SELinux Archive on lore.kernel.org
 help / Atom feed
* [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings
@ 2018-12-19 22:13 Nicolas Iooss
  2018-12-19 22:13 ` [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so Nicolas Iooss
  2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
  0 siblings, 2 replies; 4+ messages in thread
From: Nicolas Iooss @ 2018-12-19 22:13 UTC (permalink / raw)
  To: selinux

flake8 reports many warnings on script semanage_migrate_store:

    E225 missing whitespace around operator
    E302 expected 2 blank lines, found 1
    E701 multiple statements on one line (colon)
    E703 statement ends with a semicolon
    E722 do not use bare 'except'
    ...

Fix some of them in order to reduce the noise.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
This patch is needed to prepare making scripts/run-flake8 analyze Python
scripts with names that do not end with ".py".

 libsemanage/utils/semanage_migrate_store | 40 +++++++++++++++---------
 1 file changed, 25 insertions(+), 15 deletions(-)

diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
index b789d0424541..7b5bee819e24 100755
--- a/libsemanage/utils/semanage_migrate_store
+++ b/libsemanage/utils/semanage_migrate_store
@@ -27,12 +27,13 @@ def copy_file(src, dst):
 		shutil.copy(src, dst)
 	except OSError as the_err:
 		(err, strerr) = the_err.args
-		print("Could not copy %s to %s, %s" %(src, dst, strerr), file=sys.stderr)
+		print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
 		exit(1)
 
 
 def create_dir(dst, mode):
-	if DEBUG: print("Making directory %s" % dst)
+	if DEBUG:
+		print("Making directory %s" % dst)
 	try:
 		os.makedirs(dst, mode)
 	except OSError as the_err:
@@ -45,7 +46,8 @@ def create_dir(dst, mode):
 
 
 def create_file(dst):
-	if DEBUG: print("Making file %s" % dst)
+	if DEBUG:
+		print("Making file %s" % dst)
 	try:
 		open(dst, 'a').close()
 	except OSError as the_err:
@@ -55,7 +57,8 @@ def create_file(dst):
 
 
 def copy_module(store, name, base):
-	if DEBUG: print("Install module %s" % name)
+	if DEBUG:
+		print("Install module %s" % name)
 	(file, ext) = os.path.splitext(name)
 	if ext != ".pp":
 		# Stray non-pp file in modules directory, skip
@@ -78,24 +81,25 @@ def copy_module(store, name, base):
 		efile.write("pp")
 		efile.close()
 
-	except:
+	except (IOError, OSError):
 		print("Error installing module %s" % name, file=sys.stderr)
 		exit(1)
 
 
 def disable_module(file, name, disabledmodules):
-	if DEBUG: print("Disabling %s" % name)
+	if DEBUG:
+		print("Disabling %s" % name)
 	(disabledname, disabledext) = os.path.splitext(file)
 	create_file("%s/%s" % (disabledmodules, disabledname))
 
-def migrate_store(store):
 
-	oldstore = oldstore_path(store);
-	oldmodules = oldmodules_path(store);
-	disabledmodules = disabledmodules_path(store);
-	newstore = newstore_path(store);
-	newmodules = newmodules_path(store);
-	bottomdir = bottomdir_path(store);
+def migrate_store(store):
+	oldstore = oldstore_path(store)
+	oldmodules = oldmodules_path(store)
+	disabledmodules = disabledmodules_path(store)
+	newstore = newstore_path(store)
+	newmodules = newmodules_path(store)
+	bottomdir = bottomdir_path(store)
 
 	print("Migrating from %s to %s" % (oldstore, newstore))
 
@@ -134,6 +138,7 @@ def migrate_store(store):
 				else:
 					copy_module(store, name, 0)
 
+
 def rebuild_policy():
 	# Ok, the modules are loaded, lets try to rebuild the policy
 	print("Attempting to rebuild policy from %s" % newroot_path())
@@ -182,24 +187,31 @@ def rebuild_policy():
 def oldroot_path():
 	return "%s/etc/selinux" % ROOT
 
+
 def oldstore_path(store):
 	return "%s/%s/modules/active" % (oldroot_path(), store)
 
+
 def oldmodules_path(store):
 	return "%s/modules" % oldstore_path(store)
 
+
 def disabledmodules_path(store):
 	return "%s/disabled" % newmodules_path(store)
 
+
 def newroot_path():
 	return "%s%s" % (ROOT, PATH)
 
+
 def newstore_path(store):
 	return "%s/%s/active" % (newroot_path(), store)
 
+
 def newmodules_path(store):
 	return "%s/modules" % newstore_path(store)
 
+
 def bottomdir_path(store):
 	return "%s/%s" % (newmodules_path(store), PRIORITY)
 
@@ -257,7 +269,6 @@ if __name__ == "__main__":
 		"pkeys.local",
 		"ibendports.local"]
 
