Commit Graph

100 Commits

Author SHA1 Message Date
Petr Lautrbach
cf853c1a0c
Update VERSIONs to 3.2 for release.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2021-03-04 16:42:59 +01:00
Petr Lautrbach
be065c4b44
sepolicy: Do not try to load policy on import
When a policy is inaccessible, scripts fail right "import sepolicy". With
this change we let the "sepolicy" module to import and move the policy
initialization before it's used for the first time.

Fixes:
    >>> import seobject
    Traceback (most recent call last):
      File "/usr/lib/python3.9/site-packages/sepolicy/__init__.py", line 171, in policy
        _pol = setools.SELinuxPolicy(policy_file)
      File "setools/policyrep/selinuxpolicy.pxi", line 73, in setools.policyrep.SELinuxPolicy.__cinit__
      File "setools/policyrep/selinuxpolicy.pxi", line 695, in setools.policyrep.SELinuxPolicy._load_policy
    PermissionError: [Errno 13] Permission denied: '//etc/selinux/targeted/policy/policy.33'

    During handling of the above exception, another exception occurred:

    Traceback (most recent call last):
      File "<stdin>", line 1, in <module>
      File "/usr/lib/python3.9/site-packages/seobject.py", line 33, in <module>
        import sepolicy
      File "/usr/lib/python3.9/site-packages/sepolicy/__init__.py", line 186, in <module>
        raise e
      File "/usr/lib/python3.9/site-packages/sepolicy/__init__.py", line 183, in <module>
        policy(policy_file)
      File "/usr/lib/python3.9/site-packages/sepolicy/__init__.py", line 173, in policy
        raise ValueError(_("Failed to read %s policy file") % policy_file)
    ValueError: Failed to read //etc/selinux/targeted/policy/policy.33 policy file

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2021-02-27 21:38:24 +01:00
Petr Lautrbach
d4d1f4ba7e
Update VERSIONs to 3.2-rc3 for release.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2021-02-24 15:49:59 +01:00
Petr Lautrbach
2c7c4a84c3
Update VERSIONs to 3.2-rc2 for release.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2021-02-03 11:26:28 +01:00
Petr Lautrbach
c534d4e2ce
Update VERSIONs and Python bindings version to 3.2-rc1 for release
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2021-01-20 12:40:14 +01:00
Bernhard M. Wiedemann
fadcc8396c python/sepolicy: allow to override manpage date
in order to make builds reproducible.
See https://reproducible-builds.org/ for why this is good
and https://reproducible-builds.org/specs/source-date-epoch/
for the definition of this variable.

This patch was done while working on reproducible builds for openSUSE.

Signed-off-by: Bernhard M. Wiedemann <bwiedemann@suse.de>
2020-11-13 10:53:59 +01:00
Petr Lautrbach
7df27b78e9 Update VERSIONs and Python bindings version to 3.1 for release
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2020-07-10 17:17:15 +02:00
Petr Lautrbach
f5ac1209f9 python/sepolicy: Use xml.etree.ElementTree.Element.iter()
xml.etree.ElementTree.Element.getiterator() was deprecated since Python 3.2 and
dropped in Python 3.9

