Re: [PATCH 1/1] sepolicy: do not fail when file_contexts.local or .subs do not exist

2017-09-19 Thread Nicolas Iooss 
On Tue, Sep 19, 2017 at 1:01 AM, William Roberts
 wrote:
> On Mon, Sep 18, 2017 at 3:59 PM, William Roberts
>  wrote:
>> On Mon, Sep 18, 2017 at 2:32 PM, Nicolas Iooss  wrote:
>>>
>>> On a system without any file context customizations, "sepolicy gui"
>>> fails to load because it tries to read a non-existent file:
>>>
>>> FileNotFoundError: [Errno 2] No such file or directory:
>>> '/etc/selinux/refpolicy-git/contexts/files/file_contexts.local'
>>>
>>> Once this issue is fixed, another one is triggered:
>>>
>>> FileNotFoundError: [Errno 2] No such file or directory:
>>> '/etc/selinux/refpolicy-git/contexts/files/file_contexts.subs
>>>
>>> Use os.path.exists() to prevent trying to open non-existent files.
>>>
>>> Signed-off-by: Nicolas Iooss 
>>> ---
>>>  python/sepolicy/sepolicy/__init__.py | 4 
>>>  1 file changed, 4 insertions(+)
>>>
>>> diff --git a/python/sepolicy/sepolicy/__init__.py 
>>> b/python/sepolicy/sepolicy/__init__.py
>>> index 03742346caf0..14d2ad634d7d 100644
>>> --- a/python/sepolicy/sepolicy/__init__.py
>>> +++ b/python/sepolicy/sepolicy/__init__.py
>>> @@ -523,6 +523,8 @@ def find_entrypoint_path(exe, exclude_list=[]):
>>>
>>>
>>>  def read_file_equiv(edict, fc_path, modify):
>>> +if not os.path.exists(fc_path):
>>> +return edict
>>>  fd = open(fc_path, "r")
>>>  fc = fd.readlines()
>>>  fd.close()
>>> @@ -555,6 +557,8 @@ def 
>>> get_local_file_paths(fc_path=selinux.selinux_file_context_path()):
>>>  if local_files:
>>>  return local_files
>>>  local_files = []
>>> +if not os.path.exists(fc_path + ".local"):
>>> +return []
>>>  fd = open(fc_path + ".local", "r")
>>
>> Why not use Try/Except here with a pass here?
>
> Wouldn't be a pass... but you get the idea.

It modifies more lines, but as you suggested it I will send a v2 which
uses try/except. In order to keep the code compatible with Python 2,
it will be "except OSError" + errno checking to silently skip
non-existing file.
>
>> While you're at it, maybe update this to use a with
>> statement. instead of an explicit close call.
>>>  fc = fd.readlines()
>>>  fd.close()

I will do it. Thanks for you suggestions.

Nicolas

Re: [PATCH 1/1] sepolicy: do not fail when file_contexts.local or .subs do not exist

2017-09-18 Thread William Roberts 
On Mon, Sep 18, 2017 at 3:59 PM, William Roberts
 wrote:
> On Mon, Sep 18, 2017 at 2:32 PM, Nicolas Iooss  wrote:
>>
>> On a system without any file context customizations, "sepolicy gui"
>> fails to load because it tries to read a non-existent file:
>>
>> FileNotFoundError: [Errno 2] No such file or directory:
>> '/etc/selinux/refpolicy-git/contexts/files/file_contexts.local'
>>
>> Once this issue is fixed, another one is triggered:
>>
>> FileNotFoundError: [Errno 2] No such file or directory:
>> '/etc/selinux/refpolicy-git/contexts/files/file_contexts.subs
>>
>> Use os.path.exists() to prevent trying to open non-existent files.
>>
>> Signed-off-by: Nicolas Iooss 
>> ---
>>  python/sepolicy/sepolicy/__init__.py | 4 
>>  1 file changed, 4 insertions(+)
>>
>> diff --git a/python/sepolicy/sepolicy/__init__.py 
>> b/python/sepolicy/sepolicy/__init__.py
>> index 03742346caf0..14d2ad634d7d 100644
>> --- a/python/sepolicy/sepolicy/__init__.py
>> +++ b/python/sepolicy/sepolicy/__init__.py
>> @@ -523,6 +523,8 @@ def find_entrypoint_path(exe, exclude_list=[]):
>>
>>
>>  def read_file_equiv(edict, fc_path, modify):
>> +if not os.path.exists(fc_path):
>> +return edict
>>  fd = open(fc_path, "r")
>>  fc = fd.readlines()
>>  fd.close()
>> @@ -555,6 +557,8 @@ def 
>> get_local_file_paths(fc_path=selinux.selinux_file_context_path()):
>>  if local_files:
>>  return local_files
>>  local_files = []
>> +if not os.path.exists(fc_path + ".local"):
>> +return []
>>  fd = open(fc_path + ".local", "r")
>
> Why not use Try/Except here with a pass here?

Wouldn't be a pass... but you get the idea.

> While you're at it, maybe update this to use a with
> statement. instead of an explicit close call.
>>  fc = fd.readlines()
>>  fd.close()
>> --
>> 2.14.1
>>

Re: [PATCH 1/1] sepolicy: do not fail when file_contexts.local or .subs do not exist

2017-09-18 Thread William Roberts 
On Mon, Sep 18, 2017 at 2:32 PM, Nicolas Iooss  wrote:
>
> On a system without any file context customizations, "sepolicy gui"
> fails to load because it tries to read a non-existent file:
>
> FileNotFoundError: [Errno 2] No such file or directory:
> '/etc/selinux/refpolicy-git/contexts/files/file_contexts.local'
>
> Once this issue is fixed, another one is triggered:
>
> FileNotFoundError: [Errno 2] No such file or directory:
> '/etc/selinux/refpolicy-git/contexts/files/file_contexts.subs
>
> Use os.path.exists() to prevent trying to open non-existent files.
>
> Signed-off-by: Nicolas Iooss 
> ---
>  python/sepolicy/sepolicy/__init__.py | 4 
>  1 file changed, 4 insertions(+)
>
> diff --git a/python/sepolicy/sepolicy/__init__.py 
> b/python/sepolicy/sepolicy/__init__.py
> index 03742346caf0..14d2ad634d7d 100644
> --- a/python/sepolicy/sepolicy/__init__.py
> +++ b/python/sepolicy/sepolicy/__init__.py
> @@ -523,6 +523,8 @@ def find_entrypoint_path(exe, exclude_list=[]):
>
>
>  def read_file_equiv(edict, fc_path, modify):
> +if not os.path.exists(fc_path):
> +return edict
>  fd = open(fc_path, "r")
>  fc = fd.readlines()
>  fd.close()
> @@ -555,6 +557,8 @@ def 
> get_local_file_paths(fc_path=selinux.selinux_file_context_path()):
>  if local_files:
>  return local_files
>  local_files = []
> +if not os.path.exists(fc_path + ".local"):
> +return []
>  fd = open(fc_path + ".local", "r")

Why not use Try/Except here with a pass here?
While you're at it, maybe update this to use a with
statement. instead of an explicit close call.
>  fc = fd.readlines()
>  fd.close()
> --
> 2.14.1
>