-
 	create_dir(newroot_path(), 0o755)
 
 	stores = None
@@ -286,4 +297,3 @@ if __name__ == "__main__":
 
 	if NOREBUILD is False:
 		rebuild_policy()
-
-- 
2.19.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so
  2018-12-19 22:13 [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings Nicolas Iooss
@ 2018-12-19 22:13 ` Nicolas Iooss
  2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
  1 sibling, 0 replies; 4+ messages in thread
From: Nicolas Iooss @ 2018-12-19 22:13 UTC (permalink / raw)
  To: selinux

semanage_migrate_store loads libsepol.so using ctypes but never uses it.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 libsemanage/utils/semanage_migrate_store | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
index 7b5bee819e24..360f143e9fca 100755
--- a/libsemanage/utils/semanage_migrate_store
+++ b/libsemanage/utils/semanage_migrate_store
@@ -8,9 +8,6 @@ import shutil
 import sys
 from optparse import OptionParser
 
-import ctypes
-
-sepol = ctypes.cdll.LoadLibrary('libsepol.so.1')
 
 try:
 	import selinux
-- 
2.19.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 3/3] semanage_migrate_store: switch to space indentation
  2018-12-19 22:13 [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings Nicolas Iooss
  2018-12-19 22:13 ` [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so Nicolas Iooss
@ 2018-12-19 22:13 ` Nicolas Iooss
  2019-01-04 12:28   ` Petr Lautrbach
  1 sibling, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2018-12-19 22:13 UTC (permalink / raw)
  To: selinux

The script used both tabs and space to indent the code, using a tab
length of 8 (in calls to parser.add_option(...)). Make the code more
readable by using spaces for indentation everywhere.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 libsemanage/utils/semanage_migrate_store | 438 +++++++++++------------
 1 file changed, 219 insertions(+), 219 deletions(-)

diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
index 360f143e9fca..018b1a3e62c2 100755
--- a/libsemanage/utils/semanage_migrate_store
+++ b/libsemanage/utils/semanage_migrate_store
@@ -10,287 +10,287 @@ from optparse import OptionParser
 
 
 try:
-	import selinux
-	import semanage
+    import selinux
+    import semanage
 except ImportError:
-	print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
-	exit(1)
+    print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
+    exit(1)
 
 
 def copy_file(src, dst):
-	if DEBUG:
-		print("copying %s to %s" % (src, dst))
-	try:
-		shutil.copy(src, dst)
-	except OSError as the_err:
-		(err, strerr) = the_err.args
-		print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
-		exit(1)
+    if DEBUG:
+        print("copying %s to %s" % (src, dst))
+    try:
+        shutil.copy(src, dst)
+    except OSError as the_err:
+        (err, strerr) = the_err.args
+        print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
+        exit(1)
 
 
 def create_dir(dst, mode):
-	if DEBUG:
-		print("Making directory %s" % dst)
-	try:
-		os.makedirs(dst, mode)
-	except OSError as the_err:
-		(err, stderr) = the_err.args
-		if err == errno.EEXIST:
-			pass
-		else:
-			print("Error creating %s" % dst, file=sys.stderr)
-			exit(1)
+    if DEBUG:
+        print("Making directory %s" % dst)
+    try:
+        os.makedirs(dst, mode)
+    except OSError as the_err:
+        (err, stderr) = the_err.args
+        if err == errno.EEXIST:
+            pass
+        else:
+            print("Error creating %s" % dst, file=sys.stderr)
+            exit(1)
 
 
 def create_file(dst):
-	if DEBUG:
-		print("Making file %s" % dst)
-	try:
-		open(dst, 'a').close()
-	except OSError as the_err:
-		(err, stderr) = the_err.args
-		print("Error creating %s" % dst, file=sys.stderr)
-		exit(1)
+    if DEBUG:
+        print("Making file %s" % dst)
+    try:
+        open(dst, 'a').close()
+    except OSError as the_err:
+        (err, stderr) = the_err.args
+        print("Error creating %s" % dst, file=sys.stderr)
+        exit(1)
 
 
 def copy_module(store, name, base):
-	if DEBUG:
-		print("Install module %s" % name)
-	(file, ext) = os.path.splitext(name)
-	if ext != ".pp":
-		# Stray non-pp file in modules directory, skip
-		print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
-		return
-	try:
-		if base:
-			root = oldstore_path(store)
-		else:
-			root = oldmodules_path(store)
+    if DEBUG:
+        print("Install module %s" % name)
+    (file, ext) = os.path.splitext(name)
+    if ext != ".pp":
+        # Stray non-pp file in modules directory, skip
+        print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
+        return
+    try:
+        if base:
+            root = oldstore_path(store)
+        else:
+            root = oldmodules_path(store)
 
-		bottomdir = bottomdir_path(store)
+        bottomdir = bottomdir_path(store)
 
-		os.mkdir("%s/%s" % (bottomdir, file))
+        os.mkdir("%s/%s" % (bottomdir, file))
 
-		copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
+        copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
 
-		# This is the ext file that will eventually be used to choose a compiler
-		efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
-		efile.write("pp")
-		efile.close()
+        # This is the ext file that will eventually be used to choose a compiler
+        efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
+        efile.write("pp")
+        efile.close()
 