Fixes:
Verify sepolicy interface -c -i works ... Traceback (most recent call last):
  File "/usr/bin/sepolicy", line 691, in <module>
    args = parser.parse_args(args=parser_args)
  File "/usr/lib64/python3.9/argparse.py", line 1819, in parse_args
    args, argv = self.parse_known_args(args, namespace)
  File "/usr/lib64/python3.9/argparse.py", line 1852, in parse_known_args
    namespace, args = self._parse_known_args(args, namespace)
  File "/usr/lib64/python3.9/argparse.py", line 2043, in _parse_known_args
    positionals_end_index = consume_positionals(start_index)
  File "/usr/lib64/python3.9/argparse.py", line 2020, in consume_positionals
    take_action(action, args)
  File "/usr/lib64/python3.9/argparse.py", line 1929, in take_action
    action(self, namespace, argument_values, option_string)
  File "/usr/lib64/python3.9/argparse.py", line 1208, in __call__
    subnamespace, arg_strings = parser.parse_known_args(arg_strings, None)
  File "/usr/lib64/python3.9/argparse.py", line 1852, in parse_known_args
    namespace, args = self._parse_known_args(args, namespace)
  File "/usr/lib64/python3.9/argparse.py", line 2061, in _parse_known_args
    start_index = consume_optional(start_index)
  File "/usr/lib64/python3.9/argparse.py", line 2001, in consume_optional
    take_action(action, args, option_string)
  File "/usr/lib64/python3.9/argparse.py", line 1929, in take_action
    action(self, namespace, argument_values, option_string)
  File "/usr/bin/sepolicy", line 216, in __call__
    interface_dict = get_interface_dict()
  File "/usr/lib/python3.9/site-packages/sepolicy/interface.py", line 149, in get_interface_dict
    for i in m.getiterator('interface'):
AttributeError: 'xml.etree.ElementTree.Element' object has no attribute 'getiterator'

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
Acked-by: Stephen Smalley <stephen.smalley.work@gmail.com>
2020-06-18 19:29:21 +02:00
Nicolas Iooss
63bf6afe5e python/sepolicy: silence new flake8 warnings
pyflakes 2.2.0 improved the way format strings are analyzed, which
triggers new warnings in flake8:

    python/sepolicy/sepolicy/manpage.py:1046:23: F999 '...' % ... has
    unused named argument(s): type

    python/sepolicy/sepolicy/manpage.py:1225:23: F999 '...' % ... has
    unused named argument(s): user

Remove the unused arguments in order to silence these warnings.

This fixes failures in Travis-CI such as
https://travis-ci.org/github/SELinuxProject/selinux/jobs/686230518#L5153

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Acked-by: William Roberts <william.c.roberts@intel.com>
2020-05-13 11:12:55 +02:00
Christian Göttsche
7c73601d54 tree-wide: introduce PYTHON_SETUP_ARGS to customize setup.py calls on Debian
On Debian the `distutils` module is patched, so `get_python_lib()`
returns by default `/usr/lib/python3/dist-packages` (no minor version)

But `setuptools` affecting setup.py is not patched to create the library
directory at `/usr/lib/python3/dist-packages` by default, rather than a
command line argument `--install-layout deb` is added

Add PYTHON_SETUP_ARGS as argument to affected setup.py calls and add a
note in the global README.md

See https://www.debian.org/doc/packaging-manuals/python-policy/packaging_tools.html
Section B.1

Fixes: https://github.com/SELinuxProject/selinux/issues/187

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
2020-05-06 16:12:35 +02:00
Topi Miettinen
603665855a sepolicy: fix some typos and port definitions
The range of unreserved ports starts from 1024 and ends to
65535 (inclusive). (Secure) RPC ports can be between 512 and
1023 (inclusive).

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
2020-05-04 10:31:44 +02:00
Topi Miettinen
db196873ae sepolicy-gui: fix columns in transitions view
Delete an unused column from view "Application Transitions From". The
second column displays names of the executable files instead of
booleans.

Signed-off-by: Topi Miettinen <toiwoton@gmail.com>
Acked-by: Petr Lautrbach <plautrba@redhat.com>
2020-05-04 10:31:39 +02:00
Petr Lautrbach
dca7ce8195
Update VERSIONs to 3.0 for release.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-11-28 13:46:48 +01:00
Petr Lautrbach
6e187f8a2a Update VERSIONs to 3.0-rc2 for release.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-11-22 13:54:17 +01:00
Petr Lautrbach
8375671d30 python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions"
Commit 73b7ff410c ("Only invoke RPM on RPM-enabled Linux distributions") used
platform.linux_distribution() function to detect whether the system is rpm
based. This function is deprecated since Python 3.5 and it's removed from Python
3.8 - https://bugs.python.org/issue28167

