* [PATCH] python: Import specific modules from setools for less deps
@ 2021-08-25 9:19 Michał Górny
2021-08-31 22:38 ` James Carter
0 siblings, 1 reply; 3+ messages in thread
From: Michał Górny @ 2021-08-25 9:19 UTC (permalink / raw)
To: selinux; +Cc: Michał Górny
Import the setools classes needed for Python bindings from specific
setools modules in order to reduce the dependency footprint
of the Python bindings. Importing the top-level module causes all
setools modules to be loaded which includes the modules that require
networkx.
SELinux packages belong to the group of core system packages on Gentoo
Linux. It is desirable to keep the system set as small as possible,
and the dependency between setools and networkx seems to be the easiest
link to break without major loss of functionality.
Signed-off-by: Michał Górny <mgorny@gentoo.org>
---
python/semanage/seobject.py | 7 ++-
python/sepolicy/sepolicy/__init__.py | 88 ++++++++++++++++------------
2 files changed, 53 insertions(+), 42 deletions(-)
diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
index 6a14f7b4..21adbf6e 100644
--- a/python/semanage/seobject.py
+++ b/python/semanage/seobject.py
@@ -31,7 +31,8 @@ import socket
from semanage import *
PROGNAME = "policycoreutils"
import sepolicy
-import setools
+from setools.policyrep import SELinuxPolicy
+from setools.typequery import TypeQuery
import ipaddress
try:
@@ -1339,7 +1340,7 @@ class ibpkeyRecords(semanageRecords):
def __init__(self, args = None):
semanageRecords.__init__(self, args)
try:
- q = setools.TypeQuery(setools.SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibpkey_type"])
+ q = TypeQuery(SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibpkey_type"])
self.valid_types = sorted(str(t) for t in q.results())
except:
pass
@@ -1599,7 +1600,7 @@ class ibendportRecords(semanageRecords):
def __init__(self, args = None):
semanageRecords.__init__(self, args)
try:
- q = setools.TypeQuery(setools.SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibendport_type"])
+ q = TypeQuery(SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibendport_type"])
self.valid_types = set(str(t) for t in q.results())
except:
pass
diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
index 9338603e..e8654abb 100644
--- a/python/sepolicy/sepolicy/__init__.py
+++ b/python/sepolicy/sepolicy/__init__.py
@@ -4,7 +4,6 @@
import errno
import selinux
-import setools
import glob
import sepolgen.defaults as defaults
import sepolgen.interfaces as interfaces
@@ -13,6 +12,17 @@ import os
import re
import gzip
+from setools.boolquery import BoolQuery
+from setools.portconquery import PortconQuery
+from setools.policyrep import SELinuxPolicy
+from setools.objclassquery import ObjClassQuery
+from setools.rbacrulequery import RBACRuleQuery
+from setools.rolequery import RoleQuery
+from setools.terulequery import TERuleQuery
+from setools.typeattrquery import TypeAttributeQuery
+from setools.typequery import TypeQuery
+from setools.userquery import UserQuery
+
PROGNAME = "policycoreutils"
try:
import gettext
@@ -168,7 +178,7 @@ def policy(policy_file):
global _pol
try:
- _pol = setools.SELinuxPolicy(policy_file)
+ _pol = SELinuxPolicy(policy_file)
except:
raise ValueError(_("Failed to read %s policy file") % policy_file)
@@ -188,7 +198,7 @@ def info(setype, name=None):
init_policy()
if setype == TYPE:
- q = setools.TypeQuery(_pol)
+ q = TypeQuery(_pol)
q.name = name
results = list(q.results())
@@ -206,7 +216,7 @@ def info(setype, name=None):
} for x in results)
elif setype == ROLE:
- q = setools.RoleQuery(_pol)
+ q = RoleQuery(_pol)
if name:
q.name = name
@@ -217,7 +227,7 @@ def info(setype, name=None):
} for x in q.results())
elif setype == ATTRIBUTE:
- q = setools.TypeAttributeQuery(_pol)
+ q = TypeAttributeQuery(_pol)
if name:
q.name = name
@@ -227,7 +237,7 @@ def info(setype, name=None):
} for x in q.results())
elif setype == PORT:
- q = setools.PortconQuery(_pol)
+ q = PortconQuery(_pol)