-	except (IOError, OSError):
-		print("Error installing module %s" % name, file=sys.stderr)
-		exit(1)
+    except (IOError, OSError):
+        print("Error installing module %s" % name, file=sys.stderr)
+        exit(1)
 
 
 def disable_module(file, name, disabledmodules):
-	if DEBUG:
-		print("Disabling %s" % name)
-	(disabledname, disabledext) = os.path.splitext(file)
-	create_file("%s/%s" % (disabledmodules, disabledname))
+    if DEBUG:
+        print("Disabling %s" % name)
+    (disabledname, disabledext) = os.path.splitext(file)
+    create_file("%s/%s" % (disabledmodules, disabledname))
 
 
 def migrate_store(store):
-	oldstore = oldstore_path(store)
-	oldmodules = oldmodules_path(store)
-	disabledmodules = disabledmodules_path(store)
-	newstore = newstore_path(store)
-	newmodules = newmodules_path(store)
-	bottomdir = bottomdir_path(store)
-
-	print("Migrating from %s to %s" % (oldstore, newstore))
-
-	# Build up new directory structure
-	create_dir("%s/%s" % (newroot_path(), store), 0o755)
-	create_dir(newstore, 0o700)
-	create_dir(newmodules, 0o700)
-	create_dir(bottomdir, 0o700)
-	create_dir(disabledmodules, 0o700)
-
-	# Special case for base since it was in a different location
-	copy_module(store, "base.pp", 1)
-
-	# Dir structure built, start copying files
-	for root, dirs, files in os.walk(oldstore):
-		if root == oldstore:
-			# This is the top level directory, need to move
-			for name in files:
-				# Check to see if it is in TOPPATHS and copy if so
-				if name in TOPPATHS:
-					if name == "seusers":
-						newname = "seusers.local"
-					else:
-						newname = name
-					copy_file(os.path.join(root, name), os.path.join(newstore, newname))
-
-		elif root == oldmodules:
-			# This should be the modules directory
-			for name in files:
-				(file, ext) = os.path.splitext(name)
-				if name == "base.pp":
-					print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
-					exit(1)
-				elif ext == ".disabled":
-					disable_module(file, name, disabledmodules)
-				else:
-					copy_module(store, name, 0)
+    oldstore = oldstore_path(store)
+    oldmodules = oldmodules_path(store)
+    disabledmodules = disabledmodules_path(store)
+    newstore = newstore_path(store)
+    newmodules = newmodules_path(store)
+    bottomdir = bottomdir_path(store)
+
+    print("Migrating from %s to %s" % (oldstore, newstore))
+
+    # Build up new directory structure
+    create_dir("%s/%s" % (newroot_path(), store), 0o755)
+    create_dir(newstore, 0o700)
+    create_dir(newmodules, 0o700)
+    create_dir(bottomdir, 0o700)
+    create_dir(disabledmodules, 0o700)
+
+    # Special case for base since it was in a different location
+    copy_module(store, "base.pp", 1)
+
+    # Dir structure built, start copying files
+    for root, dirs, files in os.walk(oldstore):
+        if root == oldstore:
+            # This is the top level directory, need to move
+            for name in files:
+                # Check to see if it is in TOPPATHS and copy if so
+                if name in TOPPATHS:
+                    if name == "seusers":
+                        newname = "seusers.local"
+                    else:
+                        newname = name
+                    copy_file(os.path.join(root, name), os.path.join(newstore, newname))
+
+        elif root == oldmodules:
+            # This should be the modules directory
+            for name in files:
+                (file, ext) = os.path.splitext(name)
+                if name == "base.pp":
+                    print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
+                    exit(1)
+                elif ext == ".disabled":
+                    disable_module(file, name, disabledmodules)
+                else:
+                    copy_module(store, name, 0)
 
 
 def rebuild_policy():
-	# Ok, the modules are loaded, lets try to rebuild the policy
-	print("Attempting to rebuild policy from %s" % newroot_path())
+    # Ok, the modules are loaded, lets try to rebuild the policy
+    print("Attempting to rebuild policy from %s" % newroot_path())
 
-	curstore = selinux.selinux_getpolicytype()[1]
+    curstore = selinux.selinux_getpolicytype()[1]
 
-	handle = semanage.semanage_handle_create()
-	if not handle:
-		print("Could not create semanage handle", file=sys.stderr)
-		exit(1)
+    handle = semanage.semanage_handle_create()
+    if not handle:
+        print("Could not create semanage handle", file=sys.stderr)
+        exit(1)
 
-	semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
+    semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
 
-	if not semanage.semanage_is_managed(handle):
-		semanage.semanage_handle_destroy(handle)
-		print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
-		exit(1)
+    if not semanage.semanage_is_managed(handle):
+        semanage.semanage_handle_destroy(handle)
+        print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
+        exit(1)
 
-	rc = semanage.semanage_access_check(handle)
-	if rc < semanage.SEMANAGE_CAN_WRITE:
-		semanage.semanage_handle_destroy(handle)
-		print("Cannot write to policy store.", file=sys.stderr)
-		exit(1)
+    rc = semanage.semanage_access_check(handle)
+    if rc < semanage.SEMANAGE_CAN_WRITE:
+        semanage.semanage_handle_destroy(handle)
+        print("Cannot write to policy store.", file=sys.stderr)
+        exit(1)
 
-	rc = semanage.semanage_connect(handle)
-	if rc < 0:
-		semanage.semanage_handle_destroy(handle)
-		print("Could not establish semanage connection", file=sys.stderr)
-		exit(1)
+    rc = semanage.semanage_connect(handle)
+    if rc < 0:
+        semanage.semanage_handle_destroy(handle)
+        print("Could not establish semanage connection", file=sys.stderr)
+        exit(1)
 
