* [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings
@ 2018-12-19 22:13 Nicolas Iooss
2018-12-19 22:13 ` [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so Nicolas Iooss
2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
0 siblings, 2 replies; 4+ messages in thread
From: Nicolas Iooss @ 2018-12-19 22:13 UTC (permalink / raw)
To: selinux
flake8 reports many warnings on script semanage_migrate_store:
E225 missing whitespace around operator
E302 expected 2 blank lines, found 1
E701 multiple statements on one line (colon)
E703 statement ends with a semicolon
E722 do not use bare 'except'
...
Fix some of them in order to reduce the noise.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
This patch is needed to prepare making scripts/run-flake8 analyze Python
scripts with names that do not end with ".py".
libsemanage/utils/semanage_migrate_store | 40 +++++++++++++++---------
1 file changed, 25 insertions(+), 15 deletions(-)
diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
index b789d0424541..7b5bee819e24 100755
--- a/libsemanage/utils/semanage_migrate_store
+++ b/libsemanage/utils/semanage_migrate_store
@@ -27,12 +27,13 @@ def copy_file(src, dst):
shutil.copy(src, dst)
except OSError as the_err:
(err, strerr) = the_err.args
- print("Could not copy %s to %s, %s" %(src, dst, strerr), file=sys.stderr)
+ print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
exit(1)
def create_dir(dst, mode):
- if DEBUG: print("Making directory %s" % dst)
+ if DEBUG:
+ print("Making directory %s" % dst)
try:
os.makedirs(dst, mode)
except OSError as the_err:
@@ -45,7 +46,8 @@ def create_dir(dst, mode):
def create_file(dst):
- if DEBUG: print("Making file %s" % dst)
+ if DEBUG:
+ print("Making file %s" % dst)
try:
open(dst, 'a').close()
except OSError as the_err:
@@ -55,7 +57,8 @@ def create_file(dst):
def copy_module(store, name, base):
- if DEBUG: print("Install module %s" % name)
+ if DEBUG:
+ print("Install module %s" % name)
(file, ext) = os.path.splitext(name)
if ext != ".pp":
# Stray non-pp file in modules directory, skip
@@ -78,24 +81,25 @@ def copy_module(store, name, base):
efile.write("pp")
efile.close()
- except:
+ except (IOError, OSError):
print("Error installing module %s" % name, file=sys.stderr)
exit(1)
def disable_module(file, name, disabledmodules):
- if DEBUG: print("Disabling %s" % name)
+ if DEBUG:
+ print("Disabling %s" % name)
(disabledname, disabledext) = os.path.splitext(file)
create_file("%s/%s" % (disabledmodules, disabledname))
-def migrate_store(store):
- oldstore = oldstore_path(store);
- oldmodules = oldmodules_path(store);
- disabledmodules = disabledmodules_path(store);
- newstore = newstore_path(store);
- newmodules = newmodules_path(store);
- bottomdir = bottomdir_path(store);
+def migrate_store(store):
+ oldstore = oldstore_path(store)
+ oldmodules = oldmodules_path(store)
+ disabledmodules = disabledmodules_path(store)
+ newstore = newstore_path(store)
+ newmodules = newmodules_path(store)
+ bottomdir = bottomdir_path(store)
print("Migrating from %s to %s" % (oldstore, newstore))
@@ -134,6 +138,7 @@ def migrate_store(store):
else:
copy_module(store, name, 0)
+
def rebuild_policy():
# Ok, the modules are loaded, lets try to rebuild the policy
print("Attempting to rebuild policy from %s" % newroot_path())
@@ -182,24 +187,31 @@ def rebuild_policy():
def oldroot_path():
return "%s/etc/selinux" % ROOT
+
def oldstore_path(store):
return "%s/%s/modules/active" % (oldroot_path(), store)
+
def oldmodules_path(store):
return "%s/modules" % oldstore_path(store)
+
def disabledmodules_path(store):
return "%s/disabled" % newmodules_path(store)
+
def newroot_path():
return "%s%s" % (ROOT, PATH)
+
def newstore_path(store):
return "%s/%s/active" % (newroot_path(), store)
+
def newmodules_path(store):
return "%s/modules" % newstore_path(store)
+
def bottomdir_path(store):
return "%s/%s" % (newmodules_path(store), PRIORITY)
@@ -257,7 +269,6 @@ if __name__ == "__main__":
"pkeys.local",
"ibendports.local"]
-
create_dir(newroot_path(), 0o755)
stores = None
@@ -286,4 +297,3 @@ if __name__ == "__main__":
if NOREBUILD is False:
rebuild_policy()
-
--
2.19.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so
2018-12-19 22:13 [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings Nicolas Iooss
@ 2018-12-19 22:13 ` Nicolas Iooss
2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
1 sibling, 0 replies; 4+ messages in thread
From: Nicolas Iooss @ 2018-12-19 22:13 UTC (permalink / raw)
To: selinux
semanage_migrate_store loads libsepol.so using ctypes but never uses it.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
libsemanage/utils/semanage_migrate_store | 3 ---
1 file changed, 3 deletions(-)
diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
