Re: [PATCH] python/sepolicy: search() also for dontaudit rules

Petr Lautrbach <plautrba@xxxxxxxxxx> · Tue, 18 Dec 2018 13:24:57 +0100

Nicolas Iooss <nicolas.iooss@xxxxxxx> writes:

> On Wed, Dec 12, 2018 at 4:28 PM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>>
>> dontaudit rules were accidentally dropped during rewrite to SETools 4 API in
>> 97d5f6a2
>>
>> Fixes:
>> >>> import sepolicy
>> >>> sepolicy.search(['dontaudit'])
>> []
>>
>> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
>
> Acked-by: Nicolas Iooss <nicolas.iooss@xxxxxxx>
>

Merged.

>> ---
>>
>> Same patch as https://lore.kernel.org/selinux/20180918134401.22956-1-plautrba@xxxxxxxxxx/
>> but with a slightly reworded commit message
>>
>>  python/sepolicy/sepolicy/__init__.py | 2 ++
>>  1 file changed, 2 insertions(+)
>>
>> diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
>> index cd7af7cf..fbeb731d 100644
>> --- a/python/sepolicy/sepolicy/__init__.py
>> +++ b/python/sepolicy/sepolicy/__init__.py
>> @@ -344,6 +344,8 @@ def search(types, seinfo=None):
>>          tertypes.append(NEVERALLOW)
>>      if AUDITALLOW in types:
>>          tertypes.append(AUDITALLOW)
>> +    if DONTAUDIT in types:
>> +        tertypes.append(DONTAUDIT)
>>
>>      if len(tertypes) > 0:
>>          q = setools.TERuleQuery(_pol,
>> --
>> 2.19.2
>>