[PATCH 1/2] python/semanage: explain why sepolicy is imported in a function

selinux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH 1/2] python/semanage: explain why sepolicy is imported in a function
@ 2019-01-05 15:45 Nicolas Iooss
  2019-01-05 15:45 ` [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it Nicolas Iooss
  0 siblings, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2019-01-05 15:45 UTC (permalink / raw)
  To: selinux

Importing modules inside functions is quite uncommon in Python. This is
nevertheless required with sepolicy because it loads the current SELinux
policy when it is imported (and raises ValueError when this fails).

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 python/semanage/semanage | 1 +
 1 file changed, 1 insertion(+)

diff --git a/python/semanage/semanage b/python/semanage/semanage
index 1cb136831422..49add51ec24e 100644
--- a/python/semanage/semanage
+++ b/python/semanage/semanage
@@ -83,6 +83,7 @@ class CheckRole(argparse.Action):
         if not newval:
             newval = []
         try:
+            # sepolicy tries to load the SELinux policy and raises ValueError if it fails.
             import sepolicy
             roles = sepolicy.get_all_roles()
         except ValueError:
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it
  2019-01-05 15:45 [PATCH 1/2] python/semanage: explain why sepolicy is imported in a function Nicolas Iooss
@ 2019-01-05 15:45 ` Nicolas Iooss
  2019-01-05 15:49   ` Nicolas Iooss
  0 siblings, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2019-01-05 15:45 UTC (permalink / raw)
  To: selinux

sepolgen testsuite reports the following warning on a system with
/etc/selinux/sepolgen.conf:

    .../src/./sepolgen/defaults.py:35: ResourceWarning: unclosed file
    <_io.TextIOWrapper name='/etc/selinux/sepolgen.conf' mode='r'
    encoding='UTF-8'>

Fix this by properly closing the file in PathChooser.__init__().

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 python/sepolgen/src/sepolgen/defaults.py | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/python/sepolgen/src/sepolgen/defaults.py b/python/sepolgen/src/sepolgen/defaults.py
index 199acfafe4cf..533a90412475 100644
--- a/python/sepolgen/src/sepolgen/defaults.py
+++ b/python/sepolgen/src/sepolgen/defaults.py
@@ -32,12 +32,13 @@ class PathChooser(object):
         self.config_pathname = pathname
         ignore = re.compile(r"^\s*(?:#.+)?$")
         consider = re.compile(r"^\s*(\w+)\s*=\s*(.+?)\s*$")
-        for lineno, line in enumerate(open(pathname)):
-            if ignore.match(line): continue
-            mo = consider.match(line)
-            if not mo:
-                raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
-            self.config[mo.group(1)] = mo.group(2)
+        with open(pathname, "r") as fd:
+            for lineno, line in enumerate(fd):
+                if ignore.match(line): continue
+                mo = consider.match(line)
+                if not mo:
+                    raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
+                self.config[mo.group(1)] = mo.group(2)
 
     # We're only exporting one useful function, so why not be a function
     def __call__(self, testfilename, pathset="SELINUX_DEVEL_PATH"):
-- 
2.20.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it
  2019-01-05 15:45 ` [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it Nicolas Iooss
@ 2019-01-05 15:49   ` Nicolas Iooss
  2019-01-07 11:59     ` Petr Lautrbach
  0 siblings, 1 reply; 4+ messages in thread
From: Nicolas Iooss @ 2019-01-05 15:49 UTC (permalink / raw)
  To: selinux

On Sat, Jan 5, 2019 at 4:46 PM Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>
> sepolgen testsuite reports the following warning on a system with
> /etc/selinux/sepolgen.conf:
>
>     .../src/./sepolgen/defaults.py:35: ResourceWarning: unclosed file
>     <_io.TextIOWrapper name='/etc/selinux/sepolgen.conf' mode='r'
>     encoding='UTF-8'>
>
> Fix this by properly closing the file in PathChooser.__init__().
>
> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>

Oops, I already sent this patch a few weeks ago with three over
patches but nobody has reviewed them. Should I merge it directly?

