On Fri, Oct 04, 2013 at 07:38:32AM -0400, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 10/02/2013 10:56 AM, Leonidas S. Barbosa wrote: > > > > Hi, > > > > this is my first participation here, not sure I'd introduce myself, but > > anyway, I'd like to colaborate with some pieces of code in SElinux, and > > these are my first attempt to. > > > > 1) In semanage file (policycoreutils/semanage/semanage) I saw that 'import > > selinux' and selinux module is not used in any place. Is it really need? > > > Nope, probably used to be used. I will remove it. > > 2) still in semanage file I could notice that there are assignments to a > > variable called 'object', object is also a Python keyword/global variable > > used to create class. Wondering if it can not mess up the things in the > > future? My suggest is change 'object' to '__object'. > > > Sure send a patch. > > 3) I also realized that almost of the code is not compliant with PEP08, is > > there any code style to follow in order to colaborate with these .py ? > > > > In case of these ^ points (1) and (2 ) be accepted, I can send the > > patches. > > > > > > Regarding sepolicy, I had a discussions with Daniel about a new > > tool/feature that will be responsible to link an unix user to a SElinux > > admin user. I start to digging into sepolicy code to understand more about > > what it does, since sepolicy will be/is the tool responsible to create > > policies and new roles/admin roles. Once is through these admin roles, e.g. > > logadm_r, that a SElinux admin is created, I was wondering if that linker > > feature fits in sepolicy or if should be a separated tool, would like to > > have thoughts about that. > > > I think we should just use sepolicy to create the policy file (te, if, fc) > files and then use the Makefile and semodule to install the policy. I guess > we could shell out to these commands to do the install. But I would like the > admin to know what the tool is doing, so he could reedit the te file if necessary. > So the better is have a separate tool here to link these admin SElinux against UNIX login. > sepolicy generate is the tool we use mainly to generate policy based on templates. > > One of my goals for Fedora 21 is to move the entire tool chain to Python3, so > we need to become more careful on the coding standards. If you want to submit > patches to clean this up it would be great. Cool, by tool chain you mean policycoreutils, right? And regarding what code work, upstream code I believe, but what about the intervel to fedora patches be applied into upstream. Just looking for the ideal scenario here, work with fedora patches applied to upstream code. > > > > > Thanks in advance, Leonidas. > > > > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx > > https://admin.fedoraproject.org/mailman/listinfo/selinux > > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.14 (GNU/Linux) > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iEYEARECAAYFAlJOqLgACgkQrlYvE4MpobOkLwCfY0l7wHNjdEVW7r0rQumOKQFc > SQIAnjTxQrdJ6pw8QTc2l5BdJ9BKeTJi > =ViOb > -----END PGP SIGNATURE----- > -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
