From patchwork Mon Nov 7 08:01:17 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laurent Bigonville X-Patchwork-Id: 9414417 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id E27DF6022E for ; Mon, 7 Nov 2016 08:04:20 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CDF1C28D62 for ; Mon, 7 Nov 2016 08:04:20 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id BEF3228D67; Mon, 7 Nov 2016 08:04:20 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_NONE, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=no version=3.3.1 Received: from emsm-gh1-uea10.nsa.gov (emsm-gh1-uea10.nsa.gov [8.44.101.8]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 7C35728D62 for ; Mon, 7 Nov 2016 08:04:19 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.31,605,1473120000"; d="scan'208";a="663402" IronPort-PHdr: =?us-ascii?q?9a23=3AjDL72h14QtpsRORSsmDT+DRfVm0co7zxezQtwd8Z?= =?us-ascii?q?segTKfad9pjvdHbS+e9qxAeQG96KsbQV0KGM7PCocFdDyK7JiGoFfp1IWk1Nou?= =?us-ascii?q?QttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXsq3G/pQQfBg/4fVIs?= =?us-ascii?q?YL+kQMiD1I/tiLD60qaQSj0AvCC6b7J2IUf+hiTqne5Sv7FfLL0swADCuHpCdr?= =?us-ascii?q?ce72ppIVWOg0S0vZ/or9Ze6SAYh9YNv44FCP27LOwESulDATAnNX0lzNH6vhnE?= =?us-ascii?q?Cw2U7z0TVXtFvABPBl3h5QzgU5Ht+gH7ue17xiieOcC+Gbo1VjOkx6tmQh7hjm?= =?us-ascii?q?EALTFvozKfsdB5kK8O+EHpnBd42YOBJdjNOQ=3D=3D?= X-IPAS-Result: =?us-ascii?q?A2F1DQDWNCBY/wHyM5BdHAEBBAEBCgEBFwEBBAEBCgEBgmk?= =?us-ascii?q?aAQEBAQEfWHyjFAEGgRyBbRYBijuKFyIHgXSGIFMBAQEBAQEBAQIBAl8ogjMEA?= =?us-ascii?q?xMFeVs8AgEDAQI3BgEBDCAMAgMJAQEXCCEICAMBLQsKEQ4LBRgEiDcBAwGvYoM?= =?us-ascii?q?nOAKCXwEBBYgZDB0IhXSJOBEBhXwBiEkHhgiBPYoWhjWKBAuCPIdRhgORLgJVV?= =?us-ascii?q?iQbgweCCXGFXHiBNQEBAQ?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea10.nsa.gov with ESMTP; 07 Nov 2016 08:04:17 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id uA7848KN006426; Mon, 7 Nov 2016 03:04:16 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id uA781Ufn194057 for ; Mon, 7 Nov 2016 03:01:30 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id uA781U6A006318 for ; Mon, 7 Nov 2016 03:01:30 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1BlBQBSNCBY/2OteVtdHAEBBAEBCgEBgxQaAQEBAQEfWHyjDwEBAQEBAQaBHIw/hgSEMAyIFFMBAgEBAQEBAmIohGIGQAEBOA8gMTwbGYhZAwGvYoMngxkBAQWIQgiFdI9GiEoHhgiBPYoWhjWKBAuCPI1UkS4CVXobgweCCXGICQEBAQ X-IPAS-Result: A1BlBQBSNCBY/2OteVtdHAEBBAEBCgEBgxQaAQEBAQEfWHyjDwEBAQEBAQaBHIw/hgSEMAyIFFMBAgEBAQEBAmIohGIGQAEBOA8gMTwbGYhZAwGvYoMngxkBAQWIQgiFdI9GiEoHhgiBPYoWhjWKBAuCPI1UkS4CVXobgweCCXGICQEBAQ X-IronPort-AV: E=Sophos;i="5.31,605,1473134400"; d="scan'208";a="5807428" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 07 Nov 2016 03:01:24 -0500 IronPort-PHdr: =?us-ascii?q?9a23=3AVm2wfxYdj81ip28vBMaCkvr/LSx+4OfEezUN459i?= =?us-ascii?q?sYplN5qZpc+ybnLW6fgltlLVR4KTs6sC0LuM9fG7EjZfsd6oizMrSNR0TRgLiM?= =?us-ascii?q?EbzUQLIfWuLgnFFsPsdDEwB89YVVVorDmROElRH9viNRWJ+iXhpQAbFhi3Dwdp?= =?us-ascii?q?POO9QteU1JXtkbHpsMeMM01hv3mUWftKNhK4rAHc5IE9oLBJDeIP8CbPuWZCYO?= =?us-ascii?q?9MxGlldhq5lhf44dqsrtY4q3wD86Fpy8kVSqj+fqIlXZREHT8mNCYz/8Stuh7d?= =?us-ascii?q?HiWV4X5JdmwLiBdOH0Dv7R79WInwti/3/r532SadO+X6QLo1UDLk6L1kHky7wB?= =?us-ascii?q?wbPiI0pTmEwvd7i7hW9Uqs?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0FnDQC9MyBY/2OteVtdHAEBBAEBCgEBF?= =?us-ascii?q?wEBBAEBCgEBgmkaAQEBAQEfWHyjFAEGgRyBbRYBijuGBIQwDIF0hh9TAQEBAQE?= =?us-ascii?q?BAQECAQJfKIIzGIEAWzwGQAEBOA8gMTwbGYhZAwGvYYMngxkBAQWIQgiFdI9Gi?= =?us-ascii?q?EoHhgiBPYoWhjWKBAuCPI1UkS4CVXobgweCCXGICQEBAQ?= X-IPAS-Result: =?us-ascii?q?A0FnDQC9MyBY/2OteVtdHAEBBAEBCgEBFwEBBAEBCgEBgmk?= =?us-ascii?q?aAQEBAQEfWHyjFAEGgRyBbRYBijuGBIQwDIF0hh9TAQEBAQEBAQECAQJfKIIzG?= =?us-ascii?q?IEAWzwGQAEBOA8gMTwbGYhZAwGvYYMngxkBAQWIQgiFdI9GiEoHhgiBPYoWhjW?= =?us-ascii?q?KBAuCPI1UkS4CVXobgweCCXGICQEBAQ?= X-IronPort-AV: E=Sophos;i="5.31,605,1473120000"; d="scan'208";a="535870" Received: from anor.bigon.be ([91.121.173.99]) by emsm-gh1-uea11.