SELinux Archive on lore.kernel.org
 help / Atom feed
* [PATCH 1/2] python/semanage: explain why sepolicy is imported in a function
@ 2019-01-05 15:45 Nicolas Iooss
  2019-01-05 15:45 ` [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it Nicolas Iooss
  0 siblings, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2019-01-05 15:45 UTC (permalink / raw)
  To: selinux

Importing modules inside functions is quite uncommon in Python. This is
nevertheless required with sepolicy because it loads the current SELinux
policy when it is imported (and raises ValueError when this fails).

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 python/semanage/semanage | 1 +
 1 file changed, 1 insertion(+)

diff --git a/python/semanage/semanage b/python/semanage/semanage
index 1cb136831422..49add51ec24e 100644
--- a/python/semanage/semanage
+++ b/python/semanage/semanage
@@ -83,6 +83,7 @@ class CheckRole(argparse.Action):
         if not newval:
             newval = []
         try:
+            # sepolicy tries to load the SELinux policy and raises ValueError if it fails.
             import sepolicy
             roles = sepolicy.get_all_roles()
         except ValueError:
-- 
2.20.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it
  2019-01-05 15:45 [PATCH 1/2] python/semanage: explain why sepolicy is imported in a function Nicolas Iooss
@ 2019-01-05 15:45 ` Nicolas Iooss
  2019-01-05 15:49   ` Nicolas Iooss
  0 siblings, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2019-01-05 15:45 UTC (permalink / raw)
  To: selinux

sepolgen testsuite reports the following warning on a system with
/etc/selinux/sepolgen.conf:

    .../src/./sepolgen/defaults.py:35: ResourceWarning: unclosed file
    <_io.TextIOWrapper name='/etc/selinux/sepolgen.conf' mode='r'
    encoding='UTF-8'>

Fix this by properly closing the file in PathChooser.__init__().

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 python/sepolgen/src/sepolgen/defaults.py | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/python/sepolgen/src/sepolgen/defaults.py b/python/sepolgen/src/sepolgen/defaults.py
index 199acfafe4cf..533a90412475 100644
--- a/python/sepolgen/src/sepolgen/defaults.py
+++ b/python/sepolgen/src/sepolgen/defaults.py
@@ -32,12 +32,13 @@ class PathChooser(object):
         self.config_pathname = pathname
         ignore = re.compile(r"^\s*(?:#.+)?$")
         consider = re.compile(r"^\s*(\w+)\s*=\s*(.+?)\s*$")
-        for lineno, line in enumerate(open(pathname)):
-            if ignore.match(line): continue
-            mo = consider.match(line)
-            if not mo:
-                raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
-            self.config[mo.group(1)] = mo.group(2)
+        with open(pathname, "r") as fd:
+            for lineno, line in enumerate(fd):
+                if ignore.match(line): continue
+                mo = consider.match(line)
+                if not mo:
+                    raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
+                self.config[mo.group(1)] = mo.group(2)
 
     # We're only exporting one useful function, so why not be a function
     def __call__(self, testfilename, pathset="SELINUX_DEVEL_PATH"):
-- 
2.20.1


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it
  2019-01-05 15:45 ` [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it Nicolas Iooss
@ 2019-01-05 15:49   ` Nicolas Iooss
  2019-01-07 11:59     ` Petr Lautrbach
  0 siblings, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2019-01-05 15:49 UTC (permalink / raw)
  To: selinux

On Sat, Jan 5, 2019 at 4:46 PM Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>
> sepolgen testsuite reports the following warning on a system with
> /etc/selinux/sepolgen.conf:
>
>     .../src/./sepolgen/defaults.py:35: ResourceWarning: unclosed file
>     <_io.TextIOWrapper name='/etc/selinux/sepolgen.conf' mode='r'
>     encoding='UTF-8'>
>
> Fix this by properly closing the file in PathChooser.__init__().
>
> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>

Oops, I already sent this patch a few weeks ago with three over
patches but nobody has reviewed them. Should I merge it directly?

Nicolas

> ---
>  python/sepolgen/src/sepolgen/defaults.py | 13 +++++++------
>  1 file changed, 7 insertions(+), 6 deletions(-)
>
> diff --git a/python/sepolgen/src/sepolgen/defaults.py b/python/sepolgen/src/sepolgen/defaults.py
> index 199acfafe4cf..533a90412475 100644
> --- a/python/sepolgen/src/sepolgen/defaults.py
> +++ b/python/sepolgen/src/sepolgen/defaults.py
> @@ -32,12 +32,13 @@ class PathChooser(object):
>          self.config_pathname = pathname
>          ignore = re.compile(r"^\s*(?:#.+)?$")
>          consider = re.compile(r"^\s*(\w+)\s*=\s*(.+?)\s*$")
> -        for lineno, line in enumerate(open(pathname)):
> -            if ignore.match(line): continue
> -            mo = consider.match(line)
> -            if not mo:
> -                raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
> -            self.config[mo.group(1)] = mo.group(2)
> +        with open(pathname, "r") as fd:
> +            for lineno, line in enumerate(fd):
> +                if ignore.match(line): continue
> +                mo = consider.match(line)
> +                if not mo:
> +                    raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
> +                self.config[mo.group(1)] = mo.group(2)
>
>      # We're only exporting one useful function, so why not be a function
>      def __call__(self, testfilename, pathset="SELINUX_DEVEL_PATH"):
> --
> 2.20.1
>


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it
  2019-01-05 15:49   ` Nicolas Iooss
@ 2019-01-07 11:59     ` Petr Lautrbach
  0 siblings, 0 replies; 4+ messages in thread
From: Petr Lautrbach @ 2019-01-07 11:59 UTC (permalink / raw)
  To: selinux; +Cc: Nicolas Iooss

Nicolas Iooss <nicolas.iooss@m4x.org> writes:

> On Sat, Jan 5, 2019 at 4:46 PM Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>>
>> sepolgen testsuite reports the following warning on a system with
>> /etc/selinux/sepolgen.conf:
>>
>>     .../src/./sepolgen/defaults.py:35: ResourceWarning: unclosed file
>>     <_io.TextIOWrapper name='/etc/selinux/sepolgen.conf' mode='r'
>>     encoding='UTF-8'>
>>
>> Fix this by properly closing the file in PathChooser.__init__().
>>
>> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
>
> Oops, I already sent this patch a few weeks ago with three over
> patches but nobody has reviewed them. Should I merge it directly?
>
> Nicolas

Both patches merged. Thanks!


>
>> ---
>>  python/sepolgen/src/sepolgen/defaults.py | 13 +++++++------
>>  1 file changed, 7 insertions(+), 6 deletions(-)
>>
>> diff --git a/python/sepolgen/src/sepolgen/defaults.py b/python/sepolgen/src/sepolgen/defaults.py
>> index 199acfafe4cf..533a90412475 100644
>> --- a/python/sepolgen/src/sepolgen/defaults.py
>> +++ b/python/sepolgen/src/sepolgen/defaults.py
>> @@ -32,12 +32,13 @@ class PathChooser(object):
>>          self.config_pathname = pathname
>>          ignore = re.compile(r"^\s*(?:#.+)?$")
>>          consider = re.compile(r"^\s*(\w+)\s*=\s*(.+?)\s*$")
>> -        for lineno, line in enumerate(open(pathname)):
>> -            if ignore.match(line): continue
>> -            mo = consider.match(line)
>> -            if not mo:
>> -                raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
>> -            self.config[mo.group(1)] = mo.group(2)
>> +        with open(pathname, "r") as fd:
>> +            for lineno, line in enumerate(fd):
>> +                if ignore.match(line): continue
>> +                mo = consider.match(line)
>> +                if not mo:
>> +                    raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
>> +                self.config[mo.group(1)] = mo.group(2)
>>
>>      # We're only exporting one useful function, so why not be a function
>>      def __call__(self, testfilename, pathset="SELINUX_DEVEL_PATH"):
>> --
>> 2.20.1
>>

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, back to index

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-05 15:45 [PATCH 1/2] python/semanage: explain why sepolicy is imported in a function Nicolas Iooss
2019-01-05 15:45 ` [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it Nicolas Iooss
2019-01-05 15:49   ` Nicolas Iooss
2019-01-07 11:59     ` Petr Lautrbach

SELinux Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/selinux/0 selinux/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 selinux selinux/ https://lore.kernel.org/selinux \
		selinux@vger.kernel.org selinux@archiver.kernel.org
	public-inbox-index selinux


Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.selinux


AGPL code for this site: git clone https://public-inbox.org/ public-inbox