sepolicy: do not fail when file_contexts.local or .subs do not exist

On a system without any file context customizations, "sepolicy gui"
fails to load because it tries to read a non-existing file:

    FileNotFoundError: [Errno 2] No such file or directory:
    '/etc/selinux/refpolicy-git/contexts/files/file_contexts.local'

Once this issue is fixed, another one is triggered:

    FileNotFoundError: [Errno 2] No such file or directory:
    '/etc/selinux/refpolicy-git/contexts/files/file_contexts.subs

Use try/except to catch these exceptions and use OSError/errno.ENOENT to
keep the code compatible with Python 2.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This commit is contained in:
Nicolas Iooss 2017-09-19 22:49:16 +02:00 committed by Stephen Smalley
parent 77059c39e8
commit 8f0ea463bc

View File

@ -4,6 +4,7 @@
# Author: Ryan Hallisey <rhallise@redhat.com>
# Author: Jason Zaman <perfinion@gentoo.org>
import errno
import selinux
import setools
import glob
@ -523,12 +524,15 @@ def find_entrypoint_path(exe, exclude_list=[]):
def read_file_equiv(edict, fc_path, modify):
fd = open(fc_path, "r")
try:
with open(fc_path, "r") as fd:
fc = fd.readlines()
fd.close()
for e in fc:
f = e.split()
edict[f[0]] = {"equiv": f[1], "modify": modify}
except OSError as e:
if e.errno != errno.ENOENT:
raise
return edict
@ -555,9 +559,13 @@ def get_local_file_paths(fc_path=selinux.selinux_file_context_path()):
if local_files:
return local_files
local_files = []
fd = open(fc_path + ".local", "r")
try:
with open(fc_path + ".local", "r") as fd:
fc = fd.readlines()
fd.close()
except OSError as e:
if e.errno != errno.ENOENT:
raise
return []
for i in fc:
rec = i.split()
if len(rec) == 0:
@ -585,10 +593,12 @@ def get_fcdict(fc_path=selinux.selinux_file_context_path()):
fc += fd.readlines()
fd.close()
fcdict = {}
if os.path.exists(fc_path + ".local"):
fd = open(fc_path + ".local", "r")
try:
with open(fc_path + ".local", "r") as fd:
fc += fd.readlines()
fd.close()
except OSError as e:
if e.errno != errno.ENOENT:
raise
for i in fc:
rec = i.split()