'Re: [PATCH 1/1] sepolicy: do not fail when file_contexts.local or .subs do not exist'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       selinux
Subject:    Re: [PATCH 1/1] sepolicy: do not fail when file_contexts.local or .subs do not exist
From:       Nicolas Iooss <nicolas.iooss () m4x ! org>
Date:       2017-09-19 20:34:03
Message-ID: CAJfZ7=kBtG=vPd0Tgvtv_-9BgoPapT9-2m0ufz=XgXhvT1d-JQ () mail ! gmail ! com
[Download RAW message or body]

On Tue, Sep 19, 2017 at 1:01 AM, William Roberts
<bill.c.roberts@gmail.com> wrote:
> On Mon, Sep 18, 2017 at 3:59 PM, William Roberts
> <bill.c.roberts@gmail.com> wrote:
>> On Mon, Sep 18, 2017 at 2:32 PM, Nicolas Iooss <nicolas.iooss@m4x.org> wrote:
>>>
>>> On a system without any file context customizations, "sepolicy gui"
>>> fails to load because it tries to read a non-existent file:
>>>
>>>     FileNotFoundError: [Errno 2] No such file or directory:
>>>     '/etc/selinux/refpolicy-git/contexts/files/file_contexts.local'
>>>
>>> Once this issue is fixed, another one is triggered:
>>>
>>>     FileNotFoundError: [Errno 2] No such file or directory:
>>>     '/etc/selinux/refpolicy-git/contexts/files/file_contexts.subs
>>>
>>> Use os.path.exists() to prevent trying to open non-existent files.
>>>
>>> Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
>>> ---
>>>  python/sepolicy/sepolicy/__init__.py | 4 ++++
>>>  1 file changed, 4 insertions(+)
>>>
>>> diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
>>> index 03742346caf0..14d2ad634d7d 100644
>>> --- a/python/sepolicy/sepolicy/__init__.py
>>> +++ b/python/sepolicy/sepolicy/__init__.py
>>> @@ -523,6 +523,8 @@ def find_entrypoint_path(exe, exclude_list=[]):
>>>
>>>
>>>  def read_file_equiv(edict, fc_path, modify):
>>> +    if not os.path.exists(fc_path):
>>> +        return edict
>>>      fd = open(fc_path, "r")
>>>      fc = fd.readlines()
>>>      fd.close()
>>> @@ -555,6 +557,8 @@ def get_local_file_paths(fc_path=selinux.selinux_file_context_path()):
>>>      if local_files:
>>>          return local_files
>>>      local_files = []
>>> +    if not os.path.exists(fc_path + ".local"):
>>> +        return []
>>>      fd = open(fc_path + ".local", "r")
>>
>> Why not use Try/Except here with a pass here?
>
> Wouldn't be a pass... but you get the idea.

It modifies more lines, but as you suggested it I will send a v2 which
uses try/except. In order to keep the code compatible with Python 2,
it will be "except OSError" + errno checking to silently skip
non-existing file.
>
>> While you're at it, maybe update this to use a with
>> statement. instead of an explicit close call.
>>>      fc = fd.readlines()
>>>      fd.close()

I will do it. Thanks for you suggestions.

Nicolas

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic