[PATCH] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions"

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions"
@ 2019-11-06 10:59 Petr Lautrbach
  2019-11-06 16:50 ` Stephen Smalley
  0 siblings, 1 reply; 5+ messages in thread
From: Petr Lautrbach @ 2019-11-06 10:59 UTC (permalink / raw)
  To: selinux; +Cc: Petr Lautrbach

Commit 8ad76337d09d4b0080275d74392a258ea4ed0273 ("Only invoke RPM on RPM-enabled
Linux distributions") used platform.linux_distribution() function to detect
whether the system is rpm based. This function is deprecated since Python 3.5
and it's removed from Python 3.8 - https://bugs.python.org/issue28167

The original problem is already fixed by another commit
671f83b42ba2 ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return
value"):

    $ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home
    Failed to retrieve rpm info for selinux-policy
    Created the following files:
    mypolicy/testpolicy.te # Type Enforcement file
    mypolicy/testpolicy.if # Interface file
    mypolicy/testpolicy.fc # File Contexts file
    mypolicy/testpolicy_selinux.spec # Spec file
    mypolicy/testpolicy.sh # Setup Script

Fixes:
     File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate
       if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
     AttributeError: module 'platform' has no attribute 'linux_distribution'

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
---
 python/sepolicy/sepolicy/generate.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py
index 973edb9d..e8d07e7d 100644
--- a/python/sepolicy/sepolicy/generate.py
+++ b/python/sepolicy/sepolicy/generate.py
@@ -26,7 +26,6 @@ import re
 import sepolicy
 from sepolicy import get_all_types, get_all_attributes, get_all_roles
 import time
-import platform
 
 from .templates import executable
 from .templates import boolean
@@ -1178,8 +1177,7 @@ allow %s_t %s_t:%s_socket name_%s;
                 newsh += re.sub("TEMPLATETYPE", self.name, t1)
 
         newsh += self.generate_user_sh()
-        if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
-            newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
+        newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
 
         return newsh
 
@@ -1379,7 +1377,6 @@ Warning %s does not exist
         out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
         out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file"))
         if self.type != NEWTYPE:
-            if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
-                out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
+            out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
             out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
         return out
-- 
2.23.0


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions"
  2019-11-06 10:59 [PATCH] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions" Petr Lautrbach
@ 2019-11-06 16:50 ` Stephen Smalley
  2019-11-07 10:23   ` [PATCH v2] " Petr Lautrbach
  0 siblings, 1 reply; 5+ messages in thread
From: Stephen Smalley @ 2019-11-06 16:50 UTC (permalink / raw)
  To: Petr Lautrbach, selinux

On 11/6/19 5:59 AM, Petr Lautrbach wrote:
> Commit 8ad76337d09d4b0080275d74392a258ea4ed0273 ("Only invoke RPM on RPM-enabled
> Linux distributions") used platform.linux_distribution() function to detect

That isn't a commit hash from the upstream selinux repo at least as far 
as I can tell from my clone.  The corresponding one is 
73b7ff410c1b2958c5c1f8e26cae5347d56416d4.

Otherwise, looks good to me.

Acked-by: Stephen Smalley <sds@tycho.nsa.gov>

> whether the system is rpm based. This function is deprecated since Python 3.5
> and it's removed from Python 3.8 - https://bugs.python.org/issue28167
> 
> The original problem is already fixed by another commit
> 671f83b42ba2 ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return
> value"):
> 
>      $ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home
>      Failed to retrieve rpm info for selinux-policy
>      Created the following files:
>      mypolicy/testpolicy.te # Type Enforcement file
>      mypolicy/testpolicy.if # Interface file
>      mypolicy/testpolicy.fc # File Contexts file
>      mypolicy/testpolicy_selinux.spec # Spec file
>      mypolicy/testpolicy.sh # Setup Script
> 
> Fixes:
>       File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate
>         if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
>       AttributeError: module 'platform' has no attribute 'linux_distribution'
> 
> Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
> ---
>   python/sepolicy/sepolicy/generate.py | 7 ++-----
>   1 file changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py
> index 973edb9d..e8d07e7d 100644
> --- a/python/sepolicy/sepolicy/generate.py
> +++ b/python/sepolicy/sepolicy/generate.py
> @@ -26,7 +26,6 @@ import re
>   import sepolicy
>   from sepolicy import get_all_types, get_all_attributes, get_all_roles
>   import time
> -import platform
>   
>   from .templates import executable
>   from .templates import boolean
> @@ -1178,8 +1177,7 @@ allow %s_t %s_t:%s_socket name_%s;
>                   newsh += re.sub("TEMPLATETYPE", self.name, t1)
>   
>           newsh += self.generate_user_sh()
> -        if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
> -            newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
> +        newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
>   
>           return newsh
>   
> @@ -1379,7 +1377,6 @@ Warning %s does not exist
>           out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
>           out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file"))
>           if self.type != NEWTYPE:
> -            if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
> -                out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
> +            out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
>               out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
>           return out
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* [PATCH v2] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions"
  2019-11-06 16:50 ` Stephen Smalley
@ 2019-11-07 10:23   ` Petr Lautrbach
  2019-11-07 13:17     ` Stephen Smalley
  2019-11-12 14:35     ` Stephen Smalley
  0 siblings, 2 replies; 5+ messages in thread
From: Petr Lautrbach @ 2019-11-07 10:23 UTC (permalink / raw)
  To: selinux; +Cc: Petr Lautrbach