index 7b5bee819e24..360f143e9fca 100755
--- a/libsemanage/utils/semanage_migrate_store
+++ b/libsemanage/utils/semanage_migrate_store
@@ -8,9 +8,6 @@ import shutil
import sys
from optparse import OptionParser
-import ctypes
-
-sepol = ctypes.cdll.LoadLibrary('libsepol.so.1')
try:
import selinux
--
2.19.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 3/3] semanage_migrate_store: switch to space indentation
2018-12-19 22:13 [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings Nicolas Iooss
2018-12-19 22:13 ` [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so Nicolas Iooss
@ 2018-12-19 22:13 ` Nicolas Iooss
2019-01-04 12:28 ` Petr Lautrbach
1 sibling, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2018-12-19 22:13 UTC (permalink / raw)
To: selinux
The script used both tabs and space to indent the code, using a tab
length of 8 (in calls to parser.add_option(...)). Make the code more
readable by using spaces for indentation everywhere.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
libsemanage/utils/semanage_migrate_store | 438 +++++++++++------------
1 file changed, 219 insertions(+), 219 deletions(-)
diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
index 360f143e9fca..018b1a3e62c2 100755
--- a/libsemanage/utils/semanage_migrate_store
+++ b/libsemanage/utils/semanage_migrate_store
@@ -10,287 +10,287 @@ from optparse import OptionParser
try:
- import selinux
- import semanage
+ import selinux
+ import semanage
except ImportError:
- print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
- exit(1)
+ print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
+ exit(1)
def copy_file(src, dst):
- if DEBUG:
- print("copying %s to %s" % (src, dst))
- try:
- shutil.copy(src, dst)
- except OSError as the_err:
- (err, strerr) = the_err.args
- print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
- exit(1)
+ if DEBUG:
+ print("copying %s to %s" % (src, dst))
+ try:
+ shutil.copy(src, dst)
+ except OSError as the_err:
+ (err, strerr) = the_err.args
+ print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
+ exit(1)
def create_dir(dst, mode):
- if DEBUG:
- print("Making directory %s" % dst)
- try:
- os.makedirs(dst, mode)
- except OSError as the_err:
- (err, stderr) = the_err.args
- if err == errno.EEXIST:
- pass
- else:
- print("Error creating %s" % dst, file=sys.stderr)
- exit(1)
+ if DEBUG:
+ print("Making directory %s" % dst)
+ try:
+ os.makedirs(dst, mode)
+ except OSError as the_err:
+ (err, stderr) = the_err.args
+ if err == errno.EEXIST:
+ pass
+ else:
+ print("Error creating %s" % dst, file=sys.stderr)
+ exit(1)
def create_file(dst):
- if DEBUG:
- print("Making file %s" % dst)
- try:
- open(dst, 'a').close()
- except OSError as the_err:
- (err, stderr) = the_err.args
- print("Error creating %s" % dst, file=sys.stderr)
- exit(1)
+ if DEBUG:
+ print("Making file %s" % dst)
+ try:
+ open(dst, 'a').close()
+ except OSError as the_err:
+ (err, stderr) = the_err.args
+ print("Error creating %s" % dst, file=sys.stderr)
+ exit(1)
def copy_module(store, name, base):
- if DEBUG:
- print("Install module %s" % name)
- (file, ext) = os.path.splitext(name)
- if ext != ".pp":
- # Stray non-pp file in modules directory, skip
- print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
- return
- try:
- if base:
- root = oldstore_path(store)
- else:
- root = oldmodules_path(store)
+ if DEBUG:
+ print("Install module %s" % name)
+ (file, ext) = os.path.splitext(name)
+ if ext != ".pp":
+ # Stray non-pp file in modules directory, skip
+ print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
+ return
+ try:
+ if base:
+ root = oldstore_path(store)
+ else:
+ root = oldmodules_path(store)
- bottomdir = bottomdir_path(store)
+ bottomdir = bottomdir_path(store)
- os.mkdir("%s/%s" % (bottomdir, file))
+ os.mkdir("%s/%s" % (bottomdir, file))
- copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
+ copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
- # This is the ext file that will eventually be used to choose a compiler
- efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
- efile.write("pp")
- efile.close()
+ # This is the ext file that will eventually be used to choose a compiler
+ efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
+ efile.write("pp")
+ efile.close()
- except (IOError, OSError):
- print("Error installing module %s" % name, file=sys.stderr)
- exit(1)
+ except (IOError, OSError):
+ print("Error installing module %s" % name, file=sys.stderr)
+ exit(1)
def disable_module(file, name, disabledmodules):
- if DEBUG:
- print("Disabling %s" % name)
- (disabledname, disabledext) = os.path.splitext(file)
- create_file("%s/%s" % (disabledmodules, disabledname))
+ if DEBUG:
+ print("Disabling %s" % name)