-	semanage.semanage_set_rebuild(handle, 1)
+    semanage.semanage_set_rebuild(handle, 1)
 
-	rc = semanage.semanage_begin_transaction(handle)
-	if rc < 0:
-		semanage.semanage_handle_destroy(handle)
-		print("Could not begin transaction", file=sys.stderr)
-		exit(1)
+    rc = semanage.semanage_begin_transaction(handle)
+    if rc < 0:
+        semanage.semanage_handle_destroy(handle)
+        print("Could not begin transaction", file=sys.stderr)
+        exit(1)
 
-	rc = semanage.semanage_commit(handle)
-	if rc < 0:
-		print("Could not commit transaction", file=sys.stderr)
+    rc = semanage.semanage_commit(handle)
+    if rc < 0:
+        print("Could not commit transaction", file=sys.stderr)
 
-	semanage.semanage_handle_destroy(handle)
+    semanage.semanage_handle_destroy(handle)
 
 
 def oldroot_path():
-	return "%s/etc/selinux" % ROOT
+    return "%s/etc/selinux" % ROOT
 
 
 def oldstore_path(store):
-	return "%s/%s/modules/active" % (oldroot_path(), store)
+    return "%s/%s/modules/active" % (oldroot_path(), store)
 
 
 def oldmodules_path(store):
-	return "%s/modules" % oldstore_path(store)
+    return "%s/modules" % oldstore_path(store)
 
 
 def disabledmodules_path(store):
-	return "%s/disabled" % newmodules_path(store)
+    return "%s/disabled" % newmodules_path(store)
 
 
 def newroot_path():
-	return "%s%s" % (ROOT, PATH)
+    return "%s%s" % (ROOT, PATH)
 
 
 def newstore_path(store):
-	return "%s/%s/active" % (newroot_path(), store)
+    return "%s/%s/active" % (newroot_path(), store)
 
 
 def newmodules_path(store):
-	return "%s/modules" % newstore_path(store)
+    return "%s/modules" % newstore_path(store)
 
 
 def bottomdir_path(store):
-	return "%s/%s" % (newmodules_path(store), PRIORITY)
+    return "%s/%s" % (newmodules_path(store), PRIORITY)
 
 
 if __name__ == "__main__":
 
-	parser = OptionParser()
-	parser.add_option("-p", "--priority", dest="priority", default="100",
-			  help="Set priority of modules in new store (default: 100)")
-	parser.add_option("-s", "--store", dest="store", default=None,
-			  help="Store to read from and write to")
-	parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
-			  help="Output debug information")
-	parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
-			  help="Clean old modules directory after migrate (default: no)")
-	parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
-			  help="Disable rebuilding policy after migration (default: no)")
-	parser.add_option("-P", "--path", dest="path",
-			  help="Set path for the policy store (default: /var/lib/selinux)")
-	parser.add_option("-r", "--root", dest="root",
-			  help="Set an alternative root for the migration (default: /)")
-
-	(options, args) = parser.parse_args()
-
-	DEBUG = options.debug
-	PRIORITY = options.priority
-	TYPE = options.store
-	CLEAN = options.clean
-	NOREBUILD = options.norebuild
-	PATH = options.path
-	if PATH is None:
-		PATH = "/var/lib/selinux"
-
-	ROOT = options.root
-	if ROOT is None:
-		ROOT = ""
-
-	# List of paths that go in the active 'root'
-	TOPPATHS = [
-		"commit_num",
-		"ports.local",
-		"interfaces.local",
-		"nodes.local",
-		"booleans.local",
-		"file_contexts.local",
-		"seusers",
-		"users.local",
-		"users_extra",
-		"users_extra.local",
-		"disable_dontaudit",
-		"preserve_tunables",
-		"policy.kern",
-		"file_contexts",
-		"homedir_template",
-		"pkeys.local",
-		"ibendports.local"]
-
-	create_dir(newroot_path(), 0o755)
-
-	stores = None
-	if TYPE is not None:
-		stores = [TYPE]
-	else:
-		stores = os.listdir(oldroot_path())
-
-	# find stores in oldroot and migrate them to newroot if necessary
-	for store in stores:
-		if not os.path.isdir(oldmodules_path(store)):
-			# already migrated or not an selinux store
-			continue
-
-		if os.path.isdir(newstore_path(store)):
-			# store has already been migrated, but old modules dir still exits
-			print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
-			continue
-
-		migrate_store(store)
-
-		if CLEAN is True:
-			def remove_error(function, path, execinfo):
-				print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
-			shutil.rmtree(oldmodules_path(store), onerror=remove_error)
-
-	if NOREBUILD is False:
-		rebuild_policy()
+    parser = OptionParser()
+    parser.add_option("-p", "--priority", dest="priority", default="100",
+                      help="Set priority of modules in new store (default: 100)")
+    parser.add_option("-s", "--store", dest="store", default=None,
+                      help="Store to read from and write to")
+    parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
+                      help="Output debug information")
+    parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
+                      help="Clean old modules directory after migrate (default: no)")
+    parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
+                      help="Disable rebuilding policy after migration (default: no)")
+    parser.add_option("-P", "--path", dest="path",
+                      help="Set path for the policy store (default: /var/lib/selinux)")
+    parser.add_option("-r", "--root", dest="root",
+                      help="Set an alternative root for the migration (default: /)")
+
+    (options, args) = parser.parse_args()
+
+    DEBUG = options.debug
+    PRIORITY = options.priority
+    TYPE = options.store
+    CLEAN = options.clean
+    NOREBUILD = options.norebuild
+    PATH = options.path
+    if PATH is None:
+        PATH = "/var/lib/selinux"
+
+    ROOT = options.root
+    if ROOT is None:
+        ROOT = ""
+
+    # List of paths that go in the active 'root'
+    TOPPATHS = [
+        "commit_num",
+        "ports.local",
+        "interfaces.local",
+        "nodes.local",
+        "booleans.local",
+        "file_contexts.local",
+        "seusers",
+        "users.local",
+        "users_extra",
+        "users_extra.local",
+        "disable_dontaudit",
+        "preserve_tunables",
+        "policy.kern",
+        "file_contexts",
+        "homedir_template",
+        "pkeys.local",
+        "ibendports.local"]
+
+    create_dir(newroot_path(), 0o755)
+
+    stores = None
+    if TYPE is not None:
+        stores = [TYPE]
+    else:
+        stores = os.listdir(oldroot_path())
+
+    # find stores in oldroot and migrate them to newroot if necessary
+    for store in stores:
+        if not os.path.isdir(oldmodules_path(store)):
+            # already migrated or not an selinux store
+            continue
+
+        if os.path.isdir(newstore_path(store)):
+            # store has already been migrated, but old modules dir still exits
+            print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
+            continue
+
+        migrate_store(store)
+
+        if CLEAN is True:
+            def remove_error(function, path, execinfo):
+                print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
+            shutil.rmtree(oldmodules_path(store), onerror=remove_error)
+
+    if NOREBUILD is False:
+        rebuild_policy()
-- 
2.19.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 3/3] semanage_migrate_store: switch to space indentation
  2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
@ 2019-01-04 12:28   ` Petr Lautrbach
  0 siblings, 0 replies; 4+ messages in thread
From: Petr Lautrbach @ 2019-01-04 12:28 UTC (permalink / raw)
  To: selinux; +Cc: Nicolas Iooss