if name:
ports = [int(i) for i in name.split("-")]
if len(ports) == 2:
@@ -251,7 +261,7 @@ def info(setype, name=None):
} for x in q.results())
elif setype == USER:
- q = setools.UserQuery(_pol)
+ q = UserQuery(_pol)
if name:
q.name = name
@@ -268,7 +278,7 @@ def info(setype, name=None):
} for x in q.results())
elif setype == BOOLEAN:
- q = setools.BoolQuery(_pol)
+ q = BoolQuery(_pol)
if name:
q.name = name
@@ -278,7 +288,7 @@ def info(setype, name=None):
} for x in q.results())
elif setype == TCLASS:
- q = setools.ObjClassQuery(_pol)
+ q = ObjClassQuery(_pol)
if name:
q.name = name
@@ -372,11 +382,11 @@ def search(types, seinfo=None):
tertypes.append(DONTAUDIT)
if len(tertypes) > 0:
- q = setools.TERuleQuery(_pol,
- ruletype=tertypes,
- source=source,
- target=target,
- tclass=tclass)
+ q = TERuleQuery(_pol,
+ ruletype=tertypes,
+ source=source,
+ target=target,
+ tclass=tclass)
if PERMS in seinfo:
q.perms = seinfo[PERMS]
@@ -385,11 +395,11 @@ def search(types, seinfo=None):
if TRANSITION in types:
rtypes = ['type_transition', 'type_change', 'type_member']
- q = setools.TERuleQuery(_pol,
- ruletype=rtypes,
- source=source,
- target=target,
- tclass=tclass)
+ q = TERuleQuery(_pol,
+ ruletype=rtypes,
+ source=source,
+ target=target,
+ tclass=tclass)
if PERMS in seinfo:
q.perms = seinfo[PERMS]
@@ -398,11 +408,11 @@ def search(types, seinfo=None):
if ROLE_ALLOW in types:
ratypes = ['allow']
- q = setools.RBACRuleQuery(_pol,
- ruletype=ratypes,
- source=source,
- target=target,
- tclass=tclass)
+ q = RBACRuleQuery(_pol,
+ ruletype=ratypes,
+ source=source,
+ target=target,
+ tclass=tclass)
for r in q.results():
toret.append({'source': str(r.source),
@@ -720,11 +730,11 @@ def get_all_entrypoints():
def get_entrypoint_types(setype):
- q = setools.TERuleQuery(_pol,
- ruletype=[ALLOW],
- source=setype,
- tclass=["file"],
- perms=["entrypoint"])
+ q = TERuleQuery(_pol,
+ ruletype=[ALLOW],
+ source=setype,
+ tclass=["file"],
+ perms=["entrypoint"])
return [str(x.target) for x in q.results() if x.source == setype]
@@ -739,10 +749,10 @@ def get_init_transtype(path):
def get_init_entrypoint(transtype):
- q = setools.TERuleQuery(_pol,
- ruletype=["type_transition"],
- source="init_t",
- tclass=["process"])
+ q = TERuleQuery(_pol,
+ ruletype=["type_transition"],
+ source="init_t",
+ tclass=["process"])
entrypoints = []
for i in q.results():
try:
@@ -754,10 +764,10 @@ def get_init_entrypoint(transtype):
return entrypoints
def get_init_entrypoints_str():
- q = setools.TERuleQuery(_pol,
- ruletype=["type_transition"],
- source="init_t",
- tclass=["process"])
+ q = TERuleQuery(_pol,
+ ruletype=["type_transition"],
+ source="init_t",
+ tclass=["process"])
entrypoints = {}
for i in q.results():
try:
@@ -837,7 +847,7 @@ def get_all_role_allows():
return role_allows
role_allows = {}
- q = setools.RBACRuleQuery(_pol, ruletype=[ALLOW])
+ q = RBACRuleQuery(_pol, ruletype=[ALLOW])
for r in q.results():
src = str(r.source)
tgt = str(r.target)
@@ -923,7 +933,7 @@ def get_all_roles():
if not _pol:
init_policy()
- q = setools.RoleQuery(_pol)
+ q = RoleQuery(_pol)
roles = [str(x) for x in q.results() if str(x) != "object_r"]
return roles
--
2.33.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH] python: Import specific modules from setools for less deps
2021-08-25 9:19 [PATCH] python: Import specific modules from setools for less deps Michał Górny
@ 2021-08-31 22:38 ` James Carter
2021-09-02 16:27 ` James Carter
0 siblings, 1 reply; 3+ messages in thread
From: James Carter @ 2021-08-31 22:38 UTC (permalink / raw)
To: Michał Górny; +Cc: SElinux list
On Wed, Aug 25, 2021 at 5:27 AM Michał Górny <mgorny@gentoo.org> wrote:
>
> Import the setools classes needed for Python bindings from specific
> setools modules in order to reduce the dependency footprint
> of the Python bindings. Importing the top-level module causes all
> setools modules to be loaded which includes the modules that require
> networkx.