+ (disabledname, disabledext) = os.path.splitext(file)
+ create_file("%s/%s" % (disabledmodules, disabledname))
def migrate_store(store):
- oldstore = oldstore_path(store)
- oldmodules = oldmodules_path(store)
- disabledmodules = disabledmodules_path(store)
- newstore = newstore_path(store)
- newmodules = newmodules_path(store)
- bottomdir = bottomdir_path(store)
-
- print("Migrating from %s to %s" % (oldstore, newstore))
-
- # Build up new directory structure
- create_dir("%s/%s" % (newroot_path(), store), 0o755)
- create_dir(newstore, 0o700)
- create_dir(newmodules, 0o700)
- create_dir(bottomdir, 0o700)
- create_dir(disabledmodules, 0o700)
-
- # Special case for base since it was in a different location
- copy_module(store, "base.pp", 1)
-
- # Dir structure built, start copying files
- for root, dirs, files in os.walk(oldstore):
- if root == oldstore:
- # This is the top level directory, need to move
- for name in files:
- # Check to see if it is in TOPPATHS and copy if so
- if name in TOPPATHS:
- if name == "seusers":
- newname = "seusers.local"
- else:
- newname = name
- copy_file(os.path.join(root, name), os.path.join(newstore, newname))
-
- elif root == oldmodules:
- # This should be the modules directory
- for name in files:
- (file, ext) = os.path.splitext(name)
- if name == "base.pp":
- print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
- exit(1)
- elif ext == ".disabled":
- disable_module(file, name, disabledmodules)
- else:
- copy_module(store, name, 0)
+ oldstore = oldstore_path(store)
+ oldmodules = oldmodules_path(store)
+ disabledmodules = disabledmodules_path(store)
+ newstore = newstore_path(store)
+ newmodules = newmodules_path(store)
+ bottomdir = bottomdir_path(store)
+
+ print("Migrating from %s to %s" % (oldstore, newstore))
+
+ # Build up new directory structure
+ create_dir("%s/%s" % (newroot_path(), store), 0o755)
+ create_dir(newstore, 0o700)
+ create_dir(newmodules, 0o700)
+ create_dir(bottomdir, 0o700)
+ create_dir(disabledmodules, 0o700)
+
+ # Special case for base since it was in a different location
+ copy_module(store, "base.pp", 1)
+
+ # Dir structure built, start copying files
+ for root, dirs, files in os.walk(oldstore):
+ if root == oldstore:
+ # This is the top level directory, need to move
+ for name in files:
+ # Check to see if it is in TOPPATHS and copy if so
+ if name in TOPPATHS:
+ if name == "seusers":
+ newname = "seusers.local"
+ else:
+ newname = name
+ copy_file(os.path.join(root, name), os.path.join(newstore, newname))
+
+ elif root == oldmodules:
+ # This should be the modules directory
+ for name in files:
+ (file, ext) = os.path.splitext(name)
+ if name == "base.pp":
+ print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
+ exit(1)
+ elif ext == ".disabled":
+ disable_module(file, name, disabledmodules)
+ else:
+ copy_module(store, name, 0)
def rebuild_policy():
- # Ok, the modules are loaded, lets try to rebuild the policy
- print("Attempting to rebuild policy from %s" % newroot_path())
+ # Ok, the modules are loaded, lets try to rebuild the policy
+ print("Attempting to rebuild policy from %s" % newroot_path())
- curstore = selinux.selinux_getpolicytype()[1]
+ curstore = selinux.selinux_getpolicytype()[1]
- handle = semanage.semanage_handle_create()
- if not handle:
- print("Could not create semanage handle", file=sys.stderr)
- exit(1)
+ handle = semanage.semanage_handle_create()
+ if not handle:
+ print("Could not create semanage handle", file=sys.stderr)
+ exit(1)
- semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
+ semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
- if not semanage.semanage_is_managed(handle):
- semanage.semanage_handle_destroy(handle)
- print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
- exit(1)
+ if not semanage.semanage_is_managed(handle):
+ semanage.semanage_handle_destroy(handle)
+ print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
+ exit(1)
- rc = semanage.semanage_access_check(handle)
- if rc < semanage.SEMANAGE_CAN_WRITE:
- semanage.semanage_handle_destroy(handle)
- print("Cannot write to policy store.", file=sys.stderr)
- exit(1)
+ rc = semanage.semanage_access_check(handle)
+ if rc < semanage.SEMANAGE_CAN_WRITE:
+ semanage.semanage_handle_destroy(handle)
+ print("Cannot write to policy store.", file=sys.stderr)
+ exit(1)
- rc = semanage.semanage_connect(handle)
- if rc < 0:
- semanage.semanage_handle_destroy(handle)
- print("Could not establish semanage connection", file=sys.stderr)
- exit(1)
+ rc = semanage.semanage_connect(handle)
+ if rc < 0:
+ semanage.semanage_handle_destroy(handle)
+ print("Could not establish semanage connection", file=sys.stderr)
+ exit(1)
- semanage.semanage_set_rebuild(handle, 1)
