[PATCH] policycoreutils: fix inaccurate description in sestatus

selinux.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] policycoreutils: fix inaccurate description in sestatus
@ 2020-07-21 11:25 Dominick Grift
  2020-07-21 11:38 ` Dominick Grift
  2020-07-21 13:08 ` Stephen Smalley
  0 siblings, 2 replies; 4+ messages in thread
From: Dominick Grift @ 2020-07-21 11:25 UTC (permalink / raw)
  To: selinux; +Cc: Dominick Grift

strdup(selinux_policy_root()) does not return a path that can be used to derive "Loaded policy name"
instead if returns a path that can be used to derive "Policy name from config file".

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
---
 policycoreutils/sestatus/sestatus.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/policycoreutils/sestatus/sestatus.c b/policycoreutils/sestatus/sestatus.c
index b37f0353..8b03b028 100644
--- a/policycoreutils/sestatus/sestatus.c
+++ b/policycoreutils/sestatus/sestatus.c
@@ -268,7 +268,7 @@ int main(int argc, char **argv)
 	free(root_path);
 
 	/* Dump all the path information */
-	printf_tab("Loaded policy name:");
+	printf_tab("Policy name from config file:");
 	pol_path = strdup(selinux_policy_root());
 	if (pol_path) {
 		pol_name = basename(pol_path);
-- 
2.27.0


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [PATCH] policycoreutils: fix inaccurate description in sestatus
  2020-07-21 11:25 [PATCH] policycoreutils: fix inaccurate description in sestatus Dominick Grift
@ 2020-07-21 11:38 ` Dominick Grift
  2020-07-21 13:08 ` Stephen Smalley
  1 sibling, 0 replies; 4+ messages in thread
From: Dominick Grift @ 2020-07-21 11:38 UTC (permalink / raw)
  To: selinux

Dominick Grift <dominick.grift@defensec.nl> writes:

> strdup(selinux_policy_root()) does not return a path that can be used to derive "Loaded policy name"
> instead if returns a path that can be used to derive "Policy name from config file".

Even though this seems like a nit, this issue was a bit embarrasing for
me in one of my video tutorials:

https://youtu.be/JsD8GLx_ZKA?t=1965

>
> Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
> ---
>  policycoreutils/sestatus/sestatus.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/policycoreutils/sestatus/sestatus.c b/policycoreutils/sestatus/sestatus.c
> index b37f0353..8b03b028 100644
> --- a/policycoreutils/sestatus/sestatus.c
> +++ b/policycoreutils/sestatus/sestatus.c
> @@ -268,7 +268,7 @@ int main(int argc, char **argv)
>  	free(root_path);
>  
>  	/* Dump all the path information */
> -	printf_tab("Loaded policy name:");
> +	printf_tab("Policy name from config file:");
>  	pol_path = strdup(selinux_policy_root());
>  	if (pol_path) {
>  		pol_name = basename(pol_path);

-- 
gpg --locate-keys dominick.grift@defensec.nl
Key fingerprint = FCD2 3660 5D6B 9D27 7FC6  E0FF DA7E 521F 10F6 4098
https://sks-keyservers.net/pks/lookup?op=get&search=0xDA7E521F10F64098
Dominick Grift

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] policycoreutils: fix inaccurate description in sestatus
  2020-07-21 11:25 [PATCH] policycoreutils: fix inaccurate description in sestatus Dominick Grift
  2020-07-21 11:38 ` Dominick Grift
@ 2020-07-21 13:08 ` Stephen Smalley
  2020-07-21 13:34   ` Dominick Grift
  1 sibling, 1 reply; 4+ messages in thread
From: Stephen Smalley @ 2020-07-21 13:08 UTC (permalink / raw)
  To: Dominick Grift; +Cc: SElinux list

On Tue, Jul 21, 2020 at 7:27 AM Dominick Grift
<dominick.grift@defensec.nl> wrote:
>
> strdup(selinux_policy_root()) does not return a path that can be used to derive "Loaded policy name"
> instead if returns a path that can be used to derive "Policy name from config file".
>
> Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>

My only concern with this is whether it might break scripts that
extract bits of information from sestatus output by matching on the
existing prefix, especially since it has been this way for a long time
(approaching 9 years?).  OTOH, it looks like it was labeled "Policy
from config file" prior to that commit.  No strong feelings either way
except that we don't want to break things for users unnecessarily.

> ---
>  policycoreutils/sestatus/sestatus.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/policycoreutils/sestatus/sestatus.c b/policycoreutils/sestatus/sestatus.c
> index b37f0353..8b03b028 100644
> --- a/policycoreutils/sestatus/sestatus.c
> +++ b/policycoreutils/sestatus/sestatus.c
> @@ -268,7 +268,7 @@ int main(int argc, char **argv)
>         free(root_path);
>
>         /* Dump all the path information */
> -       printf_tab("Loaded policy name:");
> +       printf_tab("Policy name from config file:");
>         pol_path = strdup(selinux_policy_root());
>         if (pol_path) {
>                 pol_name = basename(pol_path);
> --
> 2.27.0
>

^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] policycoreutils: fix inaccurate description in sestatus
  2020-07-21 13:08 ` Stephen Smalley
@ 2020-07-21 13:34   ` Dominick Grift
  0 siblings, 0 replies; 4+ messages in thread
From: Dominick Grift @ 2020-07-21 13:34 UTC (permalink / raw)
  To: Stephen Smalley; +Cc: SElinux list



On 7/21/20 3:08 PM, Stephen Smalley wrote:
> On Tue, Jul 21, 2020 at 7:27 AM Dominick Grift
> <dominick.grift@defensec.nl> wrote:
>>
>> strdup(selinux_policy_root()) does not return a path that can be used to derive "Loaded policy name"
>> instead if returns a path that can be used to derive "Policy name from config file".
>>
>> Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
> 
> My only concern with this is whether it might break scripts that
> extract bits of information from sestatus output by matching on the
> existing prefix, especially since it has been this way for a long time
> (approaching 9 years?).  OTOH, it looks like it was labeled "Policy
> from config file" prior to that commit.  No strong feelings either way
> except that we don't want to break things for users unnecessarily.

Thanks

I think I argee. pity that this slipped through the cracks in the first
place. Probably best to leave this be. I will just make a mental note
not to use sestatus in from of a camera to avoid embarrassment.

> 
>> ---
>>  policycoreutils/sestatus/sestatus.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/policycoreutils/sestatus/sestatus.c b/policycoreutils/sestatus/sestatus.c
>> index b37f0353..8b03b028 100644
>> --- a/policycoreutils/sestatus/sestatus.c
>> +++ b/policycoreutils/sestatus/sestatus.c
>> @@ -268,7 +268,7 @@ int main(int argc, char **argv)
>>         free(root_path);
>>
>>         /* Dump all the path information */
>> -       printf_tab("Loaded policy name:");
>> +       printf_tab("Policy name from config file:");
>>         pol_path = strdup(selinux_policy_root());
>>         if (pol_path) {
>>                 pol_name = basename(pol_path);
>> --
>> 2.27.0
>>

^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-07-21 13:35 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-21 11:25 [PATCH] policycoreutils: fix inaccurate description in sestatus Dominick Grift
2020-07-21 11:38 ` Dominick Grift
2020-07-21 13:08 ` Stephen Smalley
2020-07-21 13:34   ` Dominick Grift

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).