[PATCH 1/2] sepolgen: Make sepolgen-ifgen output deterministic with Python>=3.3

Nicolas Iooss <nicolas.iooss@xxxxxxx> · Sat, 16 Jan 2016 12:33:08 +0100

Since Python 3.3, dictionary hashes are randomized and iterating over
them is no longer deterministic.  This makes it difficult to compare
outputs of sepolgen-ifgen command.

Make sepolgen-ifgen deterministic again with Python>=3.3 by always
sorting the dictonaries and sets which are used to produce output.

Signed-off-by: Nicolas Iooss <nicolas.iooss@xxxxxxx>
---
 sepolgen/src/sepolgen/access.py     | 2 +-
 sepolgen/src/sepolgen/interfaces.py | 6 +++---
 sepolgen/src/sepolgen/refpolicy.py  | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/sepolgen/src/sepolgen/access.py b/sepolgen/src/sepolgen/access.py
index 1f89ecde5fd9..a5d86982c0b1 100644
--- a/sepolgen/src/sepolgen/access.py
+++ b/sepolgen/src/sepolgen/access.py
@@ -128,7 +128,7 @@ class AccessVector(util.Comparison):
         is represented in a list.
         """
         l = [self.src_type, self.tgt_type, self.obj_class]
-        l.extend(self.perms)
+        l.extend(sorted(self.perms))
         return l
 
     def __str__(self):
diff --git a/sepolgen/src/sepolgen/interfaces.py b/sepolgen/src/sepolgen/interfaces.py
index 0b688bfd4072..48ae4f27a414 100644
--- a/sepolgen/src/sepolgen/interfaces.py
+++ b/sepolgen/src/sepolgen/interfaces.py
@@ -341,12 +341,12 @@ class InterfaceSet:
             self.output.write(str + "\n")
 
     def to_file(self, fd):
-        for iv in self.interfaces.values():
+        for iv in sorted(self.interfaces.values(), key=lambda x: x.name):
             fd.write("[InterfaceVector %s " % iv.name)
-            for param in iv.params.values():
+            for param in sorted(iv.params.values(), key=lambda x: x.name):
                 fd.write("%s:%s " % (param.name, refpolicy.field_to_str[param.type]))
             fd.write("]\n")
-            avl = iv.access.to_list()
+            avl = sorted(iv.access.to_list())
             for av in avl:
                 fd.write(",".join(av))
                 fd.write("\n")
diff --git a/sepolgen/src/sepolgen/refpolicy.py b/sepolgen/src/sepolgen/refpolicy.py
index 737f95624d48..31b40d8fee00 100644
--- a/sepolgen/src/sepolgen/refpolicy.py
+++ b/sepolgen/src/sepolgen/refpolicy.py
@@ -251,10 +251,10 @@ class IdSet(set):
         self.compliment = False
 
     def to_space_str(self):
-        return list_to_space_str(self)
+        return list_to_space_str(sorted(self))
 
     def to_comma_str(self):
-        return list_to_comma_str(self)
+        return list_to_comma_str(sorted(self))
 
 class SecurityContext(Leaf):
     """An SELinux security context with optional MCS / MLS fields."""
-- 
2.7.0

_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.






