-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk7dHKYACgkQrlYvE4MpobP/CwCguJEsWuwzHm/kIYZN2+HnZUKV
CAYAnRF6ejZca1XXBSImIBEDyahCmGvw
=b3KF
-----END PGP SIGNATURE-----
>From a5882e3762935c191b78dd13b4c8af3b56fae236 Mon Sep 17 00:00:00 2001
From: Dan Walsh <dwalsh@xxxxxxxxxx>
Date: Wed, 9 Nov 2011 16:30:23 -0500
Subject: [PATCH 29/48] policycoreutils: sandbox: do not try forever to find
available category set
We calculate the number of available legit category sets for a given
user and then try to find one that many times. If we don't find one,
bail out.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
policycoreutils/sandbox/sandbox | 12 ++++++++++--
1 files changed, 10 insertions(+), 2 deletions(-)
diff --git a/policycoreutils/sandbox/sandbox b/policycoreutils/sandbox/sandbox
index 55a4dab..f2681ce 100644
--- a/policycoreutils/sandbox/sandbox
+++ b/policycoreutils/sandbox/sandbox
@@ -134,7 +134,12 @@ def get_range():
def gen_mcs():
low, high = get_range()
- while True:
+ level = None
+ ctr = 0
+ total = high-low
+ total = (total * (total - 1))/2
+ while ctr < total:
+ ctr += 1
i1 = random.randrange(low, high)
i2 = random.randrange(low, high)
if i1 == i2:
@@ -149,7 +154,10 @@ def gen_mcs():
except socket.error:
continue
break
- return level
+ if level:
+ return level
+ raise ValueError(_("Failed to find any unused categories"))
+
def fullpath(cmd):
for i in [ "/", "./", "../" ]:
--
1.7.7.4