The original problem is already fixed by another commit
671f83b42b ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return
value"):

    $ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home
    Failed to retrieve rpm info for selinux-policy
    Created the following files:
    mypolicy/testpolicy.te # Type Enforcement file
    mypolicy/testpolicy.if # Interface file
    mypolicy/testpolicy.fc # File Contexts file
    mypolicy/testpolicy_selinux.spec # Spec file
    mypolicy/testpolicy.sh # Setup Script

Fixes:
     File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate
       if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
     AttributeError: module 'platform' has no attribute 'linux_distribution'

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-11-08 09:20:35 -05:00
Petr Lautrbach
b3ed0a7a60 Update VERSIONs to 3.0-rc1 for release.
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-10-28 13:06:11 +01:00
Ondrej Mosnacek
7494bb1298 sepolicy: generate man pages in parallel
Generating man pages takes a lot of time. Do it in parallel to speed up
the process.

Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
2019-10-21 08:40:53 -04:00
Stephen Smalley
510a679b47 python/sepolicy: call segenxml.py with python3
Fixes: https://github.com/SELinuxProject/selinux/issues/61
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-10-15 10:17:09 -04:00
Petr Lautrbach
54cb5c674b Switch last 2 files using /usr/bin/env to /usr/bin/python3
Other python scripts already use python3 by default. Both files don't have exec
bits so they have to be run using python interpret on command line anyway:

    $ python3 ./setup.py ...

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-09-26 08:32:18 -04:00
Nicolas Iooss
b550c0e202
Fix many misspellings
Use codespell (https://github.com/codespell-project/codespell) in order
to find many common misspellings that are present in English texts.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-18 22:47:35 +02:00
Nicolas Iooss
0da7718310 python/sepolicy: remove unnecessary pass statement
This issue has been found using lgtm.com analyzer:
eac5e661ca/files/python/sepolicy/sepolicy/__init__.py (x9f8225117f52fb01):1

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-09-17 10:38:54 -04:00
Petr Lautrbach
1952be65dc Switch to python3 by default
- Python 2.7 is planned to be the last of the 2.x releases
- It's generally advised to use Python 3
- Majority of python/ scripts are already switched python3
- Users with python 2 only can still use:

$ make PYTHON=/usr/bin/python ....

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-02-20 16:43:27 +01:00
Nicolas Iooss
72dc5c6241
python: always use python3 in the shebang of programs using setools
setools 4.2.0 dropped support for Python 2. On systems where
/usr/bin/python is Python 2, several tools are now broken because of
this. Update the shebang of these tools to /usr/bin/python3.

For future reference, as semanage/seobject.py, sepolicy and sepolgen
import setools, every program that uses one of these modules need to be
run with Python 3. The following programs do not use any of these
modules so their shebangs have not been modified:

    dbus/selinux_server.py
    libsemanage/utils/semanage_migrate_store
    mcstrans/share/util/mlscolor-test
    mcstrans/share/util/mlstrans-test
    sandbox/start

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-02-17 22:34:50 +01:00
Nicolas Iooss
9336e435dd
python/sepolicy: drop python shebang from the module
The files in sepolicy's module directory are not supposed to used as
executable files. The shebang line is therefore not needed.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-02-17 22:34:42 +01:00
Nicolas Iooss
ae03c821b7
python/sepolicy: fix variable name
modify_button_clicked() used variable "type" in a comparison instead of
"ftype". This is a bug, which has been found with flake8 3.7.0. This
linter reported:

    python/sepolicy/sepolicy/gui.py:1548:20: F823 local variable 'type'
    {0} referenced before assignment

