-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 04/19/2013 11:04 PM, David Quigley wrote: > On 04/18/2013 09:21, Daniel J Walsh wrote: On 04/18/2013 09:14 AM, David > Quigley wrote: >>>> I posted this yesterday but sent it from the wrong account so its >>>> probably in moderation. >>>> >>>> Attached is my first crack at the argparse version of semanage. Right >>>> now it just parses the command line and spits out the dictionary raw. >>>> Please mess around with the command line and make sure that it >>>> behaves how you would expect. Some of the names in the dictionary are >>>> a bit weird and I'm having trouble getting sensible semantics for >>>> fcontext -e but it should be parsing the command lines properly. Also >>>> not all of the help text is in place yet. If you want to add some >>>> help text either send it to me in an email or send me a patch and >>>> I'll apply it to my repo. I still need to commit the latest changes >>>> to my github account but once I do you should be able to get the same >>>> file from my semanage-argparse repo on github. After we're sure that >>>> the parsing works as we'd like and the help messages are sensible to >>>> people I'll work on gluing this frontend back onto the seobject class >>>> that semanage uses to do that actual policy store manipulations. >>>> Someone pointed out that I have some spelling mistakes in there. I >>>> will make sure to address them in the next version once I add more >>>> help text. >>>> >>>> Dave >>>> >>>> >>>> -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx >>>> https://admin.fedoraproject.org/mailman/listinfo/selinux >>>> > > David, Miroslav was working on something similar. > > I think the big problem with this is going to be handling > > Output local customizations semanage [ -S store ] -o [ output_file | - ] > > Input local customizations semanage [ -S store ] -i [ input_file | - ] > > Once we have this, we need to rewrite all of the man pages to be > > semanage-fcontext, semanage-user, semanage-boolean ... > > > > Quick question. What does the -E --extract flag do? Its listed under local > flags but I can't find reference to it in the man page for semanage. > > Dave -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > https://admin.fedoraproject.org/mailman/listinfo/selinux semanage boolean -E boolean -1 polyinstantiation_enabled boolean -1 xguest_connect_network boolean -1 xguest_mount_media boolean -1 xguest_use_bluetooth semanage fcontext -E fcontext -a -f 'all files' -t etc_t '/usr/app/grid/product(/.*)?/log(/.*)?' fcontext -a -e /opt/rh/devtoolset-2/root / It will extract local customizations, in transaction format. Very similar to what -o does. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlFybdkACgkQrlYvE4MpobOV8wCeOCC+RkHcZEwHVy97ginySkle a6cAnAimGVPsQpk5YvCf4w/oJO8g0Z84 =zL+l -----END PGP SIGNATURE----- -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