+ semanage.semanage_set_rebuild(handle, 1)
- rc = semanage.semanage_begin_transaction(handle)
- if rc < 0:
- semanage.semanage_handle_destroy(handle)
- print("Could not begin transaction", file=sys.stderr)
- exit(1)
+ rc = semanage.semanage_begin_transaction(handle)
+ if rc < 0:
+ semanage.semanage_handle_destroy(handle)
+ print("Could not begin transaction", file=sys.stderr)
+ exit(1)
- rc = semanage.semanage_commit(handle)
- if rc < 0:
- print("Could not commit transaction", file=sys.stderr)
+ rc = semanage.semanage_commit(handle)
+ if rc < 0:
+ print("Could not commit transaction", file=sys.stderr)
- semanage.semanage_handle_destroy(handle)
+ semanage.semanage_handle_destroy(handle)
def oldroot_path():
- return "%s/etc/selinux" % ROOT
+ return "%s/etc/selinux" % ROOT
def oldstore_path(store):
- return "%s/%s/modules/active" % (oldroot_path(), store)
+ return "%s/%s/modules/active" % (oldroot_path(), store)
def oldmodules_path(store):
- return "%s/modules" % oldstore_path(store)
+ return "%s/modules" % oldstore_path(store)
def disabledmodules_path(store):
- return "%s/disabled" % newmodules_path(store)
+ return "%s/disabled" % newmodules_path(store)
def newroot_path():
- return "%s%s" % (ROOT, PATH)
+ return "%s%s" % (ROOT, PATH)
def newstore_path(store):
- return "%s/%s/active" % (newroot_path(), store)
+ return "%s/%s/active" % (newroot_path(), store)
def newmodules_path(store):
- return "%s/modules" % newstore_path(store)
+ return "%s/modules" % newstore_path(store)
def bottomdir_path(store):
- return "%s/%s" % (newmodules_path(store), PRIORITY)
+ return "%s/%s" % (newmodules_path(store), PRIORITY)
if __name__ == "__main__":
- parser = OptionParser()
- parser.add_option("-p", "--priority", dest="priority", default="100",
- help="Set priority of modules in new store (default: 100)")
- parser.add_option("-s", "--store", dest="store", default=None,
- help="Store to read from and write to")
- parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
- help="Output debug information")
- parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
- help="Clean old modules directory after migrate (default: no)")
- parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
- help="Disable rebuilding policy after migration (default: no)")
- parser.add_option("-P", "--path", dest="path",
- help="Set path for the policy store (default: /var/lib/selinux)")
- parser.add_option("-r", "--root", dest="root",
- help="Set an alternative root for the migration (default: /)")
-
- (options, args) = parser.parse_args()
-
- DEBUG = options.debug
- PRIORITY = options.priority
- TYPE = options.store
- CLEAN = options.clean
- NOREBUILD = options.norebuild
- PATH = options.path
- if PATH is None:
- PATH = "/var/lib/selinux"
-
- ROOT = options.root
- if ROOT is None:
- ROOT = ""
-
- # List of paths that go in the active 'root'
- TOPPATHS = [
- "commit_num",
- "ports.local",
- "interfaces.local",
- "nodes.local",
- "booleans.local",
- "file_contexts.local",
- "seusers",
- "users.local",
- "users_extra",
- "users_extra.local",
- "disable_dontaudit",
- "preserve_tunables",
- "policy.kern",
- "file_contexts",
- "homedir_template",
- "pkeys.local",
- "ibendports.local"]
-
- create_dir(newroot_path(), 0o755)
-
- stores = None
- if TYPE is not None:
- stores = [TYPE]
- else:
- stores = os.listdir(oldroot_path())
-
- # find stores in oldroot and migrate them to newroot if necessary
- for store in stores:
- if not os.path.isdir(oldmodules_path(store)):
- # already migrated or not an selinux store
- continue
-
- if os.path.isdir(newstore_path(store)):
- # store has already been migrated, but old modules dir still exits
- print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
- continue
-
- migrate_store(store)
-
- if CLEAN is True:
- def remove_error(function, path, execinfo):
- print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
- shutil.rmtree(oldmodules_path(store), onerror=remove_error)
-
- if NOREBUILD is False:
- rebuild_policy()
+ parser = OptionParser()
+ parser.add_option("-p", "--priority", dest="priority", default="100",
+ help="Set priority of modules in new store (default: 100)")
+ parser.add_option("-s", "--store", dest="store", default=None,
+ help="Store to read from and write to")
+ parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
+ help="Output debug information")
+ parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
+ help="Clean old modules directory after migrate (default: no)")
+ parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
+ help="Disable rebuilding policy after migration (default: no)")
+ parser.add_option("-P", "--path", dest="path",
+ help="Set path for the policy store (default: /var/lib/selinux)")
+ parser.add_option("-r", "--root", dest="root",