>
> SELinux packages belong to the group of core system packages on Gentoo
> Linux. It is desirable to keep the system set as small as possible,
> and the dependency between setools and networkx seems to be the easiest
> link to break without major loss of functionality.
>
> Signed-off-by: Michał Górny <mgorny@gentoo.org>
Acked-by: James Carter <jwcart2@gmail.com>
> ---
> python/semanage/seobject.py | 7 ++-
> python/sepolicy/sepolicy/__init__.py | 88 ++++++++++++++++------------
> 2 files changed, 53 insertions(+), 42 deletions(-)
>
> diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
> index 6a14f7b4..21adbf6e 100644
> --- a/python/semanage/seobject.py
> +++ b/python/semanage/seobject.py
> @@ -31,7 +31,8 @@ import socket
> from semanage import *
> PROGNAME = "policycoreutils"
> import sepolicy
> -import setools
> +from setools.policyrep import SELinuxPolicy
> +from setools.typequery import TypeQuery
> import ipaddress
>
> try:
> @@ -1339,7 +1340,7 @@ class ibpkeyRecords(semanageRecords):
> def __init__(self, args = None):
> semanageRecords.__init__(self, args)
> try:
> - q = setools.TypeQuery(setools.SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibpkey_type"])
> + q = TypeQuery(SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibpkey_type"])
> self.valid_types = sorted(str(t) for t in q.results())
> except:
> pass
> @@ -1599,7 +1600,7 @@ class ibendportRecords(semanageRecords):
> def __init__(self, args = None):
> semanageRecords.__init__(self, args)
> try:
> - q = setools.TypeQuery(setools.SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibendport_type"])
> + q = TypeQuery(SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibendport_type"])
> self.valid_types = set(str(t) for t in q.results())
> except:
> pass
> diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
> index 9338603e..e8654abb 100644
> --- a/python/sepolicy/sepolicy/__init__.py
> +++ b/python/sepolicy/sepolicy/__init__.py
> @@ -4,7 +4,6 @@
>
> import errno
> import selinux
> -import setools
> import glob
> import sepolgen.defaults as defaults
> import sepolgen.interfaces as interfaces
> @@ -13,6 +12,17 @@ import os
> import re
> import gzip
>
> +from setools.boolquery import BoolQuery
> +from setools.portconquery import PortconQuery
> +from setools.policyrep import SELinuxPolicy
> +from setools.objclassquery import ObjClassQuery
> +from setools.rbacrulequery import RBACRuleQuery
> +from setools.rolequery import RoleQuery
> +from setools.terulequery import TERuleQuery
> +from setools.typeattrquery import TypeAttributeQuery
> +from setools.typequery import TypeQuery
> +from setools.userquery import UserQuery
> +
> PROGNAME = "policycoreutils"
> try:
> import gettext
> @@ -168,7 +178,7 @@ def policy(policy_file):
> global _pol
>
> try:
> - _pol = setools.SELinuxPolicy(policy_file)
> + _pol = SELinuxPolicy(policy_file)
> except:
> raise ValueError(_("Failed to read %s policy file") % policy_file)
>
> @@ -188,7 +198,7 @@ def info(setype, name=None):
> init_policy()
>
> if setype == TYPE:
> - q = setools.TypeQuery(_pol)
> + q = TypeQuery(_pol)
> q.name = name
> results = list(q.results())
>
> @@ -206,7 +216,7 @@ def info(setype, name=None):
> } for x in results)
>
> elif setype == ROLE:
> - q = setools.RoleQuery(_pol)
> + q = RoleQuery(_pol)
> if name:
> q.name = name
>
> @@ -217,7 +227,7 @@ def info(setype, name=None):
> } for x in q.results())
>
> elif setype == ATTRIBUTE:
> - q = setools.TypeAttributeQuery(_pol)
> + q = TypeAttributeQuery(_pol)
> if name:
> q.name = name
>
> @@ -227,7 +237,7 @@ def info(setype, name=None):
> } for x in q.results())
>
> elif setype == PORT:
> - q = setools.PortconQuery(_pol)
> + q = PortconQuery(_pol)
> if name:
> ports = [int(i) for i in name.split("-")]
> if len(ports) == 2:
> @@ -251,7 +261,7 @@ def info(setype, name=None):
> } for x in q.results())
>
> elif setype == USER:
> - q = setools.UserQuery(_pol)
> + q = UserQuery(_pol)
> if name:
> q.name = name
>
> @@ -268,7 +278,7 @@ def info(setype, name=None):
> } for x in q.results())
>
> elif setype == BOOLEAN:
> - q = setools.BoolQuery(_pol)
> + q = BoolQuery(_pol)
> if name:
> q.name = name
>
> @@ -278,7 +288,7 @@ def info(setype, name=None):
> } for x in q.results())
>
> elif setype == TCLASS:
> - q = setools.ObjClassQuery(_pol)
> + q = ObjClassQuery(_pol)
> if name:
> q.name = name
>
> @@ -372,11 +382,11 @@ def search(types, seinfo=None):
> tertypes.append(DONTAUDIT)
>
> if len(tertypes) > 0:
> - q = setools.TERuleQuery(_pol,
> - ruletype=tertypes,
> - source=source,
> - target=target,
> - tclass=tclass)
> + q = TERuleQuery(_pol,
> + ruletype=tertypes,
> + source=source,
> + target=target,
> + tclass=tclass)
>
> if PERMS in seinfo:
> q.perms = seinfo[PERMS]
> @@ -385,11 +395,11 @@ def search(types, seinfo=None):
>
> if TRANSITION in types:
> rtypes = ['type_transition', 'type_change', 'type_member']
> - q = setools.TERuleQuery(_pol,
> - ruletype=rtypes,
> - source=source,
> - target=target,
> - tclass=tclass)
> + q = TERuleQuery(_pol,
> + ruletype=rtypes,
> + source=source,
> + target=target,
> + tclass=tclass)
>
> if PERMS in seinfo:
> q.perms = seinfo[PERMS]
> @@ -398,11 +408,11 @@ def search(types, seinfo=None):
>
> if ROLE_ALLOW in types:
> ratypes = ['allow']
> - q = setools.RBACRuleQuery(_pol,
> - ruletype=ratypes,
> - source=source,
> - target=target,
> - tclass=tclass)
> + q = RBACRuleQuery(_pol,
> + ruletype=ratypes,
> + source=source,
> + target=target,
> + tclass=tclass)
>
> for r in q.results():
> toret.append({'source': str(r.source),