Nicolas

> ---
>  python/sepolgen/src/sepolgen/defaults.py | 13 +++++++------
>  1 file changed, 7 insertions(+), 6 deletions(-)
>
> diff --git a/python/sepolgen/src/sepolgen/defaults.py b/python/sepolgen/src/sepolgen/defaults.py
> index 199acfafe4cf..533a90412475 100644
> --- a/python/sepolgen/src/sepolgen/defaults.py
> +++ b/python/sepolgen/src/sepolgen/defaults.py
> @@ -32,12 +32,13 @@ class PathChooser(object):
>          self.config_pathname = pathname
>          ignore = re.compile(r"^\s*(?:#.+)?$")
>          consider = re.compile(r"^\s*(\w+)\s*=\s*(.+?)\s*$")
> -        for lineno, line in enumerate(open(pathname)):
> -            if ignore.match(line): continue
> -            mo = consider.match(line)
> -            if not mo:
> -                raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
> -            self.config[mo.group(1)] = mo.group(2)
> +        with open(pathname, "r") as fd:
> +            for lineno, line in enumerate(fd):
> +                if ignore.match(line): continue
> +                mo = consider.match(line)
> +                if not mo:
> +                    raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
> +                self.config[mo.group(1)] = mo.group(2)
>
>      # We're only exporting one useful function, so why not be a function
>      def __call__(self, testfilename, pathset="SELINUX_DEVEL_PATH"):
> --
> 2.20.1
>


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it
  2019-01-05 15:49   ` Nicolas Iooss
@ 2019-01-07 11:59     ` Petr Lautrbach
  0 siblings, 0 replies; 4+ messages in thread
From: Petr Lautrbach @ 2019-01-07 11:59 UTC (permalink / raw)
  To: selinux; +Cc: Nicolas Iooss

Nicolas Iooss <nicolas.iooss@m4x.org> writes:

> On Sat, Jan 5, 2019 at 4:46 PM Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>>
>> sepolgen testsuite reports the following warning on a system with
>> /etc/selinux/sepolgen.conf:
>>
>>     .../src/./sepolgen/defaults.py:35: ResourceWarning: unclosed file
>>     <_io.TextIOWrapper name='/etc/selinux/sepolgen.conf' mode='r'
>>     encoding='UTF-8'>
>>
>> Fix this by properly closing the file in PathChooser.__init__().
>>
>> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
>
> Oops, I already sent this patch a few weeks ago with three over
> patches but nobody has reviewed them. Should I merge it directly?
>
> Nicolas

Both patches merged. Thanks!


>
>> ---
>>  python/sepolgen/src/sepolgen/defaults.py | 13 +++++++------
>>  1 file changed, 7 insertions(+), 6 deletions(-)
>>
>> diff --git a/python/sepolgen/src/sepolgen/defaults.py b/python/sepolgen/src/sepolgen/defaults.py
>> index 199acfafe4cf..533a90412475 100644
>> --- a/python/sepolgen/src/sepolgen/defaults.py
>> +++ b/python/sepolgen/src/sepolgen/defaults.py
>> @@ -32,12 +32,13 @@ class PathChooser(object):
>>          self.config_pathname = pathname
>>          ignore = re.compile(r"^\s*(?:#.+)?$")
>>          consider = re.compile(r"^\s*(\w+)\s*=\s*(.+?)\s*$")
>> -        for lineno, line in enumerate(open(pathname)):
>> -            if ignore.match(line): continue
>> -            mo = consider.match(line)
>> -            if not mo:
>> -                raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
>> -            self.config[mo.group(1)] = mo.group(2)
>> +        with open(pathname, "r") as fd:
>> +            for lineno, line in enumerate(fd):
>> +                if ignore.match(line): continue
>> +                mo = consider.match(line)
>> +                if not mo:
>> +                    raise ValueError("%s:%d: line is not in key = value format" % (pathname, lineno+1))
>> +                self.config[mo.group(1)] = mo.group(2)
>>
>>      # We're only exporting one useful function, so why not be a function
>>      def __call__(self, testfilename, pathset="SELINUX_DEVEL_PATH"):
>> --
>> 2.20.1
>>

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2019-01-07 11:59 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-05 15:45 [PATCH 1/2] python/semanage: explain why sepolicy is imported in a function Nicolas Iooss
2019-01-05 15:45 ` [PATCH 2/2] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it Nicolas Iooss
2019-01-05 15:49   ` Nicolas Iooss
2019-01-07 11:59     ` Petr Lautrbach

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).