+ help="Set an alternative root for the migration (default: /)")
+
+ (options, args) = parser.parse_args()
+
+ DEBUG = options.debug
+ PRIORITY = options.priority
+ TYPE = options.store
+ CLEAN = options.clean
+ NOREBUILD = options.norebuild
+ PATH = options.path
+ if PATH is None:
+ PATH = "/var/lib/selinux"
+
+ ROOT = options.root
+ if ROOT is None:
+ ROOT = ""
+
+ # List of paths that go in the active 'root'
+ TOPPATHS = [
+ "commit_num",
+ "ports.local",
+ "interfaces.local",
+ "nodes.local",
+ "booleans.local",
+ "file_contexts.local",
+ "seusers",
+ "users.local",
+ "users_extra",
+ "users_extra.local",
+ "disable_dontaudit",
+ "preserve_tunables",
+ "policy.kern",
+ "file_contexts",
+ "homedir_template",
+ "pkeys.local",
+ "ibendports.local"]
+
+ create_dir(newroot_path(), 0o755)
+
+ stores = None
+ if TYPE is not None:
+ stores = [TYPE]
+ else:
+ stores = os.listdir(oldroot_path())
+
+ # find stores in oldroot and migrate them to newroot if necessary
+ for store in stores:
+ if not os.path.isdir(oldmodules_path(store)):
+ # already migrated or not an selinux store
+ continue
+
+ if os.path.isdir(newstore_path(store)):
+ # store has already been migrated, but old modules dir still exits
+ print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
+ continue
+
+ migrate_store(store)
+
+ if CLEAN is True:
+ def remove_error(function, path, execinfo):
+ print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
+ shutil.rmtree(oldmodules_path(store), onerror=remove_error)
+
+ if NOREBUILD is False:
+ rebuild_policy()
--
2.19.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 3/3] semanage_migrate_store: switch to space indentation
2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
@ 2019-01-04 12:28 ` Petr Lautrbach
0 siblings, 0 replies; 4+ messages in thread
From: Petr Lautrbach @ 2019-01-04 12:28 UTC (permalink / raw)
To: selinux; +Cc: Nicolas Iooss
Nicolas Iooss <nicolas.iooss@m4x.org> writes:
> The script used both tabs and space to indent the code, using a tab
> length of 8 (in calls to parser.add_option(...)). Make the code more
> readable by using spaces for indentation everywhere.
>
> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
All 3 merged. Thanks!
> ---
> libsemanage/utils/semanage_migrate_store | 438 +++++++++++------------
> 1 file changed, 219 insertions(+), 219 deletions(-)
>
> diff --git a/libsemanage/utils/semanage_migrate_store b/libsemanage/utils/semanage_migrate_store
> index 360f143e9fca..018b1a3e62c2 100755
> --- a/libsemanage/utils/semanage_migrate_store
> +++ b/libsemanage/utils/semanage_migrate_store
> @@ -10,287 +10,287 @@ from optparse import OptionParser
>
>
> try:
> - import selinux
> - import semanage
> + import selinux
> + import semanage
> except ImportError:
> - print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
> - exit(1)
> + print("You must install libselinux-python and libsemanage-python before running this tool", file=sys.stderr)
> + exit(1)
>
>
> def copy_file(src, dst):
> - if DEBUG:
> - print("copying %s to %s" % (src, dst))
> - try:
> - shutil.copy(src, dst)
> - except OSError as the_err:
> - (err, strerr) = the_err.args
> - print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
> - exit(1)
> + if DEBUG:
> + print("copying %s to %s" % (src, dst))
> + try:
> + shutil.copy(src, dst)
> + except OSError as the_err:
> + (err, strerr) = the_err.args
> + print("Could not copy %s to %s, %s" % (src, dst, strerr), file=sys.stderr)
> + exit(1)
>
>
> def create_dir(dst, mode):
> - if DEBUG:
> - print("Making directory %s" % dst)
> - try:
> - os.makedirs(dst, mode)
> - except OSError as the_err:
> - (err, stderr) = the_err.args
> - if err == errno.EEXIST:
> - pass
> - else:
> - print("Error creating %s" % dst, file=sys.stderr)
> - exit(1)
> + if DEBUG:
> + print("Making directory %s" % dst)
> + try:
> + os.makedirs(dst, mode)
> + except OSError as the_err:
> + (err, stderr) = the_err.args
> + if err == errno.EEXIST:
> + pass
> + else:
> + print("Error creating %s" % dst, file=sys.stderr)
> + exit(1)
>
>
> def create_file(dst):
> - if DEBUG:
> - print("Making file %s" % dst)
> - try:
> - open(dst, 'a').close()
> - except OSError as the_err:
> - (err, stderr) = the_err.args
> - print("Error creating %s" % dst, file=sys.stderr)
> - exit(1)
> + if DEBUG:
> + print("Making file %s" % dst)
> + try:
> + open(dst, 'a').close()
> + except OSError as the_err:
> + (err, stderr) = the_err.args
> + print("Error creating %s" % dst, file=sys.stderr)
> + exit(1)
>
>
> def copy_module(store, name, base):
> - if DEBUG:
> - print("Install module %s" % name)
> - (file, ext) = os.path.splitext(name)
> - if ext != ".pp":
> - # Stray non-pp file in modules directory, skip
> - print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