Nicolas Iooss <nicolas.iooss@m4x.org> writes:

> The script used both tabs and space to indent the code, using a tab
> length of 8 (in calls to parser.add_option(...)). Make the code more
> readable by using spaces for indentation everywhere.
>
> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>

All 3 merged. Thanks!


> ---
>  libsemanage/utils/semanage_migrate_store | 438 +++++++++++------------
>  1 file changed, 219 insertions(+), 219 deletions(-)
>
> diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
> index 360f143e9fca..018b1a3e62c2 100755
> --- a/libsemanage/utils/semanage_migrate_store
> +++ b/libsemanage/utils/semanage_migrate_store
> @@ -10,287 +10,287 @@ from optparse import OptionParser
>  
>  
>  try:
> -	import selinux
> -	import semanage
> +    import selinux
> +    import semanage
>  except ImportError:
> -	print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
> -	exit(1)
> +    print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
> +    exit(1)
>  
>  
>  def copy_file(src, dst):
> -	if DEBUG:
> -		print("copying %s to %s" % (src, dst))
> -	try:
> -		shutil.copy(src, dst)
> -	except OSError as the_err:
> -		(err, strerr) = the_err.args
> -		print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
> -		exit(1)
> +    if DEBUG:
> +        print("copying %s to %s" % (src, dst))
> +    try:
> +        shutil.copy(src, dst)
> +    except OSError as the_err:
> +        (err, strerr) = the_err.args
> +        print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
> +        exit(1)
>  
>  
>  def create_dir(dst, mode):
> -	if DEBUG:
> -		print("Making directory %s" % dst)
> -	try:
> -		os.makedirs(dst, mode)
> -	except OSError as the_err:
> -		(err, stderr) = the_err.args
> -		if err == errno.EEXIST:
> -			pass
> -		else:
> -			print("Error creating %s" % dst, file=sys.stderr)
> -			exit(1)
> +    if DEBUG:
> +        print("Making directory %s" % dst)
> +    try:
> +        os.makedirs(dst, mode)
> +    except OSError as the_err:
> +        (err, stderr) = the_err.args
> +        if err == errno.EEXIST:
> +            pass
> +        else:
> +            print("Error creating %s" % dst, file=sys.stderr)
> +            exit(1)
>  
>  
>  def create_file(dst):
> -	if DEBUG:
> -		print("Making file %s" % dst)
> -	try:
> -		open(dst, 'a').close()
> -	except OSError as the_err:
> -		(err, stderr) = the_err.args
> -		print("Error creating %s" % dst, file=sys.stderr)
> -		exit(1)
> +    if DEBUG:
> +        print("Making file %s" % dst)
> +    try:
> +        open(dst, 'a').close()
> +    except OSError as the_err:
> +        (err, stderr) = the_err.args
> +        print("Error creating %s" % dst, file=sys.stderr)
> +        exit(1)
>  
>  
>  def copy_module(store, name, base):
> -	if DEBUG:
> -		print("Install module %s" % name)
> -	(file, ext) = os.path.splitext(name)
> -	if ext != ".pp":
> -		# Stray non-pp file in modules directory, skip
> -		print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
> -		return
> -	try:
> -		if base:
> -			root = oldstore_path(store)
> -		else:
> -			root = oldmodules_path(store)
> +    if DEBUG:
> +        print("Install module %s" % name)
> +    (file, ext) = os.path.splitext(name)
> +    if ext != ".pp":
> +        # Stray non-pp file in modules directory, skip
> +        print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
> +        return
> +    try:
> +        if base:
> +            root = oldstore_path(store)
> +        else:
> +            root = oldmodules_path(store)
>  
> -		bottomdir = bottomdir_path(store)
> +        bottomdir = bottomdir_path(store)
>  
> -		os.mkdir("%s/%s" % (bottomdir, file))
> +        os.mkdir("%s/%s" % (bottomdir, file))
>  
> -		copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
> +        copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
>  
> -		# This is the ext file that will eventually be used to choose a compiler
> -		efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
> -		efile.write("pp")
> -		efile.close()
> +        # This is the ext file that will eventually be used to choose a compiler
> +        efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
> +        efile.write("pp")
> +        efile.close()
>  
> -	except (IOError, OSError):
> -		print("Error installing module %s" % name, file=sys.stderr)
> -		exit(1)
> +    except (IOError, OSError):
> +        print("Error installing module %s" % name, file=sys.stderr)
> +        exit(1)
>  
>  
>  def disable_module(file, name, disabledmodules):
> -	if DEBUG:
> -		print("Disabling %s" % name)
> -	(disabledname, disabledext) = os.path.splitext(file)
