On 11/08/2016 09:58 AM, Laurent Bigonville wrote: > Le 08/11/16 à 15:57, Stephen Smalley a écrit : >> On 11/08/2016 08:34 AM, Stephen Smalley wrote: >>> On 11/07/2016 06:09 PM, Laurent Bigonville wrote: >>>> Le 07/11/16 à 22:13, Stephen Smalley a écrit : >>>>> On 11/07/2016 03:01 AM, Laurent Bigonville wrote: >>>>>> From: Laurent Bigonville <bigon@xxxxxxxx> >>>>>> >>>>>> sepolicy.info() now returns a generator, use next() to get the >>>>>> results. >>>>> This breaks sandbox for me, >>>>> $ /usr/bin/sandbox -X firefox >>>>> Traceback (most recent call last): >>>>> File "/usr/bin/sandbox", line 529, in <module> >>>>> rc = sandbox.main() >>>>> File "/usr/bin/sandbox", line 513, in main >>>>> self.__parse_options() >>>>> File "/usr/bin/sandbox", line 308, in __parse_options >>>>> """) % "\n\t".join(next(sepolicy.info(sepolicy.ATTRIBUTE, >>>>> "sandbox_type"))['types']) >>>>> TypeError: list object is not an iterator >>>> Which version of python and setools are you using? >>> I have installed setools4 from source, both running setup.py via python >>> and via python3 to install it for python 2.7 and python 3.5 (both are >>> installed on Fedora, with python referencing 2.7 by default). I have >>> likewise built and installed the selinux userspace with PYTHON=python >>> and with PYTHON=python3. I have tried running sandbox via python and via >>> python3, and it yields the same exception in both cases with your patch, >>> and works fine without your patch. >> Ok, I forcibly removed the Fedora setools* packages (which also >> uninstalled policycoreutils) and built and installed setools4 and >> policycoreutils from upstream source again. Now I do not get that >> exception with your patch, but it also works fine without your patch - I >> see no difference in behavior. Not sure what I am missing. > > If I don't have the sandbox policy installed I get a backtrace instead > of a nice error: > > Traceback (most recent call last): > File "sandbox", line 529, in <module> > rc = sandbox.main() > File "sandbox", line 513, in main > self.__parse_options() > File "sandbox", line 308, in __parse_options > """) % "\n\t".join(list(sepolicy.info(sepolicy.ATTRIBUTE, > "sandbox_type"))[0]['types']) > IndexError: list index out of range Ok, got it. If you could include reproducer information in your patch descriptions, that would help. Applied this one. _______________________________________________ Selinux mailing list Selinux@xxxxxxxxxxxxx To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx. To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
