From b2a54258b40b298037cc8ae686d31d7bab714720 Mon Sep 17 00:00:00 2001 From: Nicolas Iooss Date: Fri, 21 Dec 2018 21:43:33 +0100 Subject: [PATCH] python/audit2allow: allow using audit2why as non-root user Importing sepolicy as non-root on a system with SELinux causes the following exception to be raised: ValueError: No SELinux Policy installed Ignore this when using audit2why, which allows using it with option --policy as a non-root user. Signed-off-by: Nicolas Iooss --- python/audit2allow/audit2allow | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/python/audit2allow/audit2allow b/python/audit2allow/audit2allow index 195f151c..18fe0a53 100644 --- a/python/audit2allow/audit2allow +++ b/python/audit2allow/audit2allow @@ -242,7 +242,10 @@ class AuditToPolicy: def __output_audit2why(self): import selinux - import sepolicy + try: + import sepolicy + except (ImportError, ValueError): + sepolicy = None for i in self.__parser.avc_msgs: rc = i.type data = i.data @@ -262,11 +265,13 @@ class AuditToPolicy: if len(data) > 1: print("\tOne of the following booleans was set incorrectly.") for b in data: - print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(b[0])) + if sepolicy is not None: + print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(b[0])) print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1])) else: print("\tThe boolean %s was set incorrectly. " % (data[0][0])) - print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(data[0][0])) + if sepolicy is not None: + print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(data[0][0])) print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (data[0][0], data[0][1])) continue