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Nov 2016 08:01:23 +0000 Received: from anor.bigon.be (localhost.localdomain [127.0.0.1]) by anor.bigon.be (Postfix) with ESMTP id 80DF61A1AE for ; Mon, 7 Nov 2016 09:01:22 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bigon.be; h= references:in-reply-to:x-mailer:message-id:date:date:subject :subject:from:from:received:received:received; s=key1; t= 1478505678; x=1480320079; bh=ujdUUfy9DPRjN95RR2MK/qe44h1/fZloVfS lCS/6bqw=; b=VlQHsTeBKoNCRlEviUaXi90kR+iVrBCfBnb+H3rFeNdvIkzMua6 QrOahVPRHt/CcU4pWNN5nkcLHU4JlHRLDyLraDQEkvlgaxm/cRk1g7wbcSVQkfRS 5u5dYjVWbnnd9iGLq37SavCQ/VxAHMVMOf9ZncCD17XNSZl7hv7KSoY4= X-Virus-Scanned: Debian amavisd-new at bigon.be Received: from anor.bigon.be ([127.0.0.1]) by anor.bigon.be (anor.bigon.be [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 8A1i-ColBpbT for ; Mon, 7 Nov 2016 09:01:18 +0100 (CET) Received: from fornost.bigon.be (unknown [IPv6:2a02:a03f:6c:e500:edf:2fd8:fc0a:f176]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: bigon) by anor.bigon.be (Postfix) with ESMTPSA id 14DEC1A1A8 for ; Mon, 7 Nov 2016 09:01:18 +0100 (CET) Received: from bigon (uid 1000) (envelope-from bigon@bigon.be) id 40324 by fornost.bigon.be (DragonFly Mail Agent v0.11); Mon, 07 Nov 2016 09:01:17 +0100 From: Laurent Bigonville To: selinux@tycho.nsa.gov Subject: [PATCH 2/2] policycoreutils: Make sepolicy work with python3 Date: Mon, 7 Nov 2016 09:01:17 +0100 Message-Id: <20161107080117.24030-2-bigon@debian.org> X-Mailer: git-send-email 2.10.2 In-Reply-To: <20161107080117.24030-1-bigon@debian.org> References: <20161107080117.24030-1-bigon@debian.org> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Laurent Bigonville Add python3 support for sepolicy Signed-off-by: Laurent Bigonville --- policycoreutils/sepolicy/selinux_client.py | 6 ++-- policycoreutils/sepolicy/sepolicy.py | 38 ++++++++++++------------ policycoreutils/sepolicy/sepolicy/__init__.py | 16 ++++++---- policycoreutils/sepolicy/sepolicy/communicate.py | 4 +-- policycoreutils/sepolicy/sepolicy/generate.py | 30 +++++++++---------- policycoreutils/sepolicy/sepolicy/interface.py | 14 ++++++--- policycoreutils/sepolicy/sepolicy/manpage.py | 7 +++-- 7 files changed, 65 insertions(+), 50 deletions(-) diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutils/sepolicy/selinux_client.py index 7f4a91c..dc29f28 100644 --- a/policycoreutils/sepolicy/selinux_client.py +++ b/policycoreutils/sepolicy/selinux_client.py @@ -39,6 +39,6 @@ if __name__ == "__main__": try: dbus_proxy = SELinuxDBus() resp = dbus_proxy.customized() - print convert_customization(resp) - except dbus.DBusException, e: - print e + print(convert_customization(resp)) + except dbus.DBusException as e: + print(e) diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py index 3e502a7..5bf9b52 100755 --- a/policycoreutils/sepolicy/sepolicy.py +++ b/policycoreutils/sepolicy/sepolicy.py @@ -262,7 +262,7 @@ def _print_net(src, protocol, perm): if len(portdict) > 0: bold_start = "\033[1m" bold_end = "\033[0;0m" - print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end + print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end) port_strings = [] boolean_text = "" for p in portdict: @@ -275,7 +275,7 @@ def _print_net(src, protocol, perm): port_strings.append("%s (%s)" % (", ".join(recs), t)) port_strings.sort(numcmp) for p in port_strings: - print "\t" + p + print("\t" + p) def network(args): @@ -286,7 +286,7 @@ def network(args): if i[0] not in all_ports: all_ports.append(i[0]) all_ports.sort() - print "\n".join(all_ports) + print("\n".join(all_ports)) for port in args.port: found = False @@ -297,18 +297,18 @@ def network(args): else: range = "%s-%s" % (i[0], i[1]) found = True - print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range) + print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range)) if