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-01-31 20:57:28 +01:00
Nicolas Iooss
f906ae66a4
python: use == or != when comparing a variable with a string or a integer
Flake8 3.7.0 added a new fatal error message when parsing Python files:

    python/semanage/semanage:112:16: F632 use ==/!= to compare str, bytes, and int literals
    python/semanage/semanage:124:23: F632 use ==/!= to compare str, bytes, and int literals
    ...
    python/sepolgen/src/sepolgen/output.py:77:8: F632 use ==/!= to compare str, bytes, and int literals
    python/sepolgen/src/sepolgen/output.py:80:8: F632 use ==/!= to compare str, bytes, and int literals
    python/sepolgen/src/sepolgen/output.py:83:8: F632 use ==/!= to compare str, bytes, and int literals
    python/sepolicy/sepolicy/generate.py:646:16: F632 use ==/!= to compare str, bytes, and int literals
    python/sepolicy/sepolicy/generate.py:1349:16: F632 use ==/!= to compare str, bytes, and int literals

Fix all these warnings.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-01-31 20:57:23 +01:00
Nicolas Iooss
61f7b35b10
python: reindent lines that were over-indented
Flake8 3.7.0 warns about lines that are over-indented, i.e. lines that
are indented with more than 4 spaces:

    python/sepolgen/src/sepolgen/refparser.py:1047:26: E117 over-indented
    python/sepolgen/src/sepolgen/yacc.py:2569:21: E117 over-indented
    python/sepolicy/sepolicy/interface.py:196:13: E117 over-indented
    python/sepolicy/sepolicy/interface.py:198:13: E117 over-indented
    python/sepolicy/sepolicy/interface.py:215:13: E117 over-indented
    python/sepolicy/sepolicy/interface.py:217:13: E117 over-indented
    python/sepolicy/sepolicy/manpage.py:172:13: E117 over-indented
    python/sepolicy/sepolicy/manpage.py:174:13: E117 over-indented

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-01-31 20:57:17 +01:00
Aleksei Nikiforov
0445e65d83 Allow installing translated man pages
Signed-off-by: Aleksei Nikiforov <darktemplar@basealt.ru>
2019-01-28 12:03:57 +01:00
Aleksei Nikiforov
e3e3873de7 Add man pages translation by Olesya Gerasimenko
Signed-off-by: Olesya Gerasimenko <gammaray@basealt.ru>
Signed-off-by: Aleksei Nikiforov <darktemplar@basealt.ru>
2019-01-28 12:03:57 +01:00
Nicolas Iooss
9dad37e37a
python/sepolicy: initialize mislabeled_files in __init__()
Using "sepolicy gui" sometimes leads to an exception when entering the
Files tab:

    Traceback (most recent call last):
      File "python/sepolicy/sepolicy/gui.py", line 1345, in tab_change
        self.show_mislabeled_files_only.set_visible(self.mislabeled_files)
    AttributeError: 'SELinuxGui' object has no attribute 'mislabeled_files'

Indeed, when application_selected() calls show_applications_page(), this
function calls tab_change(), which can use mislabeled_files in this
line:

    self.show_mislabeled_files_only.set_visible(self.mislabeled_files)

Make sure that mislabeled_files is initialized by defining it in
__init__(), in order to fix this error. Its value will be properly set
later, by calling several initializers, which is why the original
assignment to False is kept in:

    self.mislabeled_files = False
    self.executable_files_initialize(app)
    self.network_initialize(app)
    self.writable_files_initialize(app)
    self.transitions_into_initialize(app)
    self.transitions_from_initialize(app)
    self.application_files_initialize(app)
    self.transitions_files_initialize(app)

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2019-01-16 21:29:17 +01:00
Petr Lautrbach
1015aef5cf
python/sepolicy: Make policy files sorting more robust
The sorting order seems to be fragile because '100' < '99', so the policy
filename needs to be parsed in order to extract the version as an integer and
sort according to it.

Based on idea from Nicolas Iooss <nicolas.iooss@m4x.org>

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-01-05 14:50:16 +01:00
Petr Lautrbach
ef359c97c9
python/sepolicy: Add sepolicy.load_store_policy(store)
load_store_policy() allows to (re)load SELinux policy based on a store name. It
is useful when SELinux is disabled and default policy is not installed; or when
a user wants to query or manipulate another policy.

