FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > CentOS > CentOS

 
 
LinkBack Thread Tools
 
Old 12-06-2009, 09:45 PM
David Lehman
 
Default Use selinux python module for file context operations.

---
isys/isys.py | 13 ++++++++++---
storage/formats/fs.py | 10 ++++++----
2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/isys/isys.py b/isys/isys.py
index 338ca26..12659bb 100755
--- a/isys/isys.py
+++ b/isys/isys.py
@@ -37,6 +37,7 @@ import re
import struct
import block
import dbus
+import selinux

import logging
log = logging.getLogger("anaconda")
@@ -602,15 +603,21 @@ def getIPAddress(dev):
## Get the correct context for a file from loaded policy.
# @param fn The filename to query.
def matchPathContext(fn):
- return _isys.matchPathContext(fn)
+ con = None
+ try:
+ con = selinux.matchpathcon(os.path.normpath(fn), 0)[1]
+ except OSError:
+ log.info("failed to get default SELinux context for %s" % f)
+ return con

## Set the SELinux file context of a file
# @param fn The filename to fix.
# @param con The context to use.
# @param instroot An optional root filesystem to look under for fn.
def setFileContext(fn, con, instroot = '/'):
- if con is not None and os.access("%s/%s" % (instroot, fn), os.F_OK):
- return (_isys.setFileContext(fn, con, instroot) != 0)
+ full_path = os.path.normpath("%s/%s" % (instroot, fn))
+ if con is not None and os.access(full_path, os.F_OK):
+ return (selinux.lsetfilecon(full_path, con) != 0)
return False

## Restore the SELinux file context of a file to its default.
diff --git a/storage/formats/fs.py b/storage/formats/fs.py
index 7778ba5..67e9b38 100644
--- a/storage/formats/fs.py
+++ b/storage/formats/fs.py
@@ -30,6 +30,7 @@
import math
import os
import tempfile
+import selinux
import isys

from ..errors import *
@@ -47,6 +48,10 @@ log = logging.getLogger("storage")
import gettext
_ = lambda x: gettext.ldgettext("anaconda", x)

+try:
+ lost_and_found_context = selinux.matchpathcon("/lost+found", 0)[1]
+except OSError:
+ lost_and_found_context = None

fs_configs = {}

@@ -121,7 +126,6 @@ class FS(DeviceFormat):
_defaultInfoOptions = []
_migrationTarget = None
_existingSizeFields = []
- lostAndFoundContext = None

def __init__(self, *args, **kwargs):
""" Create a FS instance.
@@ -604,10 +608,8 @@ class FS(DeviceFormat):
ret = isys.resetFileContext(mountpoint, chroot)
log.info("set SELinux context for newly mounted filesystem "
"root at %s to %s" %(mountpoint, ret))
- if self.lostAndFoundContext is None:
- self.lostAndFoundContext = isys.matchPathContext("/lost+found")
isys.setFileContext("%s/lost+found" % mountpoint,
- self.lostAndFoundContext, chroot)
+ lost_and_found_context, chroot)

self._mountpoint = chrootedMountpoint

--
1.6.5.2

_______________________________________________
Anaconda-devel-list mailing list
Anaconda-devel-list@redhat.com
https://www.redhat.com/mailman/listinfo/anaconda-devel-list
 

Thread Tools




All times are GMT. The time now is 05:53 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org