-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Joshua Brindle wrote:
> Daniel J Walsh wrote:
> Luke Macken wrote restorecon and install functions used in Fedora
> Infrastructure which can be used to install files with the proper
> context and to fix the labels of files/directories without having to
> exec restorecon.
> diff --exclude-from=exclude -N -u -r
> nsalibselinux/src/selinuxswig_python.i
> libselinux-2.0.75/src/selinuxswig_python.i
> --- nsalibselinux/src/selinuxswig_python.i 2008-08-28
> 09:34:24.000000000 -0400
> +++ libselinux-2.0.75/src/selinuxswig_python.i 2008-11-14
> 17:09:50.000000000 -0500
> @@ -6,6 +6,32 @@
> #include "selinux/selinux.h"
> %}
> +%pythoncode %{
> +
> +import shutil, os
> +
> +def restorecon(path, recursive=False):
> + """ Restore SELinux context on a given path """
> + mode = os.stat(path)[stat.ST_MODE]
> stat doesn't exist here, perhaps he meant mode?
> + status, context = matchpathcon(path, mode)
> + if status == 0:
> + lsetfilecon(path, context)
> + if recursive:
> + os.path.walk(path, lambda arg, dirname, fnames:
> + map(restorecon, [os.path.join(dirname, fname)
> + s for fname in fnames]),
> None)
> typo, the s causes a syntax error
> +
> +def copytree(src, dest):
> + """ An SELinux-friendly shutil.copytree method """
> + shutil.copytree(src, dest)
> + restorecon(dest, recursive=True)
> +
> +def install(src, dest):
> + """ An SELinux-friendly shutil.move method """
> + shutil.move(src, dest)
> + restorecon(dest, recursive=True)
> +%}
> +
> /* security_get_boolean_names() typemap */
> %typemap(argout) (char ***names, int *len) {
> PyObject* list = PyList_New(*$2);
> This patch doesn't appear correct, I'll fix the things above, have you
> been testing this at all?
Must have sent you a bad patch.
This is what the current patch looks like.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iEYEARECAAYFAkljdt8ACgkQrlYvE4MpobMzpQCg5USqSeTJzdPipICo1MVwKn/c
sz0An2fm7yc8T1my5y3Zi4kzIQP2OStQ
=oQ4y
-----END PGP SIGNATURE-----
diff --exclude-from=exclude -N -u -r nsalibselinux/src/selinuxswig_python.i libselinux-2.0.76/src/selinuxswig_python.i
--- nsalibselinux/src/selinuxswig_python.i 2008-08-28 09:34:24.000000000 -0400
+++ libselinux-2.0.76/src/selinuxswig_python.i 2008-12-02 09:14:48.000000000 -0500
@@ -6,6 +6,32 @@
#include "selinux/selinux.h"
%}
+%pythoncode %{
+
+import shutil, os, stat
+
+def restorecon(path, recursive=False):
+ """ Restore SELinux context on a given path """
+ mode = os.stat(path)[stat.ST_MODE]
+ status, context = matchpathcon(path, mode)
+ if status == 0:
+ lsetfilecon(path, context)
+ if recursive:
+ os.path.walk(path, lambda arg, dirname, fnames:
+ map(restorecon, [os.path.join(dirname, fname)
+ for fname in fnames]), None)
+
+def copytree(src, dest):
+ """ An SELinux-friendly shutil.copytree method """
+ shutil.copytree(src, dest)
+ restorecon(dest, recursive=True)
+
+def install(src, dest):
+ """ An SELinux-friendly shutil.move method """
+ shutil.move(src, dest)
+ restorecon(dest, recursive=True)
+%}
+
/* security_get_boolean_names() typemap */
%typemap(argout) (char ***names, int *len) {
PyObject* list = PyList_New(*$2);
Attachment:
libselinux-rhat.patch.sig
Description: Binary data
