* Adding a typo-checker for the .fc files of refpolicy [not found] <CAJfZ7=ndO=f0p6Gb=5FaZWA05Ra8vrSnDGfwmCjepLs3SWVrcg@mail.gmail.com> @ 2019-08-18 20:38 ` Nicolas Iooss 2019-08-27 4:05 ` Chris PeBenito 0 siblings, 1 reply; 3+ messages in thread From: Nicolas Iooss @ 2019-08-18 20:38 UTC (permalink / raw) To: selinux-refpolicy Hello, After introducing a buggy file context in the policy (which will be fixed with https://github.com/SELinuxProject/refpolicy/pull/66), I decided to write a typo-checker for the .fc files. I am re-using some code I have already written in order to label files in /usr/bin correctly on Arch Linux (I wrote this for https://github.com/SELinuxProject/refpolicy/pull/19). It seems it already caught another issue in policy/modules/services/monit.fc. The "s9" seems to be a misspelling for "s0" in: /etc/rc\.d/init\.d/monit -- gen_context(system_u:object_r:monit_initrc_exec_t,s9) Is there an interest in having such a script in the repository? If yes, in which directory? In my humble opinion, it would be nice to have such a script and to make Travis-CI run it. I nevertheless feels uncomfortable with putting it in the "support" directory, because it is not involved in building or installing the reference policy. I am therefore suggesting creating a new directory, named "bin" or "scripts". Such a directory would contain scripts such as this typo-checker and some other scripts that could be useful when working on refpolicy. What do you think about this? Thanks, Nicolas ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Adding a typo-checker for the .fc files of refpolicy 2019-08-18 20:38 ` Adding a typo-checker for the .fc files of refpolicy Nicolas Iooss @ 2019-08-27 4:05 ` Chris PeBenito 2019-08-27 21:20 ` Nicolas Iooss 0 siblings, 1 reply; 3+ messages in thread From: Chris PeBenito @ 2019-08-27 4:05 UTC (permalink / raw) To: Nicolas Iooss, selinux-refpolicy On 8/18/19 4:38 PM, Nicolas Iooss wrote: > Hello, > > After introducing a buggy file context in the policy (which will be > fixed with https://github.com/SELinuxProject/refpolicy/pull/66), I > decided to write a typo-checker for the .fc files. I am re-using some > code I have already written in order to label files in /usr/bin > correctly on Arch Linux (I wrote this for > https://github.com/SELinuxProject/refpolicy/pull/19). It seems it > already caught another issue in policy/modules/services/monit.fc. The > "s9" seems to be a misspelling for "s0" in: > > /etc/rc\.d/init\.d/monit -- > gen_context(system_u:object_r:monit_initrc_exec_t,s9) > > Is there an interest in having such a script in the repository? If What are the checks? > yes, in which directory? > > In my humble opinion, it would be nice to have such a script and to > make Travis-CI run it. I nevertheless feels uncomfortable with putting > it in the "support" directory, because it is not involved in building > or installing the reference policy. I am therefore suggesting creating > a new directory, named "bin" or "scripts". Such a directory would > contain scripts such as this typo-checker and some other scripts that > could be useful when working on refpolicy. What do you think about > this? "testing" might work too. -- Chris PeBenito ^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Adding a typo-checker for the .fc files of refpolicy 2019-08-27 4:05 ` Chris PeBenito @ 2019-08-27 21:20 ` Nicolas Iooss 0 siblings, 0 replies; 3+ messages in thread From: Nicolas Iooss @ 2019-08-27 21:20 UTC (permalink / raw) To: Chris PeBenito; +Cc: selinux-refpolicy On Tue, Aug 27, 2019 at 6:05 AM Chris PeBenito <pebenito@ieee.org> wrote: > > On 8/18/19 4:38 PM, Nicolas Iooss wrote: > > Hello, > > > > After introducing a buggy file context in the policy (which will be > > fixed with https://github.com/SELinuxProject/refpolicy/pull/66), I > > decided to write a typo-checker for the .fc files. I am re-using some > > code I have already written in order to label files in /usr/bin > > correctly on Arch Linux (I wrote this for > > https://github.com/SELinuxProject/refpolicy/pull/19). It seems it > > already caught another issue in policy/modules/services/monit.fc. The > > "s9" seems to be a misspelling for "s0" in: > > > > /etc/rc\.d/init\.d/monit -- > > gen_context(system_u:object_r:monit_initrc_exec_t,s9) > > > > Is there an interest in having such a script in the repository? If > > What are the checks? > > > > yes, in which directory? > > > > In my humble opinion, it would be nice to have such a script and to > > make Travis-CI run it. I nevertheless feels uncomfortable with putting > > it in the "support" directory, because it is not involved in building > > or installing the reference policy. I am therefore suggesting creating > > a new directory, named "bin" or "scripts". Such a directory would > > contain scripts such as this typo-checker and some other scripts that > > could be useful when working on refpolicy. What do you think about > > this? > > "testing" might work too. Let's got for "testing" then. I began with tests about the endings of patterns, then added checks on patterns such as "(.*)?", etc. As the first version of my checker is ready for comments/review, I opened a Pull Request: https://github.com/SELinuxProject/refpolicy/pull/74. I tried to write understandable comments in order to make it easier to know what is checked. Thanks, Nicolas ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-08-27 21:20 UTC | newest] Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed) -- links below jump to the message on this page -- [not found] <CAJfZ7=ndO=f0p6Gb=5FaZWA05Ra8vrSnDGfwmCjepLs3SWVrcg@mail.gmail.com> 2019-08-18 20:38 ` Adding a typo-checker for the .fc files of refpolicy Nicolas Iooss 2019-08-27 4:05 ` Chris PeBenito 2019-08-27 21:20 ` Nicolas Iooss
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).