On Mon, Jun 15, 2020 at 12:30:43PM -0400, Stephen Smalley wrote: > On Mon, Jun 15, 2020 at 11:08 AM Christian Göttsche > <cgzones@xxxxxxxxxxxxxx> wrote: > > > > On a SELinux disabled system the python call > > `selinux.security_policyvers()` will fail. > > > > Move the logic to find a binary policy from the python script > > `sepolgen-ifgen` to the C-helper `sepolgen-ifgen-attr-helper`. > > Change the helper command line interface to accept an optional policy > > path as second argument. If not given try the current loaded policy > > (`selinux_current_policy_path`) and if running on a SELinux disabled > > system iterate over the default store path appending policy versions > > starting at the maximum supported policy version > > (`sepol_policy_kern_vers_max`). > > > > This changes the helper command line interface from: > > sepolgen-ifgen-attr-helper policy_file out_file > > to > > sepolgen-ifgen-attr-helper out_file [policy_file] > > and adds a linkage to libselinux. > > > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > > Acked-by: Stephen Smalley <stephen.smalley.work@xxxxxxxxx> > All 3 applied. Thanks!
Attachment:
signature.asc
Description: PGP signature
