| Message ID | 20191115145425.1460016-1-plautrba@redhat.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | dbus: Fix FileNotFoundError in org.selinux.relabel_on_boot | expand |
On 11/15/19 9:54 AM, Petr Lautrbach wrote: > When org.selinux.relabel_on_boot(0) was called twice, it failed with > FileNotFoundError. > > Fixes: > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:1 > method return sender=:1.53 -> dest=:1.54 reply_serial=2 > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > method return sender=:1.53 -> dest=:1.55 reply_serial=2 > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > Error org.freedesktop.DBus.Python.FileNotFoundError: FileNotFoundError: [Errno 2] No such file or directory: '/.autorelabel' > > Signed-off-by: Petr Lautrbach <plautrba@redhat.com> > --- > > Note: This is python 3 only code and it fails in travis with PYVER=python2.7 RUBYLIBVER=2.6: > > $ PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8 > > Analyzing 187 Python scripts > > ./dbus/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > ./installdir/usr/share/system-config-selinux/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > The command "PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8" exited with 1. Hmm...given that, do we want to defer it until after 3.0 final release, or are we going to switch travis over to only test with python3 now? > > > > dbus/selinux_server.py | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/dbus/selinux_server.py b/dbus/selinux_server.py > index b9debc071485..be4f4557a9fa 100644 > --- a/dbus/selinux_server.py > +++ b/dbus/selinux_server.py > @@ -85,7 +85,10 @@ class selinux_server(slip.dbus.service.Object): > fd = open("/.autorelabel", "w") > fd.close() > else: > - os.unlink("/.autorelabel") > + try: > + os.unlink("/.autorelabel") > + except FileNotFoundError: > + pass > > def write_selinux_config(self, enforcing=None, policy=None): > path = selinux.selinux_path() + "config" >
On Fri, Nov 15, 2019 at 4:01 PM Stephen Smalley <sds@tycho.nsa.gov> wrote: > > On 11/15/19 9:54 AM, Petr Lautrbach wrote: > > When org.selinux.relabel_on_boot(0) was called twice, it failed with > > FileNotFoundError. > > > > Fixes: > > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:1 > > method return sender=:1.53 -> dest=:1.54 reply_serial=2 > > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > > method return sender=:1.53 -> dest=:1.55 reply_serial=2 > > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > > Error org.freedesktop.DBus.Python.FileNotFoundError: FileNotFoundError: [Errno 2] No such file or directory: '/.autorelabel' > > > > Signed-off-by: Petr Lautrbach <plautrba@redhat.com> > > --- > > > > Note: This is python 3 only code and it fails in travis with PYVER=python2.7 RUBYLIBVER=2.6: > > > > $ PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8 > > > > Analyzing 187 Python scripts > > > > ./dbus/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > > > ./installdir/usr/share/system-config-selinux/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > > > The command "PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8" exited with 1. > > Hmm...given that, do we want to defer it until after 3.0 final release, > or are we going to switch travis over to only test with python3 now? Hello, I personally do not have a strong opinion about dropping Python 2 support before or after 3.0 final release (for information, the Arch Linux packages will be Python 3-only anyway, because the distribution maintainers began dropping related Python 2 packages such as python2-audit). Nevertheless, on the patch itself, I am wondering whether "FileNotFoundError" could be replaced with "OSError" in order to make it compatible with Python 2. The main drawback of this alternative approach is that it silences PermissionError and other kind of errors that could be useful when debugging some issues on a production system. This is why I prefer keeping "FileNotFoundError", and the patch looks good to me. Thanks, Nicolas > > > > dbus/selinux_server.py | 5 ++++- > > 1 file changed, 4 insertions(+), 1 deletion(-) > > > > diff --git a/dbus/selinux_server.py b/dbus/selinux_server.py > > index b9debc071485..be4f4557a9fa 100644 > > --- a/dbus/selinux_server.py > > +++ b/dbus/selinux_server.py > > @@ -85,7 +85,10 @@ class selinux_server(slip.dbus.service.Object): > > fd = open("/.autorelabel", "w") > > fd.close() > > else: > > - os.unlink("/.autorelabel") > > + try: > > + os.unlink("/.autorelabel") > > + except FileNotFoundError: > > + pass > > > > def write_selinux_config(self, enforcing=None, policy=None): > > path = selinux.selinux_path() + "config" > > >