> -	create_file("%s/%s" % (disabledmodules, disabledname))
> +    if DEBUG:
> +        print("Disabling %s" % name)
> +    (disabledname, disabledext) = os.path.splitext(file)
> +    create_file("%s/%s" % (disabledmodules, disabledname))
>  
>  
>  def migrate_store(store):
> -	oldstore = oldstore_path(store)
> -	oldmodules = oldmodules_path(store)
> -	disabledmodules = disabledmodules_path(store)
> -	newstore = newstore_path(store)
> -	newmodules = newmodules_path(store)
> -	bottomdir = bottomdir_path(store)
> -
> -	print("Migrating from %s to %s" % (oldstore, newstore))
> -
> -	# Build up new directory structure
> -	create_dir("%s/%s" % (newroot_path(), store), 0o755)
> -	create_dir(newstore, 0o700)
> -	create_dir(newmodules, 0o700)
> -	create_dir(bottomdir, 0o700)
> -	create_dir(disabledmodules, 0o700)
> -
> -	# Special case for base since it was in a different location
> -	copy_module(store, "base.pp", 1)
> -
> -	# Dir structure built, start copying files
> -	for root, dirs, files in os.walk(oldstore):
> -		if root == oldstore:
> -			# This is the top level directory, need to move
> -			for name in files:
> -				# Check to see if it is in TOPPATHS and copy if so
> -				if name in TOPPATHS:
> -					if name == "seusers":
> -						newname = "seusers.local"
> -					else:
> -						newname = name
> -					copy_file(os.path.join(root, name), os.path.join(newstore, newname))
> -
> -		elif root == oldmodules:
> -			# This should be the modules directory
> -			for name in files:
> -				(file, ext) = os.path.splitext(name)
> -				if name == "base.pp":
> -					print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
> -					exit(1)
> -				elif ext == ".disabled":
> -					disable_module(file, name, disabledmodules)
> -				else:
> -					copy_module(store, name, 0)
> +    oldstore = oldstore_path(store)
> +    oldmodules = oldmodules_path(store)
> +    disabledmodules = disabledmodules_path(store)
> +    newstore = newstore_path(store)
> +    newmodules = newmodules_path(store)
> +    bottomdir = bottomdir_path(store)
> +
> +    print("Migrating from %s to %s" % (oldstore, newstore))
> +
> +    # Build up new directory structure
> +    create_dir("%s/%s" % (newroot_path(), store), 0o755)
> +    create_dir(newstore, 0o700)
> +    create_dir(newmodules, 0o700)
> +    create_dir(bottomdir, 0o700)
> +    create_dir(disabledmodules, 0o700)
> +
> +    # Special case for base since it was in a different location
> +    copy_module(store, "base.pp", 1)
> +
> +    # Dir structure built, start copying files
> +    for root, dirs, files in os.walk(oldstore):
> +        if root == oldstore:
> +            # This is the top level directory, need to move
> +            for name in files:
> +                # Check to see if it is in TOPPATHS and copy if so
> +                if name in TOPPATHS:
> +                    if name == "seusers":
> +                        newname = "seusers.local"
> +                    else:
> +                        newname = name
> +                    copy_file(os.path.join(root, name), os.path.join(newstore, newname))
> +
> +        elif root == oldmodules:
> +            # This should be the modules directory
> +            for name in files:
> +                (file, ext) = os.path.splitext(name)
> +                if name == "base.pp":
> +                    print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
> +                    exit(1)
> +                elif ext == ".disabled":
> +                    disable_module(file, name, disabledmodules)
> +                else:
> +                    copy_module(store, name, 0)
>  
>  
>  def rebuild_policy():
> -	# Ok, the modules are loaded, lets try to rebuild the policy
> -	print("Attempting to rebuild policy from %s" % newroot_path())
> +    # Ok, the modules are loaded, lets try to rebuild the policy
> +    print("Attempting to rebuild policy from %s" % newroot_path())
>  
> -	curstore = selinux.selinux_getpolicytype()[1]
> +    curstore = selinux.selinux_getpolicytype()[1]
>  
> -	handle = semanage.semanage_handle_create()
> -	if not handle:
> -		print("Could not create semanage handle", file=sys.stderr)
> -		exit(1)
> +    handle = semanage.semanage_handle_create()
> +    if not handle:
> +        print("Could not create semanage handle", file=sys.stderr)
> +        exit(1)
>  
> -	semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
> +    semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
>  
> -	if not semanage.semanage_is_managed(handle):
> -		semanage.semanage_handle_destroy(handle)
> -		print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
> -		exit(1)