> @@ -720,11 +730,11 @@ def get_all_entrypoints():
>
>
> def get_entrypoint_types(setype):
> - q = setools.TERuleQuery(_pol,
> - ruletype=[ALLOW],
> - source=setype,
> - tclass=["file"],
> - perms=["entrypoint"])
> + q = TERuleQuery(_pol,
> + ruletype=[ALLOW],
> + source=setype,
> + tclass=["file"],
> + perms=["entrypoint"])
> return [str(x.target) for x in q.results() if x.source == setype]
>
>
> @@ -739,10 +749,10 @@ def get_init_transtype(path):
>
>
> def get_init_entrypoint(transtype):
> - q = setools.TERuleQuery(_pol,
> - ruletype=["type_transition"],
> - source="init_t",
> - tclass=["process"])
> + q = TERuleQuery(_pol,
> + ruletype=["type_transition"],
> + source="init_t",
> + tclass=["process"])
> entrypoints = []
> for i in q.results():
> try:
> @@ -754,10 +764,10 @@ def get_init_entrypoint(transtype):
> return entrypoints
>
> def get_init_entrypoints_str():
> - q = setools.TERuleQuery(_pol,
> - ruletype=["type_transition"],
> - source="init_t",
> - tclass=["process"])
> + q = TERuleQuery(_pol,
> + ruletype=["type_transition"],
> + source="init_t",
> + tclass=["process"])
> entrypoints = {}
> for i in q.results():
> try:
> @@ -837,7 +847,7 @@ def get_all_role_allows():
> return role_allows
> role_allows = {}
>
> - q = setools.RBACRuleQuery(_pol, ruletype=[ALLOW])
> + q = RBACRuleQuery(_pol, ruletype=[ALLOW])
> for r in q.results():
> src = str(r.source)
> tgt = str(r.target)
> @@ -923,7 +933,7 @@ def get_all_roles():
> if not _pol:
> init_policy()
>
> - q = setools.RoleQuery(_pol)
> + q = RoleQuery(_pol)
> roles = [str(x) for x in q.results() if str(x) != "object_r"]
> return roles
>
> --
> 2.33.0
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] python: Import specific modules from setools for less deps
2021-08-31 22:38 ` James Carter
@ 2021-09-02 16:27 ` James Carter
0 siblings, 0 replies; 3+ messages in thread
From: James Carter @ 2021-09-02 16:27 UTC (permalink / raw)
To: Michał Górny; +Cc: SElinux list
On Tue, Aug 31, 2021 at 6:38 PM James Carter <jwcart2@gmail.com> wrote:
>
> On Wed, Aug 25, 2021 at 5:27 AM Michał Górny <mgorny@gentoo.org> wrote:
> >
> > Import the setools classes needed for Python bindings from specific
> > setools modules in order to reduce the dependency footprint
> > of the Python bindings. Importing the top-level module causes all
> > setools modules to be loaded which includes the modules that require
> > networkx.
> >
> > SELinux packages belong to the group of core system packages on Gentoo
> > Linux. It is desirable to keep the system set as small as possible,
> > and the dependency between setools and networkx seems to be the easiest
> > link to break without major loss of functionality.
> >
> > Signed-off-by: Michał Górny <mgorny@gentoo.org>
>
> Acked-by: James Carter <jwcart2@gmail.com>
>
Merged.
