Re: [PATCH 1/2] Sandbox: Use next() over the sepolicy.info() result

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Le 08/11/16 à 15:57, Stephen Smalley a écrit :

On 11/08/2016 08:34 AM, Stephen Smalley wrote:

On 11/07/2016 06:09 PM, Laurent Bigonville wrote:

Le 07/11/16 à 22:13, Stephen Smalley a écrit :

On 11/07/2016 03:01 AM, Laurent Bigonville wrote:

From: Laurent Bigonville <bigon@xxxxxxxx>

sepolicy.info() now returns a generator, use next() to get the results.

This breaks sandbox for me,
$ /usr/bin/sandbox -X firefox
Traceback (most recent call last):
    File "/usr/bin/sandbox", line 529, in <module>
      rc = sandbox.main()
    File "/usr/bin/sandbox", line 513, in main
      self.__parse_options()
    File "/usr/bin/sandbox", line 308, in __parse_options
      """) % "\n\t".join(next(sepolicy.info(sepolicy.ATTRIBUTE,
"sandbox_type"))['types'])
TypeError: list object is not an iterator

Which version of python and setools are you using?

I have installed setools4 from source, both running setup.py via python
and via python3 to install it for python 2.7 and python 3.5 (both are
installed on Fedora, with python referencing 2.7 by default).  I have
likewise built and installed the selinux userspace with PYTHON=python
and with PYTHON=python3. I have tried running sandbox via python and via
python3, and it yields the same exception in both cases with your patch,
and works fine without your patch.

Ok, I forcibly removed the Fedora setools* packages (which also
uninstalled policycoreutils) and built and installed setools4 and
policycoreutils from upstream source again.  Now I do not get that
exception with your patch, but it also works fine without your patch - I
see no difference in behavior.  Not sure what I am missing.
If I don't have the sandbox policy installed I get a backtrace instead of a nice error: 

Traceback (most recent call last):
  File "sandbox", line 529, in <module>
    rc = sandbox.main()
  File "sandbox", line 513, in main
    self.__parse_options()
  File "sandbox", line 308, in __parse_options
    """) % "\n\t".join(list(sepolicy.info(sepolicy.ATTRIBUTE, "sandbox_type"))[0]['types'])
IndexError: list index out of range

_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux