Re: [PATCH 1/2] Use selinux python module for file context operations.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Both look good, ack.

On 12/06/2009 11:45 PM, David Lehman wrote:

---
  isys/isys.py          |   13 ++++++++++---
  storage/formats/fs.py |   10 ++++++----
  2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/isys/isys.py b/isys/isys.py
index 338ca26..12659bb 100755
--- a/isys/isys.py
+++ b/isys/isys.py
@@ -37,6 +37,7 @@ import re
  import struct
  import block
  import dbus
+import selinux

  import logging
  log = logging.getLogger("anaconda")
@@ -602,15 +603,21 @@ def getIPAddress(dev):
  ## Get the correct context for a file from loaded policy.
  # @param fn The filename to query.
  def matchPathContext(fn):
-    return _isys.matchPathContext(fn)
+    con = None
+    try:
+        con = selinux.matchpathcon(os.path.normpath(fn), 0)[1]
+    except OSError:
+        log.info("failed to get default SELinux context for %s" % f)
+    return con

  ## Set the SELinux file context of a file
  # @param fn The filename to fix.
  # @param con The context to use.
  # @param instroot An optional root filesystem to look under for fn.
  def setFileContext(fn, con, instroot = '/'):
-    if con is not None and os.access("%s/%s" % (instroot, fn), os.F_OK):
-        return (_isys.setFileContext(fn, con, instroot) != 0)
+    full_path = os.path.normpath("%s/%s" % (instroot, fn))
+    if con is not None and os.access(full_path, os.F_OK):
+        return (selinux.lsetfilecon(full_path, con) != 0)
      return False

  ## Restore the SELinux file context of a file to its default.
diff --git a/storage/formats/fs.py b/storage/formats/fs.py
index 7778ba5..67e9b38 100644
--- a/storage/formats/fs.py
+++ b/storage/formats/fs.py
@@ -30,6 +30,7 @@
  import math
  import os
  import tempfile
+import selinux
  import isys

  from ..errors import *
@@ -47,6 +48,10 @@ log = logging.getLogger("storage")
  import gettext
  _ = lambda x: gettext.ldgettext("anaconda", x)

+try:
+    lost_and_found_context = selinux.matchpathcon("/lost+found", 0)[1]
+except OSError:
+    lost_and_found_context = None

  fs_configs = {}

@@ -121,7 +126,6 @@ class FS(DeviceFormat):
      _defaultInfoOptions = []
      _migrationTarget = None
      _existingSizeFields = []
-    lostAndFoundContext = None

      def __init__(self, *args, **kwargs):
          """ Create a FS instance.
@@ -604,10 +608,8 @@ class FS(DeviceFormat):
              ret = isys.resetFileContext(mountpoint, chroot)
              log.info("set SELinux context for newly mounted filesystem "
                       "root at %s to %s" %(mountpoint, ret))
-            if self.lostAndFoundContext is None:
-                self.lostAndFoundContext = isys.matchPathContext("/lost+found")
              isys.setFileContext("%s/lost+found" % mountpoint,
-                                self.lostAndFoundContext, chroot)
+                                lost_and_found_context, chroot)

          self._mountpoint = chrootedMountpoint



_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
[Index of Archives]     [Kickstart]     [Fedora Users]     [Fedora Legacy List]     [Fedora Maintainers]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]
  Powered by Linux