[PATCH 1/2] Use selinux python module for file context operations.

David Lehman <dlehman@xxxxxxxxxx> · Sun, 6 Dec 2009 17:45:38 -0500

---
 isys/isys.py          |   13 ++++++++++---
 storage/formats/fs.py |   10 ++++++----
 2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/isys/isys.py b/isys/isys.py
index 338ca26..12659bb 100755
--- a/isys/isys.py
+++ b/isys/isys.py
@@ -37,6 +37,7 @@ import re
 import struct
 import block
 import dbus
+import selinux
 
 import logging
 log = logging.getLogger("anaconda")
@@ -602,15 +603,21 @@ def getIPAddress(dev):
 ## Get the correct context for a file from loaded policy.
 # @param fn The filename to query.
 def matchPathContext(fn):
-    return _isys.matchPathContext(fn)
+    con = None
+    try:
+        con = selinux.matchpathcon(os.path.normpath(fn), 0)[1]
+    except OSError:
+        log.info("failed to get default SELinux context for %s" % f)
+    return con
 
 ## Set the SELinux file context of a file
 # @param fn The filename to fix.
 # @param con The context to use.
 # @param instroot An optional root filesystem to look under for fn.
 def setFileContext(fn, con, instroot = '/'):
-    if con is not None and os.access("%s/%s" % (instroot, fn), os.F_OK):
-        return (_isys.setFileContext(fn, con, instroot) != 0)
+    full_path = os.path.normpath("%s/%s" % (instroot, fn))
+    if con is not None and os.access(full_path, os.F_OK):
+        return (selinux.lsetfilecon(full_path, con) != 0)
     return False
 
 ## Restore the SELinux file context of a file to its default.
diff --git a/storage/formats/fs.py b/storage/formats/fs.py
index 7778ba5..67e9b38 100644
--- a/storage/formats/fs.py
+++ b/storage/formats/fs.py
@@ -30,6 +30,7 @@
 import math
 import os
 import tempfile
+import selinux
 import isys
 
 from ..errors import *
@@ -47,6 +48,10 @@ log = logging.getLogger("storage")
 import gettext
 _ = lambda x: gettext.ldgettext("anaconda", x)
 
+try:
+    lost_and_found_context = selinux.matchpathcon("/lost+found", 0)[1]
+except OSError:
+    lost_and_found_context = None
 
 fs_configs = {}
 
@@ -121,7 +126,6 @@ class FS(DeviceFormat):
     _defaultInfoOptions = []
     _migrationTarget = None
     _existingSizeFields = []
-    lostAndFoundContext = None
 
     def __init__(self, *args, **kwargs):
         """ Create a FS instance.
@@ -604,10 +608,8 @@ class FS(DeviceFormat):
             ret = isys.resetFileContext(mountpoint, chroot)
             log.info("set SELinux context for newly mounted filesystem "
                      "root at %s to %s" %(mountpoint, ret))
-            if self.lostAndFoundContext is None:
-                self.lostAndFoundContext = isys.matchPathContext("/lost+found")
             isys.setFileContext("%s/lost+found" % mountpoint,
-                                self.lostAndFoundContext, chroot)
+                                lost_and_found_context, chroot)
 
         self._mountpoint = chrootedMountpoint
 
-- 
1.6.5.2

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list