> +    if not semanage.semanage_is_managed(handle):
> +        semanage.semanage_handle_destroy(handle)
> +        print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
> +        exit(1)
>  
> -	rc = semanage.semanage_access_check(handle)
> -	if rc < semanage.SEMANAGE_CAN_WRITE:
> -		semanage.semanage_handle_destroy(handle)
> -		print("Cannot write to policy store.", file=sys.stderr)
> -		exit(1)
> +    rc = semanage.semanage_access_check(handle)
> +    if rc < semanage.SEMANAGE_CAN_WRITE:
> +        semanage.semanage_handle_destroy(handle)
> +        print("Cannot write to policy store.", file=sys.stderr)
> +        exit(1)
>  
> -	rc = semanage.semanage_connect(handle)
> -	if rc < 0:
> -		semanage.semanage_handle_destroy(handle)
> -		print("Could not establish semanage connection", file=sys.stderr)
> -		exit(1)
> +    rc = semanage.semanage_connect(handle)
> +    if rc < 0:
> +        semanage.semanage_handle_destroy(handle)
> +        print("Could not establish semanage connection", file=sys.stderr)
> +        exit(1)
>  
> -	semanage.semanage_set_rebuild(handle, 1)
> +    semanage.semanage_set_rebuild(handle, 1)
>  
> -	rc = semanage.semanage_begin_transaction(handle)
> -	if rc < 0:
> -		semanage.semanage_handle_destroy(handle)
> -		print("Could not begin transaction", file=sys.stderr)
> -		exit(1)
> +    rc = semanage.semanage_begin_transaction(handle)
> +    if rc < 0:
> +        semanage.semanage_handle_destroy(handle)
> +        print("Could not begin transaction", file=sys.stderr)
> +        exit(1)
>  
> -	rc = semanage.semanage_commit(handle)
> -	if rc < 0:
> -		print("Could not commit transaction", file=sys.stderr)
> +    rc = semanage.semanage_commit(handle)
> +    if rc < 0:
> +        print("Could not commit transaction", file=sys.stderr)
>  
> -	semanage.semanage_handle_destroy(handle)
> +    semanage.semanage_handle_destroy(handle)
>  
>  
>  def oldroot_path():
> -	return "%s/etc/selinux" % ROOT
> +    return "%s/etc/selinux" % ROOT
>  
>  
>  def oldstore_path(store):
> -	return "%s/%s/modules/active" % (oldroot_path(), store)
> +    return "%s/%s/modules/active" % (oldroot_path(), store)
>  
>  
>  def oldmodules_path(store):
> -	return "%s/modules" % oldstore_path(store)
> +    return "%s/modules" % oldstore_path(store)
>  
>  
>  def disabledmodules_path(store):
> -	return "%s/disabled" % newmodules_path(store)
> +    return "%s/disabled" % newmodules_path(store)
>  
>  
>  def newroot_path():
> -	return "%s%s" % (ROOT, PATH)
> +    return "%s%s" % (ROOT, PATH)
>  
>  
>  def newstore_path(store):
> -	return "%s/%s/active" % (newroot_path(), store)
> +    return "%s/%s/active" % (newroot_path(), store)
>  
>  
>  def newmodules_path(store):
> -	return "%s/modules" % newstore_path(store)
> +    return "%s/modules" % newstore_path(store)
>  
>  
>  def bottomdir_path(store):
> -	return "%s/%s" % (newmodules_path(store), PRIORITY)
> +    return "%s/%s" % (newmodules_path(store), PRIORITY)
>  
>  
>  if __name__ == "__main__":
>  
> -	parser = OptionParser()
> -	parser.add_option("-p", "--priority", dest="priority", default="100",
> -			  help="Set priority of modules in new store (default: 100)")
> -	parser.add_option("-s", "--store", dest="store", default=None,
> -			  help="Store to read from and write to")
> -	parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
> -			  help="Output debug information")
> -	parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
> -			  help="Clean old modules directory after migrate (default: no)")
> -	parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
> -			  help="Disable rebuilding policy after migration (default: no)")
> -	parser.add_option("-P", "--path", dest="path",
> -			  help="Set path for the policy store (default: /var/lib/selinux)")
> -	parser.add_option("-r", "--root", dest="root",
> -			  help="Set an alternative root for the migration (default: /)")
> -
> -	(options, args) = parser.parse_args()
> -
> -	DEBUG = options.debug
> -	PRIORITY = options.priority
> -	TYPE = options.store
> -	CLEAN = options.clean
> -	NOREBUILD = options.norebuild
> -	PATH = options.path
> -	if PATH is None:
> -		PATH = "/var/lib/selinux"
> -
> -	ROOT = options.root
> -	if ROOT is None:
> -		ROOT = ""
> -
> -	# List of paths that go in the active 'root'
> -	TOPPATHS = [
> -		"commit_num",
> -		"ports.local",
> -		"interfaces.local",
> -		"nodes.local",
> -		"booleans.local",
> -		"file_contexts.local",
> -		"seusers",
> -		"users.local",
> -		"users_extra",
> -		"users_extra.local",
> -		"disable_dontaudit",
> -		"preserve_tunables",
> -		"policy.kern",
> -		"file_contexts",
> -		"homedir_template",