Thanks,
Jim
> > ---
> > python/semanage/seobject.py | 7 ++-
> > python/sepolicy/sepolicy/__init__.py | 88 ++++++++++++++++------------
> > 2 files changed, 53 insertions(+), 42 deletions(-)
> >
> > diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
> > index 6a14f7b4..21adbf6e 100644
> > --- a/python/semanage/seobject.py
> > +++ b/python/semanage/seobject.py
> > @@ -31,7 +31,8 @@ import socket
> > from semanage import *
> > PROGNAME = "policycoreutils"
> > import sepolicy
> > -import setools
> > +from setools.policyrep import SELinuxPolicy
> > +from setools.typequery import TypeQuery
> > import ipaddress
> >
> > try:
> > @@ -1339,7 +1340,7 @@ class ibpkeyRecords(semanageRecords):
> > def __init__(self, args = None):
> > semanageRecords.__init__(self, args)
> > try:
> > - q = setools.TypeQuery(setools.SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibpkey_type"])
> > + q = TypeQuery(SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibpkey_type"])
> > self.valid_types = sorted(str(t) for t in q.results())
> > except:
> > pass
> > @@ -1599,7 +1600,7 @@ class ibendportRecords(semanageRecords):
> > def __init__(self, args = None):
> > semanageRecords.__init__(self, args)
> > try:
> > - q = setools.TypeQuery(setools.SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibendport_type"])
> > + q = TypeQuery(SELinuxPolicy(sepolicy.get_store_policy(self.store)), attrs=["ibendport_type"])
> > self.valid_types = set(str(t) for t in q.results())
> > except:
> > pass
> > diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
> > index 9338603e..e8654abb 100644
> > --- a/python/sepolicy/sepolicy/__init__.py
> > +++ b/python/sepolicy/sepolicy/__init__.py
> > @@ -4,7 +4,6 @@
> >
> > import errno
> > import selinux
> > -import setools
> > import glob
> > import sepolgen.defaults as defaults
> > import sepolgen.interfaces as interfaces
> > @@ -13,6 +12,17 @@ import os
> > import re
> > import gzip
> >
> > +from setools.boolquery import BoolQuery
> > +from setools.portconquery import PortconQuery
> > +from setools.policyrep import SELinuxPolicy
> > +from setools.objclassquery import ObjClassQuery
> > +from setools.rbacrulequery import RBACRuleQuery
> > +from setools.rolequery import RoleQuery
> > +from setools.terulequery import TERuleQuery
> > +from setools.typeattrquery import TypeAttributeQuery
> > +from setools.typequery import TypeQuery
> > +from setools.userquery import UserQuery
> > +
> > PROGNAME = "policycoreutils"
> > try:
> > import gettext
> > @@ -168,7 +178,7 @@ def policy(policy_file):
> > global _pol
> >
> > try:
> > - _pol = setools.SELinuxPolicy(policy_file)
> > + _pol = SELinuxPolicy(policy_file)
> > except:
> > raise ValueError(_("Failed to read %s policy file") % policy_file)
> >
> > @@ -188,7 +198,7 @@ def info(setype, name=None):
> > init_policy()
> >
> > if setype == TYPE:
> > - q = setools.TypeQuery(_pol)
> > + q = TypeQuery(_pol)
> > q.name = name
> > results = list(q.results())
> >
> > @@ -206,7 +216,7 @@ def info(setype, name=None):
> > } for x in results)
> >
> > elif setype == ROLE:
> > - q = setools.RoleQuery(_pol)
> > + q = RoleQuery(_pol)
> > if name:
> > q.name = name
> >
> > @@ -217,7 +227,7 @@ def info(setype, name=None):
> > } for x in q.results())
> >
> > elif setype == ATTRIBUTE:
> > - q = setools.TypeAttributeQuery(_pol)
> > + q = TypeAttributeQuery(_pol)
> > if name:
> > q.name = name
> >
> > @@ -227,7 +237,7 @@ def info(setype, name=None):
> > } for x in q.results())
> >
> > elif setype == PORT:
> > - q = setools.PortconQuery(_pol)
> > + q = PortconQuery(_pol)
> > if name:
> > ports = [int(i) for i in name.split("-")]
> > if len(ports) == 2:
> > @@ -251,7 +261,7 @@ def info(setype, name=None):
> > } for x in q.results())
> >
> > elif setype == USER:
> > - q = setools.UserQuery(_pol)
> > + q = UserQuery(_pol)
> > if name:
