On 11/07/2016 06:09 PM, Laurent Bigonville wrote:
> Le 07/11/16 à 22:13, Stephen Smalley a écrit :
>> On 11/07/2016 03:01 AM, Laurent Bigonville wrote:
>>> From: Laurent Bigonville <bigon@xxxxxxxx>
>>>
>>> sepolicy.info() now returns a generator, use next() to get the results.
>> This breaks sandbox for me,
>> $ /usr/bin/sandbox -X firefox
>> Traceback (most recent call last):
>> File "/usr/bin/sandbox", line 529, in <module>
>> rc = sandbox.main()
>> File "/usr/bin/sandbox", line 513, in main
>> self.__parse_options()
>> File "/usr/bin/sandbox", line 308, in __parse_options
>> """) % "\n\t".join(next(sepolicy.info(sepolicy.ATTRIBUTE,
>> "sandbox_type"))['types'])
>> TypeError: list object is not an iterator
>
> Which version of python and setools are you using?
I have installed setools4 from source, both running setup.py via python
and via python3 to install it for python 2.7 and python 3.5 (both are
installed on Fedora, with python referencing 2.7 by default). I have
likewise built and installed the selinux userspace with PYTHON=python
and with PYTHON=python3. I have tried running sandbox via python and via
python3, and it yields the same exception in both cases with your patch,
and works fine without your patch.
>>
>>> Signed-off-by: Laurent Bigonville <bigon@xxxxxxxx>
>>> ---
>>> policycoreutils/sandbox/sandbox | 8 ++++----
>>> 1 file changed, 4 insertions(+), 4 deletions(-)
>>>
>>> diff --git a/policycoreutils/sandbox/sandbox
>>> b/policycoreutils/sandbox/sandbox
>>> index 4010e83..c07a1d8 100644
>>> --- a/policycoreutils/sandbox/sandbox
>>> +++ b/policycoreutils/sandbox/sandbox
>>> @@ -305,8 +305,8 @@ kill -TERM $WM_PID 2> /dev/null
>>> types = _("""
>>> Policy defines the following types for use with the -t:
>>> \t%s
>>> -""") % "\n\t".join(list(sepolicy.info(sepolicy.ATTRIBUTE,
>>> "sandbox_type"))[0]['types'])
>>> - except RuntimeError:
>>> +""") % "\n\t".join(next(sepolicy.info(sepolicy.ATTRIBUTE,
>>> "sandbox_type"))['types'])
>>> + except StopIteration:
>>> pass
>>> usage = _("""
>>> @@ -380,8 +380,8 @@ sandbox [-h] [-l level ] [-[X|M] [-H homedir] [-T
>>> tempdir]] [-I includefile ] [-
>>> self.setype = DEFAULT_X_TYPE
>>> else:
>>> try:
>>> - sepolicy.info(sepolicy.TYPE, "sandbox_t")
>>> - except RuntimeError:
>>> + next(sepolicy.info(sepolicy.TYPE, "sandbox_t"))
>>> + except StopIteration:
>>> raise ValueError(_("Sandbox Policy is not currently
>>> installed.\nYou need to install the selinux-policy-sandbox package in
>>> order to run this command"))
>>> if self.__options.setype:
>>>
>
> _______________________________________________
> Selinux mailing list
> Selinux@xxxxxxxxxxxxx
> To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
> To get help, send an email containing "help" to
> Selinux-request@xxxxxxxxxxxxx.
>
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
