ValueError(_("Type %s is invalid, must be a file or device type") % type)
(rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype]) (rc, k) = semanage_fcontext_key_create(self.sh, target, file_types[ftype])
@ -2426,7 +2425,7 @@ class fcontextRecords(semanageRecords):
def __modify(self, target, setype, ftype, serange, seuser): def __modify(self, target, setype, ftype, serange, seuser):
if serange == "" and setype == "" and seuser == "": if serange == "" and setype == "" and seuser == "":
raise ValueError(_("Requires setype, serange or seuser")) raise ValueError(_("Requires setype, serange or seuser"))
if setype and setype not in self.valid_types: if setype not in ["", "<<none>>"] and sepolicy.get_real_type_name(setype) not in self.valid_types:
raise ValueError(_("Type %s is invalid, must be a file or device type") % setype) raise ValueError(_("Type %s is invalid, must be a file or device type") % setype)
self.validate(target) self.validate(target)