> > q.name = name
> >
> > @@ -268,7 +278,7 @@ def info(setype, name=None):
> > } for x in q.results())
> >
> > elif setype == BOOLEAN:
> > - q = setools.BoolQuery(_pol)
> > + q = BoolQuery(_pol)
> > if name:
> > q.name = name
> >
> > @@ -278,7 +288,7 @@ def info(setype, name=None):
> > } for x in q.results())
> >
> > elif setype == TCLASS:
> > - q = setools.ObjClassQuery(_pol)
> > + q = ObjClassQuery(_pol)
> > if name:
> > q.name = name
> >
> > @@ -372,11 +382,11 @@ def search(types, seinfo=None):
> > tertypes.append(DONTAUDIT)
> >
> > if len(tertypes) > 0:
> > - q = setools.TERuleQuery(_pol,
> > - ruletype=tertypes,
> > - source=source,
> > - target=target,
> > - tclass=tclass)
> > + q = TERuleQuery(_pol,
> > + ruletype=tertypes,
> > + source=source,
> > + target=target,
> > + tclass=tclass)
> >
> > if PERMS in seinfo:
> > q.perms = seinfo[PERMS]
> > @@ -385,11 +395,11 @@ def search(types, seinfo=None):
> >
> > if TRANSITION in types:
> > rtypes = ['type_transition', 'type_change', 'type_member']
> > - q = setools.TERuleQuery(_pol,
> > - ruletype=rtypes,
> > - source=source,
> > - target=target,
> > - tclass=tclass)
> > + q = TERuleQuery(_pol,
> > + ruletype=rtypes,
> > + source=source,
> > + target=target,
> > + tclass=tclass)
> >
> > if PERMS in seinfo:
> > q.perms = seinfo[PERMS]
> > @@ -398,11 +408,11 @@ def search(types, seinfo=None):
> >
> > if ROLE_ALLOW in types:
> > ratypes = ['allow']
> > - q = setools.RBACRuleQuery(_pol,
> > - ruletype=ratypes,
> > - source=source,
> > - target=target,
> > - tclass=tclass)
> > + q = RBACRuleQuery(_pol,
> > + ruletype=ratypes,
> > + source=source,
> > + target=target,
> > + tclass=tclass)
> >
> > for r in q.results():
> > toret.append({'source': str(r.source),
> > @@ -720,11 +730,11 @@ def get_all_entrypoints():
> >
> >
> > def get_entrypoint_types(setype):
> > - q = setools.TERuleQuery(_pol,
> > - ruletype=[ALLOW],
> > - source=setype,
> > - tclass=["file"],
> > - perms=["entrypoint"])
> > + q = TERuleQuery(_pol,
> > + ruletype=[ALLOW],
> > + source=setype,
> > + tclass=["file"],
> > + perms=["entrypoint"])
> > return [str(x.target) for x in q.results() if x.source == setype]
> >
> >
> > @@ -739,10 +749,10 @@ def get_init_transtype(path):
> >
> >
> > def get_init_entrypoint(transtype):
> > - q = setools.TERuleQuery(_pol,
> > - ruletype=["type_transition"],
> > - source="init_t",
> > - tclass=["process"])
> > + q = TERuleQuery(_pol,
> > + ruletype=["type_transition"],
> > + source="init_t",
> > + tclass=["process"])
> > entrypoints = []
> > for i in q.results():
> > try:
> > @@ -754,10 +764,10 @@ def get_init_entrypoint(transtype):
> > return entrypoints
> >
> > def get_init_entrypoints_str():
> > - q = setools.TERuleQuery(_pol,
> > - ruletype=["type_transition"],
> > - source="init_t",
> > - tclass=["process"])
> > + q = TERuleQuery(_pol,
> > + ruletype=["type_transition"],
> > + source="init_t",
> > + tclass=["process"])
> > entrypoints = {}
> > for i in q.results():
> > try:
> > @@ -837,7 +847,7 @@ def get_all_role_allows():
> > return role_allows
> > role_allows = {}
> >
> > - q = setools.RBACRuleQuery(_pol, ruletype=[ALLOW])
> > + q = RBACRuleQuery(_pol, ruletype=[ALLOW])
> > for r in q.results():
> > src = str(r.source)
> > tgt = str(r.target)
> > @@ -923,7 +933,7 @@ def get_all_roles():
> > if not _pol:
> > init_policy()
> >
> > - q = setools.RoleQuery(_pol)
> > + q = RoleQuery(_pol)
> > roles = [str(x) for x in q.results() if str(x) != "object_r"]
> > return roles
> >
> > --
> > 2.33.0
> >
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-09-02 16:27 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-25 9:19 [PATCH] python: Import specific modules from setools for less deps Michał Górny
2021-08-31 22:38 ` James Carter
2021-09-02 16:27 ` James Carter
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.