Commit 73b7ff410c1b ("Only invoke RPM on RPM-enabled Linux distributions") used
platform.linux_distribution() function to detect whether the system is rpm
based. This function is deprecated since Python 3.5 and it's removed from Python
3.8 - https://bugs.python.org/issue28167

The original problem is already fixed by another commit
671f83b42ba2 ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return
value"):

    $ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home
    Failed to retrieve rpm info for selinux-policy
    Created the following files:
    mypolicy/testpolicy.te # Type Enforcement file
    mypolicy/testpolicy.if # Interface file
    mypolicy/testpolicy.fc # File Contexts file
    mypolicy/testpolicy_selinux.spec # Spec file
    mypolicy/testpolicy.sh # Setup Script

Fixes:
     File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate
       if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
     AttributeError: module 'platform' has no attribute 'linux_distribution'

Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
---

The commit hash in the commit message is fixed now.

 python/sepolicy/sepolicy/generate.py | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py
index 973edb9d6b91..e8d07e7d65a9 100644
--- a/python/sepolicy/sepolicy/generate.py
+++ b/python/sepolicy/sepolicy/generate.py
@@ -26,7 +26,6 @@ import re
 import sepolicy
 from sepolicy import get_all_types, get_all_attributes, get_all_roles
 import time
-import platform
 
 from .templates import executable
 from .templates import boolean
@@ -1178,8 +1177,7 @@ allow %s_t %s_t:%s_socket name_%s;
                 newsh += re.sub("TEMPLATETYPE", self.name, t1)
 
         newsh += self.generate_user_sh()
-        if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
-            newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
+        newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
 
         return newsh
 
@@ -1379,7 +1377,6 @@ Warning %s does not exist
         out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
         out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file"))
         if self.type != NEWTYPE:
-            if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
-                out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
+            out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
             out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
         return out
-- 
2.23.0


^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH v2] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions"
  2019-11-07 10:23   ` [PATCH v2] " Petr Lautrbach
@ 2019-11-07 13:17     ` Stephen Smalley
  2019-11-12 14:35     ` Stephen Smalley
  1 sibling, 0 replies; 5+ messages in thread
From: Stephen Smalley @ 2019-11-07 13:17 UTC (permalink / raw)
  To: Petr Lautrbach, selinux

On 11/7/19 5:23 AM, Petr Lautrbach wrote:
> Commit 73b7ff410c1b ("Only invoke RPM on RPM-enabled Linux distributions") used
> platform.linux_distribution() function to detect whether the system is rpm
> based. This function is deprecated since Python 3.5 and it's removed from Python
> 3.8 - https://bugs.python.org/issue28167
> 
> The original problem is already fixed by another commit
> 671f83b42ba2 ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return
> value"):
> 
>      $ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home
>      Failed to retrieve rpm info for selinux-policy
>      Created the following files:
>      mypolicy/testpolicy.te # Type Enforcement file
>      mypolicy/testpolicy.if # Interface file
>      mypolicy/testpolicy.fc # File Contexts file
>      mypolicy/testpolicy_selinux.spec # Spec file
>      mypolicy/testpolicy.sh # Setup Script
> 
> Fixes:
>       File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate
>         if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
>       AttributeError: module 'platform' has no attribute 'linux_distribution'
> 
> Signed-off-by: Petr Lautrbach <plautrba@redhat.com>