Nicolas Iooss <nicolas.iooss@m4x.org> writes: > On Fri, Nov 15, 2019 at 4:01 PM Stephen Smalley <sds@tycho.nsa.gov> wrote: >> >> On 11/15/19 9:54 AM, Petr Lautrbach wrote: >> > When org.selinux.relabel_on_boot(0) was called twice, it failed with >> > FileNotFoundError. >> > >> > Fixes: >> > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:1 >> > method return sender=:1.53 -> dest=:1.54 reply_serial=2 >> > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 >> > method return sender=:1.53 -> dest=:1.55 reply_serial=2 >> > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 >> > Error org.freedesktop.DBus.Python.FileNotFoundError: FileNotFoundError: [Errno 2] No such file or directory: '/.autorelabel' >> > >> > Signed-off-by: Petr Lautrbach <plautrba@redhat.com> >> > --- >> > >> > Note: This is python 3 only code and it fails in travis with PYVER=python2.7 RUBYLIBVER=2.6: >> > >> > $ PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8 >> > >> > Analyzing 187 Python scripts >> > >> > ./dbus/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' >> > >> > ./installdir/usr/share/system-config-selinux/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' >> > >> > The command "PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8" exited with 1. >> >> Hmm...given that, do we want to defer it until after 3.0 final release, >> or are we going to switch travis over to only test with python3 now? > I'd switch it now so it won't report false positives after this patch is applied. Also I'll add explicit note to release notes about dropping support for python 2. > Hello, I personally do not have a strong opinion about dropping Python > 2 support before or after 3.0 final release (for information, the Arch > Linux packages will be Python 3-only anyway, because the distribution > maintainers began dropping related Python 2 packages such as > python2-audit). > > Nevertheless, on the patch itself, I am wondering whether > "FileNotFoundError" could be replaced with "OSError" in order to make > it compatible with Python 2. The main drawback of this alternative > approach is that it silences PermissionError and other kind of errors > that could be useful when debugging some issues on a production > system. This is why I prefer keeping "FileNotFoundError", and the > patch looks good to me. > I've considered OSError, but I don't like the fact that it would silence PermissionError and others just for sake of Python 2 which won't be maintained after end of this year. >> > >> > dbus/selinux_server.py | 5 ++++- >> > 1 file changed, 4 insertions(+), 1 deletion(-) >> > >> > diff --git a/dbus/selinux_server.py b/dbus/selinux_server.py >> > index b9debc071485..be4f4557a9fa 100644 >> > --- a/dbus/selinux_server.py >> > +++ b/dbus/selinux_server.py >> > @@ -85,7 +85,10 @@ class selinux_server(slip.dbus.service.Object): >> > fd = open("/.autorelabel", "w") >> > fd.close() >> > else: >> > - os.unlink("/.autorelabel") >> > + try: >> > + os.unlink("/.autorelabel") >> > + except FileNotFoundError: >> > + pass >> > >> > def write_selinux_config(self, enforcing=None, policy=None): >> > path = selinux.selinux_path() + "config" >> > >>
On 11/15/19 9:54 AM, Petr Lautrbach wrote: > When org.selinux.relabel_on_boot(0) was called twice, it failed with > FileNotFoundError. > > Fixes: > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:1 > method return sender=:1.53 -> dest=:1.54 reply_serial=2 > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > method return sender=:1.53 -> dest=:1.55 reply_serial=2 > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > Error org.freedesktop.DBus.Python.FileNotFoundError: FileNotFoundError: [Errno 2] No such file or directory: '/.autorelabel' > > Signed-off-by: Petr Lautrbach <plautrba@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> > --- > > Note: This is python 3 only code and it fails in travis with PYVER=python2.7 RUBYLIBVER=2.6: > > $ PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8 > > Analyzing 187 Python scripts > > ./dbus/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > ./installdir/usr/share/system-config-selinux/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > The command "PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8" exited with 1. > > > > dbus/selinux_server.py | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/dbus/selinux_server.py b/dbus/selinux_server.py > index b9debc071485..be4f4557a9fa 100644 > --- a/dbus/selinux_server.py > +++ b/dbus/selinux_server.py > @@ -85,7 +85,10 @@ class selinux_server(slip.dbus.service.Object): > fd = open("/.autorelabel", "w") > fd.close() > else: > - os.unlink("/.autorelabel") > + try: > + os.unlink("/.autorelabel") > + except FileNotFoundError: > + pass > > def write_selinux_config(self, enforcing=None, policy=None): > path = selinux.selinux_path() + "config" >
On 11/15/19 9:54 AM, Petr Lautrbach wrote: > When org.selinux.relabel_on_boot(0) was called twice, it failed with > FileNotFoundError. > > Fixes: > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:1 > method return sender=:1.53 -> dest=:1.54 reply_serial=2 > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > method return sender=:1.53 -> dest=:1.55 reply_serial=2 > $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 > Error org.freedesktop.DBus.Python.FileNotFoundError: FileNotFoundError: [Errno 2] No such file or directory: '/.autorelabel' > > Signed-off-by: Petr Lautrbach <plautrba@redhat.com> Thanks, applied. I applied the travis patch first so that this one shouldn't break it. > --- > > Note: This is python 3 only code and it fails in travis with PYVER=python2.7 RUBYLIBVER=2.6: > > $ PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8 > > Analyzing 187 Python scripts > > ./dbus/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > ./installdir/usr/share/system-config-selinux/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' > > The command "PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8" exited with 1. > > > > dbus/selinux_server.py | 5 ++++- > 1 file changed, 4 insertions(+), 1 deletion(-) > > diff --git a/dbus/selinux_server.py b/dbus/selinux_server.py > index b9debc071485..be4f4557a9fa 100644 > --- a/dbus/selinux_server.py > +++ b/dbus/selinux_server.py > @@ -85,7 +85,10 @@ class selinux_server(slip.dbus.service.Object): > fd = open("/.autorelabel", "w") > fd.close() > else: > - os.unlink("/.autorelabel") > + try: > + os.unlink("/.autorelabel") > + except FileNotFoundError: > + pass > > def write_selinux_config(self, enforcing=None, policy=None): > path = selinux.selinux_path() + "config" >
diff --git a/dbus/selinux_server.py b/dbus/selinux_server.py index b9debc071485..be4f4557a9fa 100644 --- a/dbus/selinux_server.py +++ b/dbus/selinux_server.py @@ -85,7 +85,10 @@ class selinux_server(slip.dbus.service.Object): fd = open("/.autorelabel", "w") fd.close() else: - os.unlink("/.autorelabel") + try: + os.unlink("/.autorelabel") + except FileNotFoundError: + pass def write_selinux_config(self, enforcing=None, policy=None): path = selinux.selinux_path() + "config"
When org.selinux.relabel_on_boot(0) was called twice, it failed with FileNotFoundError. Fixes: $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:1 method return sender=:1.53 -> dest=:1.54 reply_serial=2 $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 method return sender=:1.53 -> dest=:1.55 reply_serial=2 $ dbus-send --system --print-reply --dest=org.selinux /org/selinux/object org.selinux.relabel_on_boot int64:0 Error org.freedesktop.DBus.Python.FileNotFoundError: FileNotFoundError: [Errno 2] No such file or directory: '/.autorelabel' Signed-off-by: Petr Lautrbach <plautrba@redhat.com> --- Note: This is python 3 only code and it fails in travis with PYVER=python2.7 RUBYLIBVER=2.6: $ PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8 Analyzing 187 Python scripts ./dbus/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' ./installdir/usr/share/system-config-selinux/selinux_server.py:90:20: F821 undefined name 'FileNotFoundError' The command "PATH="$VIRTUAL_ENV/bin:$PATH" ./scripts/run-flake8" exited with 1. dbus/selinux_server.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-)