Related: https://bugzilla.redhat.com/show_bug.cgi?id=1558861

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2019-01-05 14:49:17 +01:00
Petr Lautrbach
5013d2ba97 python/sepolicy: search() also for dontaudit rules
dontaudit rules were accidentally dropped during rewrite to SETools 4 API in
97d5f6a2

Fixes:
>>> import sepolicy
>>> sepolicy.search(['dontaudit'])
[]

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2018-12-18 13:21:06 +01:00
Vit Mojzis
a3be73bea4
python: replace aliases with corresponding type names
Aliases are not used in the selinux database. When user enters a type
alias as a parameter it should be converted to the corresponding type
in order to be processed correctly further in the userspace logic.

Fixes e.g.:

\#sepolicy transition -s phpfpm_t
/* where phpfpm_t is a type alias of httpd_t */

Traceback (most recent call last):
  File "/usr/bin/sepolicy", line 691, in <module>
    args.func(args)
  File "/usr/bin/sepolicy", line 458, in transition
    mytrans = setrans(args.source, args.target)
  File "/usr/lib/python3.6/site-packages/sepolicy/transition.py", line 48, in __init__
    self._process(self.source)
  File "/usr/lib/python3.6/site-packages/sepolicy/transition.py", line 54, in _process
    trans = _get_trans(source)
  File "/usr/lib/python3.6/site-packages/sepolicy/transition.py", line 36, in _get_trans
    src_list = [src] + list(filter(lambda x: x['name'] == src, sepolicy.get_all_types_info()))[0]['attributes']
IndexError: list index out of range
2018-11-10 17:26:13 +01:00
Vit Mojzis
4c63b8e7b6
python/sepolicy: Stop rejecting aliases in sepolicy commands
Fix CheckDomain and CheckPortType classes to properly deal with aliases.

Resolves:
   https://bugzilla.redhat.com/show_bug.cgi?id=1600009

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-10-23 20:47:48 +02:00
Vit Mojzis
448f5a9257
python/sepolicy: Fix "info" to search aliases as well
Restore previous behaviour of "sepolicy.info()".

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
2018-10-23 20:47:30 +02:00
Vit Mojzis
e5f312667b
python/sepolicy: Update to work with setools-4.2.0
Change in internal setools API causes sepolicy to crash when processing
AVRules.

    File "python/sepolicy/sepolicy/__init__.py", line 277, in _setools_rule_to_dict
        if isinstance(rule, setools.policyrep.terule.AVRule):
    AttributeError: module 'setools.policyrep' has no attribute 'terule'

See https://github.com/SELinuxProject/setools/issues/8 for more details.

Stop using internal setools API:

- use AttributeError instead of setools specific exceptions
- evaluate conditional expressions using conditional.evaluate() instead
of qpol_symbol.is_enabled()

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-09-25 21:30:15 +02:00
Nicolas Iooss
6f01778406
python: remove semicolon from end of lines
Python does not need to end a statement with a semicolon. Doing this
gets reported by linters such as flake8 ("E703 statement ends with a
semicolon").

Remove such semicolons in the code and enable this warning in
scripts/run-flake8.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-19 17:55:19 +02:00
Nicolas Iooss
fa671f434e
python/sepolicy: add missing % in network tab help text
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-15 23:00:08 +02:00
Nicolas Iooss
6ea7f067c8
python/sepolicy: do not import types
This module is not used and its name conflicts with variable "types".