Acked-by: Stephen Smalley <sds@tycho.nsa.gov>

> ---
> 
> The commit hash in the commit message is fixed now.
> 
>   python/sepolicy/sepolicy/generate.py | 7 ++-----
>   1 file changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py
> index 973edb9d6b91..e8d07e7d65a9 100644
> --- a/python/sepolicy/sepolicy/generate.py
> +++ b/python/sepolicy/sepolicy/generate.py
> @@ -26,7 +26,6 @@ import re
>   import sepolicy
>   from sepolicy import get_all_types, get_all_attributes, get_all_roles
>   import time
> -import platform
>   
>   from .templates import executable
>   from .templates import boolean
> @@ -1178,8 +1177,7 @@ allow %s_t %s_t:%s_socket name_%s;
>                   newsh += re.sub("TEMPLATETYPE", self.name, t1)
>   
>           newsh += self.generate_user_sh()
> -        if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
> -            newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
> +        newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
>   
>           return newsh
>   
> @@ -1379,7 +1377,6 @@ Warning %s does not exist
>           out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
>           out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file"))
>           if self.type != NEWTYPE:
> -            if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
> -                out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
> +            out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
>               out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
>           return out
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH v2] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions"
  2019-11-07 10:23   ` [PATCH v2] " Petr Lautrbach
  2019-11-07 13:17     ` Stephen Smalley
@ 2019-11-12 14:35     ` Stephen Smalley
  1 sibling, 0 replies; 5+ messages in thread
From: Stephen Smalley @ 2019-11-12 14:35 UTC (permalink / raw)
  To: Petr Lautrbach, selinux

On 11/7/19 5:23 AM, Petr Lautrbach wrote:
> Commit 73b7ff410c1b ("Only invoke RPM on RPM-enabled Linux distributions") used
> platform.linux_distribution() function to detect whether the system is rpm
> based. This function is deprecated since Python 3.5 and it's removed from Python
> 3.8 - https://bugs.python.org/issue28167
> 
> The original problem is already fixed by another commit
> 671f83b42ba2 ("policycoreutils/sepolicy: Check get_rpm_nvr_list() return
> value"):
> 
>      $ sepolicy generate --customize -p mypolicy -n testpolicy -d httpd_sys_script_t -w /home
>      Failed to retrieve rpm info for selinux-policy
>      Created the following files:
>      mypolicy/testpolicy.te # Type Enforcement file
>      mypolicy/testpolicy.if # Interface file
>      mypolicy/testpolicy.fc # File Contexts file
>      mypolicy/testpolicy_selinux.spec # Spec file
>      mypolicy/testpolicy.sh # Setup Script
> 
> Fixes:
>       File "/usr/lib/python3.8/site-packages/sepolicy/generate.py", line 1384, in generate
>         if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
>       AttributeError: module 'platform' has no attribute 'linux_distribution'
> 
> Signed-off-by: Petr Lautrbach <plautrba@redhat.com>

Thanks, applied.

> ---
> 
> The commit hash in the commit message is fixed now.
> 
>   python/sepolicy/sepolicy/generate.py | 7 ++-----
>   1 file changed, 2 insertions(+), 5 deletions(-)
> 
> diff --git a/python/sepolicy/sepolicy/generate.py b/python/sepolicy/sepolicy/generate.py
> index 973edb9d6b91..e8d07e7d65a9 100644
> --- a/python/sepolicy/sepolicy/generate.py
> +++ b/python/sepolicy/sepolicy/generate.py
> @@ -26,7 +26,6 @@ import re
>   import sepolicy
>   from sepolicy import get_all_types, get_all_attributes, get_all_roles
>   import time
> -import platform
>   
>   from .templates import executable
>   from .templates import boolean
> @@ -1178,8 +1177,7 @@ allow %s_t %s_t:%s_socket name_%s;
>                   newsh += re.sub("TEMPLATETYPE", self.name, t1)
>   
>           newsh += self.generate_user_sh()
> -        if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
> -            newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
> +        newsh += re.sub("TEMPLATEFILE", self.file_name, script.rpm)
>   
>           return newsh
>   
> @@ -1379,7 +1377,6 @@ Warning %s does not exist
>           out += "%s # %s\n" % (self.write_if(out_dir), _("Interface file"))
>           out += "%s # %s\n" % (self.write_fc(out_dir), _("File Contexts file"))
>           if self.type != NEWTYPE:
> -            if (platform.linux_distribution(full_distribution_name=0)[0] in ("redhat", "centos", "SuSE", "fedora", "mandrake", "mandriva")):
> -                out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
> +            out += "%s # %s\n" % (self.write_spec(out_dir), _("Spec file"))
>               out += "%s # %s\n" % (self.write_sh(out_dir), _("Setup Script"))
>           return out
> 


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2019-11-12 14:35 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-11-06 10:59 [PATCH] python/sepolicy: Revert "Only invoke RPM on RPM-enabled Linux distributions" Petr Lautrbach
2019-11-06 16:50 ` Stephen Smalley
2019-11-07 10:23   ` [PATCH v2] " Petr Lautrbach
2019-11-07 13:17     ` Stephen Smalley
2019-11-12 14:35     ` Stephen Smalley

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.