> -		"pkeys.local",
> -		"ibendports.local"]
> -
> -	create_dir(newroot_path(), 0o755)
> -
> -	stores = None
> -	if TYPE is not None:
> -		stores = [TYPE]
> -	else:
> -		stores = os.listdir(oldroot_path())
> -
> -	# find stores in oldroot and migrate them to newroot if necessary
> -	for store in stores:
> -		if not os.path.isdir(oldmodules_path(store)):
> -			# already migrated or not an selinux store
> -			continue
> -
> -		if os.path.isdir(newstore_path(store)):
> -			# store has already been migrated, but old modules dir still exits
> -			print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
> -			continue
> -
> -		migrate_store(store)
> -
> -		if CLEAN is True:
> -			def remove_error(function, path, execinfo):
> -				print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
> -			shutil.rmtree(oldmodules_path(store), onerror=remove_error)
> -
> -	if NOREBUILD is False:
> -		rebuild_policy()
> +    parser = OptionParser()
> +    parser.add_option("-p", "--priority", dest="priority", default="100",
> +                      help="Set priority of modules in new store (default: 100)")
> +    parser.add_option("-s", "--store", dest="store", default=None,
> +                      help="Store to read from and write to")
> +    parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
> +                      help="Output debug information")
> +    parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
> +                      help="Clean old modules directory after migrate (default: no)")
> +    parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
> +                      help="Disable rebuilding policy after migration (default: no)")
> +    parser.add_option("-P", "--path", dest="path",
> +                      help="Set path for the policy store (default: /var/lib/selinux)")
> +    parser.add_option("-r", "--root", dest="root",
> +                      help="Set an alternative root for the migration (default: /)")
> +
> +    (options, args) = parser.parse_args()
> +
> +    DEBUG = options.debug
> +    PRIORITY = options.priority
> +    TYPE = options.store
> +    CLEAN = options.clean
> +    NOREBUILD = options.norebuild
> +    PATH = options.path
> +    if PATH is None:
> +        PATH = "/var/lib/selinux"
> +
> +    ROOT = options.root
> +    if ROOT is None:
> +        ROOT = ""
> +
> +    # List of paths that go in the active 'root'
> +    TOPPATHS = [
> +        "commit_num",
> +        "ports.local",
> +        "interfaces.local",
> +        "nodes.local",
> +        "booleans.local",
> +        "file_contexts.local",
> +        "seusers",
> +        "users.local",
> +        "users_extra",
> +        "users_extra.local",
> +        "disable_dontaudit",
> +        "preserve_tunables",
> +        "policy.kern",
> +        "file_contexts",
> +        "homedir_template",
> +        "pkeys.local",
> +        "ibendports.local"]
> +
> +    create_dir(newroot_path(), 0o755)
> +
> +    stores = None
> +    if TYPE is not None:
> +        stores = [TYPE]
> +    else:
> +        stores = os.listdir(oldroot_path())
> +
> +    # find stores in oldroot and migrate them to newroot if necessary
> +    for store in stores:
> +        if not os.path.isdir(oldmodules_path(store)):
> +            # already migrated or not an selinux store
> +            continue
> +
> +        if os.path.isdir(newstore_path(store)):
> +            # store has already been migrated, but old modules dir still exits
> +            print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
> +            continue
> +
> +        migrate_store(store)
> +
> +        if CLEAN is True:
> +            def remove_error(function, path, execinfo):
> +                print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
> +            shutil.rmtree(oldmodules_path(store), onerror=remove_error)
> +
> +    if NOREBUILD is False:
> +        rebuild_policy()

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-19 22:13 [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings Nicolas Iooss
2018-12-19 22:13 ` [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so Nicolas Iooss
2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
2019-01-04 12:28   ` Petr Lautrbach

SELinux Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/selinux/0 selinux/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 selinux selinux/ https://lore.kernel.org/selinux \
		selinux@vger.kernel.org selinux@archiver.kernel.org
	public-inbox-index selinux


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.selinux


AGPL code for this site: git clone https://public-inbox.org/ public-inbox