> - return
> - try:
> - if base:
> - root = oldstore_path(store)
> - else:
> - root = oldmodules_path(store)
> + if DEBUG:
> + print("Install module %s" % name)
> + (file, ext) = os.path.splitext(name)
> + if ext != ".pp":
> + # Stray non-pp file in modules directory, skip
> + print("warning: %s has invalid extension, skipping" % name, file=sys.stderr)
> + return
> + try:
> + if base:
> + root = oldstore_path(store)
> + else:
> + root = oldmodules_path(store)
>
> - bottomdir = bottomdir_path(store)
> + bottomdir = bottomdir_path(store)
>
> - os.mkdir("%s/%s" % (bottomdir, file))
> + os.mkdir("%s/%s" % (bottomdir, file))
>
> - copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
> + copy_file(os.path.join(root, name), "%s/%s/hll" % (bottomdir, file))
>
> - # This is the ext file that will eventually be used to choose a compiler
> - efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
> - efile.write("pp")
> - efile.close()
> + # This is the ext file that will eventually be used to choose a compiler
> + efile = open("%s/%s/lang_ext" % (bottomdir, file), "w+", 0o600)
> + efile.write("pp")
> + efile.close()
>
> - except (IOError, OSError):
> - print("Error installing module %s" % name, file=sys.stderr)
> - exit(1)
> + except (IOError, OSError):
> + print("Error installing module %s" % name, file=sys.stderr)
> + exit(1)
>
>
> def disable_module(file, name, disabledmodules):
> - if DEBUG:
> - print("Disabling %s" % name)
> - (disabledname, disabledext) = os.path.splitext(file)
> - create_file("%s/%s" % (disabledmodules, disabledname))
> + if DEBUG:
> + print("Disabling %s" % name)
> + (disabledname, disabledext) = os.path.splitext(file)
> + create_file("%s/%s" % (disabledmodules, disabledname))
>
>
> def migrate_store(store):
> - oldstore = oldstore_path(store)
> - oldmodules = oldmodules_path(store)
> - disabledmodules = disabledmodules_path(store)
> - newstore = newstore_path(store)
> - newmodules = newmodules_path(store)
> - bottomdir = bottomdir_path(store)
> -
> - print("Migrating from %s to %s" % (oldstore, newstore))
> -
> - # Build up new directory structure
> - create_dir("%s/%s" % (newroot_path(), store), 0o755)
> - create_dir(newstore, 0o700)
> - create_dir(newmodules, 0o700)
> - create_dir(bottomdir, 0o700)
> - create_dir(disabledmodules, 0o700)
> -
> - # Special case for base since it was in a different location
> - copy_module(store, "base.pp", 1)
> -
> - # Dir structure built, start copying files
> - for root, dirs, files in os.walk(oldstore):
> - if root == oldstore:
> - # This is the top level directory, need to move
> - for name in files:
> - # Check to see if it is in TOPPATHS and copy if so
> - if name in TOPPATHS:
> - if name == "seusers":
> - newname = "seusers.local"
> - else:
> - newname = name
> - copy_file(os.path.join(root, name), os.path.join(newstore, newname))
> -
> - elif root == oldmodules:
> - # This should be the modules directory
> - for name in files:
> - (file, ext) = os.path.splitext(name)
> - if name == "base.pp":
> - print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
> - exit(1)
> - elif ext == ".disabled":
> - disable_module(file, name, disabledmodules)
> - else:
> - copy_module(store, name, 0)
> + oldstore = oldstore_path(store)
> + oldmodules = oldmodules_path(store)
> + disabledmodules = disabledmodules_path(store)
> + newstore = newstore_path(store)
> + newmodules = newmodules_path(store)
> + bottomdir = bottomdir_path(store)
> +
> + print("Migrating from %s to %s" % (oldstore, newstore))
> +
> + # Build up new directory structure
> + create_dir("%s/%s" % (newroot_path(), store), 0o755)
> + create_dir(newstore, 0o700)
> + create_dir(newmodules, 0o700)
> + create_dir(bottomdir, 0o700)
> + create_dir(disabledmodules, 0o700)
> +
> + # Special case for base since it was in a different location
> + copy_module(store, "base.pp", 1)
> +
> + # Dir structure built, start copying files
> + for root, dirs, files in os.walk(oldstore):
> + if root == oldstore:
> + # This is the top level directory, need to move
> + for name in files:
> + # Check to see if it is in TOPPATHS and copy if so
> + if name in TOPPATHS:
> + if name == "seusers":
> + newname = "seusers.local"
> + else:
> + newname = name
> + copy_file(os.path.join(root, name), os.path.join(newstore, newname))
> +
> + elif root == oldmodules:
> + # This should be the modules directory
> + for name in files:
> + (file, ext) = os.path.splitext(name)
> + if name == "base.pp":
> + print("Error installing module %s, name conflicts with base" % name, file=sys.stderr)
> + exit(1)
> + elif ext == ".disabled":
> + disable_module(file, name, disabledmodules)
> + else:
> + copy_module(store, name, 0)
>
>
> def rebuild_policy():
