selinux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Vit Mojzis <vmojzis@redhat.com>
To: nicolas.iooss@m4x.org
Cc: selinux@vger.kernel.org
Subject: Re: [PATCH] python: replace aliases with corresponding type names
Date: Fri, 9 Nov 2018 09:53:21 +0100	[thread overview]
Message-ID: <38deb58a-f063-58ff-6178-9e8d4c7ab946@redhat.com> (raw)
In-Reply-To: <CAJfZ7==a_f6sJhHRwec1MkU70uOXZ0CLEqy7qK-53titStTWUQ@mail.gmail.com>


On 05. 11. 18 21:51, Nicolas Iooss wrote:
> On Tue, Oct 30, 2018 at 4:27 PM Vit Mojzis <vmojzis@redhat.com> wrote:
>> Aliases are not used in the selinux database. When user enters a type
>> alias as a parameter it should be converted to the corresponding type
>> in order to be processed correctly further in the userspace logic.
>>
>> Fixes e.g.:
>>
>> \#sepolicy transition -s phpfpm_t
>> /* where phpfpm_t is a type alias of httpd_t */
>>
>> Traceback (most recent call last):
>>    File "/usr/bin/sepolicy", line 691, in <module>
>>      args.func(args)
>>    File "/usr/bin/sepolicy", line 458, in transition
>>      mytrans = setrans(args.source, args.target)
>>    File "/usr/lib/python3.6/site-packages/sepolicy/transition.py", line 48, in __init__
>>      self._process(self.source)
>>    File "/usr/lib/python3.6/site-packages/sepolicy/transition.py", line 54, in _process
>>      trans = _get_trans(source)
>>    File "/usr/lib/python3.6/site-packages/sepolicy/transition.py", line 36, in _get_trans
>>      src_list = [src] + list(filter(lambda x: x['name'] == src, sepolicy.get_all_types_info()))[0]['attributes']
>> IndexError: list index out of range
>> ---
>>   python/semanage/seobject.py          | 43 ++++++++++++++++++++--------
>>   python/sepolicy/sepolicy.py          | 11 ++++---
>>   python/sepolicy/sepolicy/__init__.py | 14 ++++-----
>>   3 files changed, 45 insertions(+), 23 deletions(-)
>>
> [...]
>> diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
>> index b18683e4..7db43957 100644
>> --- a/python/sepolicy/sepolicy/__init__.py
>> +++ b/python/sepolicy/sepolicy/__init__.py
>> @@ -172,7 +172,7 @@ def info(setype, name=None):
>>           results = list(q.results())
>>
>>           if name and len(results) < 1:
>> -            # type not found, try alias
>> +            #type not found, try alias
>>               q.name = None
>>               q.alias = name
>>               results = list(q.results())
> Hi, your patch looks good to me, but the comments you are using do not
> follow PEP-8 (https://www.python.org/dev/peps/pep-0008/#block-comments)
> and raise warnings in some linters that I am using. For example,
> flake8 reports:
>
> python/sepolicy/sepolicy/__init__.py:172:13: E265 block comment should
> start with '# '
> python/sepolicy/sepolicy/__init__.py:1072:9: E265 block comment should
> start with '# '
>
> I would like to apply the patch with the spaces added between "#" and
> the comment line. Does it suits you?


Sure, whatever needs fixing.

Thank you :)


> Otherwise, I will submit a patch
> to fix the comments after applying this patch.
>
> Thanks,
> Nicolas
>

  reply	other threads:[~2018-11-09  8:53 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-10-16 10:05 Fix alias handling in sepolicy and semanage Vit Mojzis
2018-10-16 10:05 ` [PATCH 1/3] python/sepolicy: Fix "info" to search aliases as well Vit Mojzis
2018-10-16 10:05 ` [PATCH 2/3] python/sepolicy: Stop rejecting aliases in sepolicy commands Vit Mojzis
2018-10-21  9:10   ` Nicolas Iooss
2018-10-21  9:20     ` Nicolas Iooss
2018-10-22 15:40       ` Vit Mojzis
2018-10-22 15:43       ` Vit Mojzis
2018-10-22 17:53         ` Nicolas Iooss
2018-10-23 19:23           ` Nicolas Iooss
2018-10-30 15:26             ` Vit Mojzis
2018-10-30 15:26               ` [PATCH] python: replace aliases with corresponding type names Vit Mojzis
2018-11-05 20:51                 ` Nicolas Iooss
2018-11-09  8:53                   ` Vit Mojzis [this message]
2018-11-11 20:48                     ` Nicolas Iooss
2018-10-16 10:05 ` [PATCH 3/3] python/semanage: Stop rejecting aliases in semanage commands Vit Mojzis

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=38deb58a-f063-58ff-6178-9e8d4c7ab946@redhat.com \
    --to=vmojzis@redhat.com \
    --cc=nicolas.iooss@m4x.org \
    --cc=selinux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).