This issue has been found using flake8. This Python linter reported:

    python/sepolicy/sepolicy/generate.py:657:5: F811 redefinition of
    unused 'types' from line 31

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-15 22:12:10 +02:00
Nicolas Iooss
052a4fde73
python/sepolicy: do not import sepolicy.generate.DAEMON twice
This issue has been found using flake8. This Python linter reported:

    python/sepolicy/sepolicy.py:582:5: F811 redefinition of unused
    'DAEMON' from line 582

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-15 22:12:10 +02:00
Nicolas Iooss
a33528b0d2
python/sepolicy: use variables which exist in the gui.py
Some function used variables which were not defined when populating
self.cur_dict with an operation. Fix this, even though the old values do
not seem to be used.

This issue has been found using flake8. This Python linter reported:

    python/sepolicy/sepolicy/gui.py:2020:101: F821 undefined name 'oldsetype'
    python/sepolicy/sepolicy/gui.py:2020:122: F821 undefined name 'oldmls'
    python/sepolicy/sepolicy/gui.py:2020:142: F821 undefined name 'oldclass'
    python/sepolicy/sepolicy/gui.py:2050:133: F821 undefined name 'oldmls'

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-15 22:12:10 +02:00
Nicolas Iooss
8fac024785
python/sepolicy: fix "procotol" misspelling
procotol -> protocol

This issue has been found using flake8. This Python linter reported:

    python/sepolicy/sepolicy/gui.py:2525:132: F821 undefined name 'procotol'

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-15 22:12:09 +02:00
Nicolas Iooss
495c4c894a
python/sepolicy: use lowercase variable name
SELinuxGui.files_initial_data_insert() uses both "seLinux_label" and
"selinux_label", which leads to using an undefined variable, as reported
by flake8:

    python/sepolicy/sepolicy/gui.py:1191:42: F821 undefined name 'selinux_label'

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-15 22:12:08 +02:00
Nicolas Iooss
1fb0c7790c
python/sepolicy: drop unused CheckPolicyType
CheckPolicyType class is not used in sepolicy and has been written from
an buggy copy-paste: "newval.append(v)" does not make any sense in
CheckPolicyType.__call__, as reported by flake8:

    python/sepolicy/sepolicy.py:190:13: F821 undefined name 'newval'
    python/sepolicy/sepolicy.py:190:27: F821 undefined name 'v'

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-08-15 22:12:08 +02:00
Yuri Chornoivan
f032946cf9 Fix minor typos
Signed-off-by: Yuri Chornoivan <yurchor@ukr.net>
2018-06-30 20:28:25 +02:00
Nicolas Iooss
df135b07a7 python/sepolicy: Initialize policy.ports as a dict in generate.py
in class policy, ports is usually initialized with the result of
get_all_ports(), which is a dict. If this function failed, the error was
not fatal but ports was left initialized as a list, which would trigger
other errors when accessing it.

Initialize ports as an empty dict in order to fix this issue.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-02-23 15:23:47 -05:00
Nicolas Iooss
8059ad7ad1 python/sepolicy: Support non-MLS policy
When using sepolgen GUI on a system with a non-MLS policy,
sepolicy.info(sepolicy.PORT) does not define "range" attributes (since
commit 908340e8e7 ("sepolicy: support non-MLS policy in manpage")).
Replace them with None in get_all_ports() result.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-02-23 15:23:47 -05:00
Nicolas Iooss
b8296872fe python/sepolicy: Fix translated strings with parameters
When a translated string takes parameters with %, the % and the
parameters need to be after the call to the underline function in order
to work properly.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2018-02-23 15:23:47 -05:00
Petr Lautrbach
41f1882724 python/sepolicy: Do not use types.BooleanType
It was removed from Python 3

Fixes:
File "polgengui.py", line 390, in forward
  self.generate_policy()
File "polgengui.py", line 491, in generate_policy
  my_policy.set_use_syslog(self.syslog_checkbutton.get_active() == 1)
File "/home/plautrba/devel/github/bachradsusi/SELinuxProject-selinux/python/sepolicy/sepolicy/generate.py",  line 468, in set_use_syslog
  if not isinstance(val, types.BooleanType):
AttributeError: module 'types' has no attribute 'BooleanType'

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
2018-02-23 15:23:47 -05:00