On Thu, Dec 20, 2018 at 4:14 PM Petr Lautrbach <plautrba@xxxxxxxxxx> wrote:
>
> Based on idea from Nicolas Iooss <nicolas.iooss@xxxxxxx>
>
> Fixes:
> $ sudo semanage
> Traceback (most recent call last):
> File "/usr/sbin/semanage", line 28, in <module>
> import seobject
> File "/usr/lib/python3.7/site-packages/seobject.py", line 1045, in <module>
> class portRecords(semanageRecords):
> File "/usr/lib/python3.7/site-packages/seobject.py", line 1047, in portRecords
> valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "port_type"))[0]["types"])
> File "/usr/lib/python3.7/site-packages/sepolicy/__init__.py", line 203, in <genexpr>
> return ({
> File "/usr/lib64/python3.7/site-packages/setools/typeattrquery.py", line 65, in results
> for attr in self.policy.typeattributes():
> AttributeError: 'NoneType' object has no attribute 'typeattributes'
>
> https://github.com/SELinuxProject/selinux/issues/81
>
> Signed-off-by: Petr Lautrbach <plautrba@xxxxxxxxxx>
Why are classes ibpkeyRecords and ibendportRecords not covered by the
changes from this patch?
Nicolas
> ---
> python/semanage/seobject.py | 33 ++++++++++++++++++++-------------
> 1 file changed, 20 insertions(+), 13 deletions(-)
>
> diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
> index efec0a55..2b43b65c 100644
> --- a/python/semanage/seobject.py
> +++ b/python/semanage/seobject.py
> @@ -1043,13 +1043,15 @@ class seluserRecords(semanageRecords):
>
>
> class portRecords(semanageRecords):
> - try:
> - valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "port_type"))[0]["types"])
> - except RuntimeError:
> - valid_types = []
> +
> + valid_types = []
>
> def __init__(self, args = None):
> semanageRecords.__init__(self, args)
> + try:
> + self.valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "port_type"))[0]["types"])
> + except RuntimeError:
> + pass
>
> def __genkey(self, port, proto):
> if proto == "tcp":
> @@ -1823,14 +1825,16 @@ class ibendportRecords(semanageRecords):
> print(rec)
>
> class nodeRecords(semanageRecords):
> - try:
> - valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "node_type"))[0]["types"])
> - except RuntimeError:
> - valid_types = []
> +
> + valid_types = []
>
> def __init__(self, args = None):
> semanageRecords.__init__(self, args)
> self.protocol = ["ipv4", "ipv6"]
> + try:
> + self.valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "node_type"))[0]["types"])
> + except RuntimeError:
> + pass
>
> def validate(self, addr, mask, protocol):
> newaddr = addr
> @@ -2264,14 +2268,17 @@ class interfaceRecords(semanageRecords):
>
>
> class fcontextRecords(semanageRecords):
> - try:
> - valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "file_type"))[0]["types"])
> - valid_types += list(list(sepolicy.info(sepolicy.ATTRIBUTE, "device_node"))[0]["types"])
> - except RuntimeError:
> - valid_types = []
> +
> + valid_types = []
>
> def __init__(self, args = None):
> semanageRecords.__init__(self, args)
> + try:
> + self.valid_types = list(list(sepolicy.info(sepolicy.ATTRIBUTE, "file_type"))[0]["types"])
> + self.valid_types += list(list(sepolicy.info(sepolicy.ATTRIBUTE, "device_node"))[0]["types"])
> + except RuntimeError:
> + pass
> +
> self.equiv = {}
> self.equiv_dist = {}
> self.equal_ind = False
> --
> 2.20.1
>
