tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
platform_external_selinux/libselinux
History
Joshua Brindle 09836bf0c1 Author: Daniel J Walsh 
Email: dwalsh@redhat.com
Subject: Add restorecon and install methods for libselinux python bindings.
Date: Tue, 06 Jan 2009 10:31:04 -0500

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Daniel J Walsh wrote:
> Joshua Brindle wrote:
>> Daniel J Walsh wrote:
>> Luke Macken wrote restorecon and install functions used in Fedora
>> Infrastructure which can be used to install files with the proper
>> context and to fix the labels of files/directories without having to
>> exec restorecon.
>
>> diff --exclude-from=exclude -N -u -r
>> nsalibselinux/src/selinuxswig_python.i
>> libselinux-2.0.75/src/selinuxswig_python.i
>> --- nsalibselinux/src/selinuxswig_python.i    2008-08-28
>> 09:34:24.000000000 -0400
>> +++ libselinux-2.0.75/src/selinuxswig_python.i    2008-11-14
>> 17:09:50.000000000 -0500
>> @@ -6,6 +6,32 @@
>>     #include "selinux/selinux.h"
>> %}
>
>> +%pythoncode %{
>> +
>> +import shutil, os
>> +
>> +def restorecon(path, recursive=False):
>> +    """ Restore SELinux context on a given path """
>> +    mode = os.stat(path)[stat.ST_MODE]
>
>> stat doesn't exist here, perhaps he meant mode?
>
>> +    status, context = matchpathcon(path, mode)
>> +    if status == 0:
>> +        lsetfilecon(path, context)
>> +        if recursive:
>> +            os.path.walk(path, lambda arg, dirname, fnames:
>> +                             map(restorecon, [os.path.join(dirname, fname)
>> +                              s                for fname in fnames]),
>> None)
>
>> typo, the s causes a syntax error
>
>> +
>> +def copytree(src, dest):
>> +    """ An SELinux-friendly shutil.copytree method """
>> +    shutil.copytree(src, dest)
>> +    restorecon(dest, recursive=True)
>> +
>> +def install(src, dest):
>> +    """ An SELinux-friendly shutil.move method """
>> +    shutil.move(src, dest)
>> +    restorecon(dest, recursive=True)
>> +%}
>> +
>> /* security_get_boolean_names() typemap */
>> %typemap(argout) (char ***names, int *len) {
>>     PyObject* list = PyList_New(*$2);
>
>> This patch doesn't appear correct, I'll fix the things above, have you
>> been testing this at all?
>
> Must have sent you a bad patch.
>
>
> This is what the current patch looks like.
>
And this is still broken.

One more fix.

+    mode = os.stat(path)[stat.ST_MODE]
should be
+    mode = os.lstat(path)[stat.ST_MODE]

Modified to remove copytree and install functions

Signed-off-by: Joshua Brindle <method@manicmethod.com>
2009-01-12 10:34:01 -05:00
..
include Add config path function for secolor.conf file. 2009-01-02 16:15:58 -05:00
man Author: Daniel J Walsh 2008-10-14 07:34:49 -04:00
src Author: Daniel J Walsh 2009-01-12 10:34:01 -05:00
utils Author: Daniel J Walsh 2008-10-14 07:33:19 -04:00
ChangeLog Bump libselinux to 2.0.75 2008-11-18 18:59:20 -05:00
LICENSE initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
VERSION Bump libselinux to 2.0.75 2008-11-18 18:59:20 -05:00