On Fri, May 05, 2017 at 02:27:05PM -0400, Karl MacMillan wrote: > I’d like to announce SPAN - SELinux Policy Analysis Notebook > (https://github.com/QuarkSecurity/SPAN/ > <https://github.com/QuarkSecurity/SPAN/>). This is a Jupyter notebook based > environment for SELinux policy analysis that let’s you mix queries, Python > code, and Markdown formatted notes into an executable document. It’s an > extension of SETools 4. > > Using SPAN within Jupyter notebook is an amazingly productive way to do > policy analysis. I really think that this is the most productive environment > that I’ve seen for real policy analysis (and I’ve been working on SELinux > policy analysis and tools for almost 15 years). The ability to quickly create > custom tools to answer hard questions combined inline with well-formatted > documentation makes a huge difference. > > SPAN has been used so far to analyze 3 large, complex, custom systems with > very large policies (hundreds of custom domains). The analysis was of much > better quality and it took much less time because of SPAN. > > If you just want to see what this looks like, you can see an example online > (though the code is not executable): > > https://nbviewer.jupyter.org/github/QuarkSecurity/SPAN/blob/master/examples/Span%20Example.ipynb# > > <https://nbviewer.jupyter.org/github/QuarkSecurity/SPAN/blob/master/examples/Span%20Example.ipynb#> > > If you’ve not seen Jupyter notebooks, they are a very popular tool for data > science. Jupyter notebooks are an interactive environment that let you write > text (in Markdown) and code together. You can get a feel for what's possible > in this awesome notebook on Regex Golf from XKCD: > http://nbviewer.jupyter.org/url/norvig.com/ipython/xkcd1313.ipynb > <http://nbviewer.jupyter.org/url/norvig.com/ipython/xkcd1313.ipynb>. There is > also the more official (and boring) introduction: > https://jupyter-notebook-beginner-guide.readthedocs.io/en/latest/ > <https://jupyter-notebook-beginner-guide.readthedocs.io/en/latest/>. > > SPAN was written by me (Karl MacMillan) along with Spencer Shimko and Brandon > Whalen from Quark Security. And, of course, this is built on SETools 4 which > is maintained by Chris PeBinito. > > Thanks - Karl
Nice! Unfornately i could not, which my limited capacity, get it to work. Here is what i tried: Fedora 26 (alpha): sudo dnf install setools setools-console libselinux-python3 pandoc which git clone https://github.com/quarcksecurity/span && cd span && pip3 install . --user cd examples && jupyter-notebook As soon as i try to run any "cell" or do "restart kernel and run all cells" it throws stack traces about "ModuleNotFoundError" (import span as se" and "from sh import pandoc" All the stuff seems to be installed properly in ~/.local/lib/python3.6/site-packages, and the stack traces do refer to the proper paths suchs as for example: "/home/joe/.local/lib/python3.6/site-packages/span/domain_summary_to_word.py in <module> ()" -- Key fingerprint = 5F4D 3CDB D3F8 3652 FBD8 02D5 3B6C 5F1D 2C7B 6B02 https://sks-keyservers.net/pks/lookup?op=get&search=0x3B6C5F1D2C7B6B02 Dominick Grift
signature.asc
Description: PGP signature