not found: if port < 500: - print "Undefined reserved port type" + print("Undefined reserved port type") else: - print "Undefined port type" + print("Undefined port type") for t in args.type: if (t, 'tcp') in portrecs.keys(): - print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])) + print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))) if (t, 'udp') in portrecs.keys(): - print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])) + print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))) for a in args.applications: d = sepolicy.get_init_transtype(a) @@ -357,7 +357,7 @@ def manpage(args): for domain in test_domains: m = ManPage(domain, path, args.root, args.source_files, args.web) - print m.get_man_page_path() + print(m.get_man_page_path()) if args.web: HTMLManPages(manpage_roles, manpage_domains, path, args.os) @@ -418,7 +418,7 @@ def communicate(args): out = list(set(writable) & set(readable)) for t in out: - print t + print(t) def gen_communicate_args(parser): @@ -445,7 +445,7 @@ def booleans(args): args.booleans.sort() for b in args.booleans: - print "%s=_(\"%s\")" % (b, boolean_desc(b)) + print("%s=_(\"%s\")" % (b, boolean_desc(b))) def gen_booleans_args(parser): @@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=""): for i in interfaces: if args.verbose: try: - print get_interface_format_text(i + append) + print(get_interface_format_text(i + append)) except KeyError: - print i + print(i) if args.compile: try: interface_compile_test(i) except KeyError: - print i + print(i) else: - print i + print(i) def interface(args): @@ -565,7 +565,7 @@ def generate(args): if args.policytype in APPLICATIONS: mypolicy.gen_writeable() mypolicy.gen_symbols() - print mypolicy.generate(args.path) + print(mypolicy.generate(args.path)) def gen_interface_args(parser): @@ -698,12 +698,12 @@ if __name__ == '__main__': args = parser.parse_args(args=parser_args) args.func(args) sys.exit(0) - except ValueError, e: + except ValueError as e: sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) sys.exit(1) - except IOError, e: + except IOError as e: sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) sys.exit(1) except KeyboardInterrupt: - print "Out" + print("Out") sys.exit(0) diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py index 8fbd5b4..fee6438 100644 --- a/policycoreutils/sepolicy/sepolicy/__init__.py +++ b/policycoreutils/sepolicy/sepolicy/__init__.py @@ -695,7 +695,7 @@ def get_methods(): # List of per_role_template interfaces ifs = interfaces.InterfaceSet() ifs.from_file(fd) - methods = ifs.interfaces.keys() + methods = list(ifs.interfaces.keys()) fd.close() except: sys.stderr.write("could not open interface info [%s]\n" % fn) @@ -752,7 +752,10 @@ def get_all_entrypoint_domains(): def gen_interfaces(): - import commands + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput ifile = defaults.interface_info() headers = defaults.headers() try: @@ -763,7 +766,7 @@ def gen_interfaces(): if os.getuid() != 0: raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen")) - print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1]) + print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1]) def gen_port_dict(): @@ -1085,8 +1088,11 @@ def get_os_version(): os_version = "" pkg_name = "selinux-policy" try: - import commands - rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name) + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput + rc, output = getstatusoutput("rpm -q '%s'" % pkg_name) if rc == 0: os_version = output.split(".")[-2] except: diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policycoreutils/sepolicy/sepolicy/communicate.py index b96c4b9..45d5abb 100755 --- a/policycoreutils/sepolicy/sepolicy/communicate.py +++ b/policycoreutils/sepolicy/sepolicy/communicate.py @@ -34,8 +34,8 @@ def usage(parser, msg): def expand_attribute(attribute): try: - return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"] - except RuntimeError: + return list(list(sepolicy.info(sepolicy.ATTRIBUTE, attribute))[0]["types"]) + except IndexError: return [attribute] diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py index 65b33b6..5696110 100644 --- a/policycoreutils/sepolicy/sepolicy/generate.py +++ b/policycoreutils/sepolicy/sepolicy/generate.py @@ -31,21 +31,21 @@ import time import types import platform -from templates import executable -from templates import boolean -from templates import etc_rw -from templates import unit_file -from templates import var_cache -from templates import var_spool -from templates import var_lib -from templates import var_log -from templates import var_run -from templates import tmp -from templates import rw -from templates import network -from templates import script -from templates import spec -from templates import user +from .templates import executable +from .templates import boolean +from .templates import etc_rw +from .templates import unit_file +from .templates import var_cache +from .templates import var_spool +from .templates import var_lib +from .templates import var_log +from .templates import var_run +from .templates import tmp +from .templates import rw +from .templates import network +from .templates import script +from .templates import spec +from .templates import user import sepolgen.interfaces as interfaces import sepolgen.defaults as defaults diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py index c2cb971..8956f39 100644 --- a/policycoreutils/sepolicy/sepolicy/interface.py +++ b/policycoreutils/sepolicy/sepolicy/interface.py @@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name="compiletest"): def get_xml_file(if_file): """ Returns xml format of interfaces for given .if policy file""" import os - import commands + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput basedir = os.path.dirname(if_file) + "/" filename = os.path.basename(if_file).split(".")[0] - rc, output = commands.getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename) + rc, output = getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename) if rc != 0: sys.stderr.write("\n Could not proceed selected interface file.\n") sys.stderr.write("\n%s" % output) @@ -208,7 +211,10 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml" exclude_interfaces = ["userdom", "kernel", "corenet", "files", "dev"] exclude_interface_type = ["template"] - import commands + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput import os policy_files = {'pp': "compiletest.pp", 'te': "compiletest.te", 'fc': "compiletest.fc", 'if': "compiletest.if"} idict = get_interface_dict(path) @@ -219,7 +225,7 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml" fd = open(policy_files['te'], "w") fd.write(generate_compile_te(interface, idict)) fd.close() - rc, output = commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp']) + rc, output = getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp']) if rc != 0: sys.stderr.write(output) sys.stderr.write(_("\nCompile test for %s failed.\n") % interface) diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py index 7365f93..773a9ab 100755 --- a/policycoreutils/sepolicy/sepolicy/manpage.py +++ b/policycoreutils/sepolicy/sepolicy/manpage.py @@ -27,7 +27,6 @@ __all__ = ['ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_d import string import selinux import sepolicy -import commands import os import time @@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list): def convert_manpage_to_html(html_manpage, manpage): - rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage) + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput + rc, output = getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage) if rc == 0: print(html_manpage, "has been created") fd = open(html_manpage, 'w')