> - # Ok, the modules are loaded, lets try to rebuild the policy
> - print("Attempting to rebuild policy from %s" % newroot_path())
> + # Ok, the modules are loaded, lets try to rebuild the policy
> + print("Attempting to rebuild policy from %s" % newroot_path())
>
> - curstore = selinux.selinux_getpolicytype()[1]
> + curstore = selinux.selinux_getpolicytype()[1]
>
> - handle = semanage.semanage_handle_create()
> - if not handle:
> - print("Could not create semanage handle", file=sys.stderr)
> - exit(1)
> + handle = semanage.semanage_handle_create()
> + if not handle:
> + print("Could not create semanage handle", file=sys.stderr)
> + exit(1)
>
> - semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
> + semanage.semanage_select_store(handle, curstore, semanage.SEMANAGE_CON_DIRECT)
>
> - if not semanage.semanage_is_managed(handle):
> - semanage.semanage_handle_destroy(handle)
> - print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
> - exit(1)
> + if not semanage.semanage_is_managed(handle):
> + semanage.semanage_handle_destroy(handle)
> + print("SELinux policy is not managed or store cannot be accessed.", file=sys.stderr)
> + exit(1)
>
> - rc = semanage.semanage_access_check(handle)
> - if rc < semanage.SEMANAGE_CAN_WRITE:
> - semanage.semanage_handle_destroy(handle)
> - print("Cannot write to policy store.", file=sys.stderr)
> - exit(1)
> + rc = semanage.semanage_access_check(handle)
> + if rc < semanage.SEMANAGE_CAN_WRITE:
> + semanage.semanage_handle_destroy(handle)
> + print("Cannot write to policy store.", file=sys.stderr)
> + exit(1)
>
> - rc = semanage.semanage_connect(handle)
> - if rc < 0:
> - semanage.semanage_handle_destroy(handle)
> - print("Could not establish semanage connection", file=sys.stderr)
> - exit(1)
> + rc = semanage.semanage_connect(handle)
> + if rc < 0:
> + semanage.semanage_handle_destroy(handle)
> + print("Could not establish semanage connection", file=sys.stderr)
> + exit(1)
>
> - semanage.semanage_set_rebuild(handle, 1)
> + semanage.semanage_set_rebuild(handle, 1)
>
> - rc = semanage.semanage_begin_transaction(handle)
> - if rc < 0:
> - semanage.semanage_handle_destroy(handle)
> - print("Could not begin transaction", file=sys.stderr)
> - exit(1)
> + rc = semanage.semanage_begin_transaction(handle)
> + if rc < 0:
> + semanage.semanage_handle_destroy(handle)
> + print("Could not begin transaction", file=sys.stderr)
> + exit(1)
>
> - rc = semanage.semanage_commit(handle)
> - if rc < 0:
> - print("Could not commit transaction", file=sys.stderr)
> + rc = semanage.semanage_commit(handle)
> + if rc < 0:
> + print("Could not commit transaction", file=sys.stderr)
>
> - semanage.semanage_handle_destroy(handle)
> + semanage.semanage_handle_destroy(handle)
>
>
> def oldroot_path():
> - return "%s/etc/selinux" % ROOT
> + return "%s/etc/selinux" % ROOT
>
>
> def oldstore_path(store):
> - return "%s/%s/modules/active" % (oldroot_path(), store)
> + return "%s/%s/modules/active" % (oldroot_path(), store)
>
>
> def oldmodules_path(store):
> - return "%s/modules" % oldstore_path(store)
> + return "%s/modules" % oldstore_path(store)
>
>
> def disabledmodules_path(store):
> - return "%s/disabled" % newmodules_path(store)
> + return "%s/disabled" % newmodules_path(store)
>
>
> def newroot_path():
> - return "%s%s" % (ROOT, PATH)
> + return "%s%s" % (ROOT, PATH)
>
>
> def newstore_path(store):
> - return "%s/%s/active" % (newroot_path(), store)
> + return "%s/%s/active" % (newroot_path(), store)
>
>
> def newmodules_path(store):
> - return "%s/modules" % newstore_path(store)
> + return "%s/modules" % newstore_path(store)
>
>
> def bottomdir_path(store):
> - return "%s/%s" % (newmodules_path(store), PRIORITY)
> + return "%s/%s" % (newmodules_path(store), PRIORITY)
>
>
> if __name__ == "__main__":
>
> - parser = OptionParser()
> - parser.add_option("-p", "--priority", dest="priority", default="100",
> - help="Set priority of modules in new store (default: 100)")
> - parser.add_option("-s", "--store", dest="store", default=None,
> - help="Store to read from and write to")
> - parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
> - help="Output debug information")
> - parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
> - help="Clean old modules directory after migrate (default: no)")
> - parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
> - help="Disable rebuilding policy after migration (default: no)")
> - parser.add_option("-P", "--path", dest="path",
> - help="Set path for the policy store (default: /var/lib/selinux)")
> - parser.add_option("-r", "--root", dest="root",
> - help="Set an alternative root for the migration (default: /)")
> -
> - (options, args) = parser.parse_args()
> -
> - DEBUG = options.debug
> - PRIORITY = options.priority
