Daniel J Walsh wrote:
Luke Macken wrote restorecon and install functions used in Fedora
Infrastructure which can be used to install files with the proper
context and to fix the labels of files/directories without having to
exec restorecon.
diff --exclude-from=exclude -N -u -r
nsalibselinux/src/selinuxswig_python.i
libselinux-2.0.75/src/selinuxswig_python.i
--- nsalibselinux/src/selinuxswig_python.i 2008-08-28
09:34:24.000000000 -0400
+++ libselinux-2.0.75/src/selinuxswig_python.i 2008-11-14
17:09:50.000000000 -0500
@@ -6,6 +6,32 @@
#include "selinux/selinux.h"
%}
+%pythoncode %{
+
+import shutil, os
+
+def restorecon(path, recursive=False):
+ """ Restore SELinux context on a given path """
+ mode = os.stat(path)[stat.ST_MODE]
stat doesn't exist here, perhaps he meant mode?
+ status, context = matchpathcon(path, mode)
+ if status == 0:
+ lsetfilecon(path, context)
+ if recursive:
+ os.path.walk(path, lambda arg, dirname, fnames:
+ map(restorecon, [os.path.join(dirname, fname)
+ s for fname in fnames]),
None)
typo, the s causes a syntax error
+
+def copytree(src, dest):
+ """ An SELinux-friendly shutil.copytree method """
+ shutil.copytree(src, dest)
+ restorecon(dest, recursive=True)
+
+def install(src, dest):
+ """ An SELinux-friendly shutil.move method """
+ shutil.move(src, dest)
+ restorecon(dest, recursive=True)
+%}
+
/* security_get_boolean_names() typemap */
%typemap(argout) (char ***names, int *len) {
PyObject* list = PyList_New(*$2);
This patch doesn't appear correct, I'll fix the things above, have you
been testing this at all?
