[yocto] [meta-selinux][PATCH 3/4] semanage: process ValueError for sepolicy, seobject
wenzong.fan at windriver.com
wenzong.fan at windriver.com
Wed Apr 23 00:42:06 PDT 2014
From: Wenzong Fan <wenzong.fan at windriver.com>
The sepolicy, seobject modules raise many unprocessed ValueError, just
process them in semanage to make the script proivdes error message but
not error trace.
Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
---
...-process-ValueError-for-sepolicy-seobject.patch | 48 ++++++++++++++++++++
recipes-security/selinux/policycoreutils_2.2.5.bb | 1 +
2 files changed, 49 insertions(+)
create mode 100644 recipes-security/selinux/policycoreutils/policycoreutils-process-ValueError-for-sepolicy-seobject.patch
diff --git a/recipes-security/selinux/policycoreutils/policycoreutils-process-ValueError-for-sepolicy-seobject.patch b/recipes-security/selinux/policycoreutils/policycoreutils-process-ValueError-for-sepolicy-seobject.patch
new file mode 100644
index 0000000..933f2b2
--- /dev/null
+++ b/recipes-security/selinux/policycoreutils/policycoreutils-process-ValueError-for-sepolicy-seobject.patch
@@ -0,0 +1,48 @@
+From b8e07bd0643b581ac33c96a1f94ae17c8df80ffd Mon Sep 17 00:00:00 2001
+From: Wenzong Fan <wenzong.fan at windriver.com>
+Date: Sun, 30 Mar 2014 22:25:59 -0400
+Subject: [PATCH] semanage: process ValueError for sepolicy, seobject
+
+The sepolicy, seobject modules raise many unprocessed ValueError, just
+process them in semanage to make the script proivdes error message but
+not error trace.
+
+Uptream-Status: pending
+
+Signed-off-by: Wenzong Fan <wenzong.fan at windriver.com>
+---
+ semanage/semanage | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/semanage/semanage b/semanage/semanage
+index 36b41cd..a36a3f9 100644
+--- a/semanage/semanage
++++ b/semanage/semanage
+@@ -24,9 +24,15 @@
+ #
+
+ import argparse
+-import seobject
+ import sys
+ import gettext
++try:
++ import seobject
++ import sepolicy
++except ValueError, e:
++ print "Error: %s\n" % e
++ sys.exit(1)
++
+ PROGNAME="policycoreutils"
+ try:
+ gettext.install(PROGNAME,
+@@ -59,7 +65,6 @@ usage_interface_dict = {' --add':('-t TYPE','-r RANGE','interface'),' --modify':
+ usage_boolean = "semanage boolean [-h] [-n] [-N] [-s STORE] ["
+ usage_boolean_dict = {' --modify':('(','--on','|','--off',')','boolean'), ' --list':('-C',), ' --extract':('',), ' --deleteall':('',)}
+
+-import sepolicy
+ class CheckRole(argparse.Action):
+ def __call__(self, parser, namespace, value, option_string=None):
+ newval = getattr(namespace, self.dest)
+--
+1.7.9.5
+
diff --git a/recipes-security/selinux/policycoreutils_2.2.5.bb b/recipes-security/selinux/policycoreutils_2.2.5.bb
index c278aff..7c32064 100644
--- a/recipes-security/selinux/policycoreutils_2.2.5.bb
+++ b/recipes-security/selinux/policycoreutils_2.2.5.bb
@@ -13,4 +13,5 @@ SRC_URI += "\
file://policycoreutils-make-O_CLOEXEC-optional.patch \
file://policycoreutils-loadpolicy-symlink.patch \
file://policycoreutils-semanage-edit-user.patch \
+ file://policycoreutils-process-ValueError-for-sepolicy-seobject.patch \
"
--
1.7.9.5
More information about the yocto
mailing list