> - TYPE = options.store
> - CLEAN = options.clean
> - NOREBUILD = options.norebuild
> - PATH = options.path
> - if PATH is None:
> - PATH = "/var/lib/selinux"
> -
> - ROOT = options.root
> - if ROOT is None:
> - ROOT = ""
> -
> - # List of paths that go in the active 'root'
> - TOPPATHS = [
> - "commit_num",
> - "ports.local",
> - "interfaces.local",
> - "nodes.local",
> - "booleans.local",
> - "file_contexts.local",
> - "seusers",
> - "users.local",
> - "users_extra",
> - "users_extra.local",
> - "disable_dontaudit",
> - "preserve_tunables",
> - "policy.kern",
> - "file_contexts",
> - "homedir_template",
> - "pkeys.local",
> - "ibendports.local"]
> -
> - create_dir(newroot_path(), 0o755)
> -
> - stores = None
> - if TYPE is not None:
> - stores = [TYPE]
> - else:
> - stores = os.listdir(oldroot_path())
> -
> - # find stores in oldroot and migrate them to newroot if necessary
> - for store in stores:
> - if not os.path.isdir(oldmodules_path(store)):
> - # already migrated or not an selinux store
> - continue
> -
> - if os.path.isdir(newstore_path(store)):
> - # store has already been migrated, but old modules dir still exits
> - print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
> - continue
> -
> - migrate_store(store)
> -
> - if CLEAN is True:
> - def remove_error(function, path, execinfo):
> - print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
> - shutil.rmtree(oldmodules_path(store), onerror=remove_error)
> -
> - if NOREBUILD is False:
> - rebuild_policy()
> + parser = OptionParser()
> + parser.add_option("-p", "--priority", dest="priority", default="100",
> + help="Set priority of modules in new store (default: 100)")
> + parser.add_option("-s", "--store", dest="store", default=None,
> + help="Store to read from and write to")
> + parser.add_option("-d", "--debug", dest="debug", action="store_true", default=False,
> + help="Output debug information")
> + parser.add_option("-c", "--clean", dest="clean", action="store_true", default=False,
> + help="Clean old modules directory after migrate (default: no)")
> + parser.add_option("-n", "--norebuild", dest="norebuild", action="store_true", default=False,
> + help="Disable rebuilding policy after migration (default: no)")
> + parser.add_option("-P", "--path", dest="path",
> + help="Set path for the policy store (default: /var/lib/selinux)")
> + parser.add_option("-r", "--root", dest="root",
> + help="Set an alternative root for the migration (default: /)")
> +
> + (options, args) = parser.parse_args()
> +
> + DEBUG = options.debug
> + PRIORITY = options.priority
> + TYPE = options.store
> + CLEAN = options.clean
> + NOREBUILD = options.norebuild
> + PATH = options.path
> + if PATH is None:
> + PATH = "/var/lib/selinux"
> +
> + ROOT = options.root
> + if ROOT is None:
> + ROOT = ""
> +
> + # List of paths that go in the active 'root'
> + TOPPATHS = [
> + "commit_num",
> + "ports.local",
> + "interfaces.local",
> + "nodes.local",
> + "booleans.local",
> + "file_contexts.local",
> + "seusers",
> + "users.local",
> + "users_extra",
> + "users_extra.local",
> + "disable_dontaudit",
> + "preserve_tunables",
> + "policy.kern",
> + "file_contexts",
> + "homedir_template",
> + "pkeys.local",
> + "ibendports.local"]
> +
> + create_dir(newroot_path(), 0o755)
> +
> + stores = None
> + if TYPE is not None:
> + stores = [TYPE]
> + else:
> + stores = os.listdir(oldroot_path())
> +
> + # find stores in oldroot and migrate them to newroot if necessary
> + for store in stores:
> + if not os.path.isdir(oldmodules_path(store)):
> + # already migrated or not an selinux store
> + continue
> +
> + if os.path.isdir(newstore_path(store)):
> + # store has already been migrated, but old modules dir still exits
> + print("warning: Policy type %s has already been migrated, but modules still exist in the old store. Skipping store." % store, file=sys.stderr)
> + continue
> +
> + migrate_store(store)
> +
> + if CLEAN is True:
> + def remove_error(function, path, execinfo):
> + print("warning: Unable to remove old store modules directory %s. Cleaning failed." % oldmodules_path(store), file=sys.stderr)
> + shutil.rmtree(oldmodules_path(store), onerror=remove_error)
> +
> + if NOREBUILD is False:
> + rebuild_policy()
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-01-04 12:28 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-12-19 22:13 [PATCH 1/3] semanage_migrate_store: fix many Python linter warnings Nicolas Iooss
2018-12-19 22:13 ` [PATCH 2/3] semanage_migrate_store: remove unused loading of libsepol.so Nicolas Iooss
2018-12-19 22:13 ` [PATCH 3/3] semanage_migrate_store: switch to space indentation Nicolas Iooss
2019-01-04 12:28 ` Petr Lautrbach
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).