Re: First crack at argparse parser for semanage.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 4/20/2013 6:28 AM, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 04/19/2013 11:04 PM, David Quigley wrote:
On 04/18/2013 09:21, Daniel J Walsh wrote: On 04/18/2013 09:14 AM, David
Quigley wrote:
I posted this yesterday but sent it from the wrong account so its
probably in moderation.

Attached is my first crack at the argparse version of semanage. Right
now it just parses the command line and spits out the dictionary raw.
Please mess around with the command line and make sure that it
behaves how you would expect. Some of the names in the dictionary are
a bit weird and I'm having trouble getting sensible semantics for
fcontext -e but it should be parsing the command lines properly. Also
not all of the help text is in place yet. If you want to add some
help text either send it to me in an email or send me a patch and
I'll apply it to my repo. I still need to commit the latest changes
to my github account but once I do you should be able to get the same
file from my semanage-argparse repo on github. After we're sure that
the parsing works as we'd like and the help messages are sensible to
people I'll work on gluing this frontend back onto the seobject class
that semanage uses to do that actual policy store manipulations.
Someone pointed out that I have some spelling mistakes in there. I
will make sure to address them in the next version once I add more
help text.

Dave


-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux


David, Miroslav was working on something similar.

I think the big problem with this is going to be handling

Output local customizations semanage [ -S store ] -o [ output_file | - ]

Input local customizations semanage [ -S store ] -i [ input_file | - ]

Once we have this, we need to rewrite all of the man pages to be

semanage-fcontext, semanage-user, semanage-boolean ...



Quick question. What does the -E --extract flag do? Its listed under local
flags but I can't find reference to it in the man page for semanage.

Dave -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux

  semanage boolean -E
boolean -1 polyinstantiation_enabled
boolean -1 xguest_connect_network
boolean -1 xguest_mount_media
boolean -1 xguest_use_bluetooth

semanage fcontext -E
fcontext -a -f 'all files' -t etc_t '/usr/app/grid/product(/.*)?/log(/.*)?'
fcontext -a -e /opt/rh/devtoolset-2/root /

It will extract local customizations, in transaction format.  Very similar to
what -o does.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlFybdkACgkQrlYvE4MpobOV8wCeOCC+RkHcZEwHVy97ginySkle
a6cAnAimGVPsQpk5YvCf4w/oJO8g0Z84
=zL+l
-----END PGP SIGNATURE-----


Ok I'll change the text for that in the next patch.

I'm going to toss up the link to what I just did to see if people like how I'm handling the code. I'm not a python guru so I'm more than happy to have constructive criticism.

Dave
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux