From patchwork Mon Nov 7 09:51:08 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laurent Bigonville X-Patchwork-Id: 9414573 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id ACDDC60512 for ; Mon, 7 Nov 2016 09:52:23 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 9897028C92 for ; Mon, 7 Nov 2016 09:52:23 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 8AF3728ABB; Mon, 7 Nov 2016 09:52:23 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.1 required=2.0 tests=BAYES_00,DKIM_SIGNED, RCVD_IN_DNSWL_MED, T_DKIM_INVALID, UNPARSEABLE_RELAY autolearn=ham version=3.3.1 Received: from emsm-gh1-uea11.nsa.gov (smtp.nsa.gov [8.44.101.9]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 2B11F28ABB for ; Mon, 7 Nov 2016 09:52:21 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.31,605,1473120000"; d="scan'208";a="536463" IronPort-PHdr: =?us-ascii?q?9a23=3AIcy5MhLWvNRr20ztMNmcpTZWNBhigK39O0sv0rFi?= =?us-ascii?q?tYgUL//xwZ3uMQTl6Ol3ixeRBMOAuqgC2rGd6fG4EUU7or+5+EgYd5JNUxJXwe?= =?us-ascii?q?43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6anHS+4HYoFwnlMkIt?= =?us-ascii?q?f6KuS9SU3p/8jbHqs7ToICxwzAKnZr1zKBjk5S7wjeIxxbVYF6Aq1xHSqWFJce?= =?us-ascii?q?kFjUlhJFaUggqurpzopM0rzj5U884F24YAFPyiPvdwcbsNFzkiMmYo9OX3pBLD?= =?us-ascii?q?Sk2J/XJaXWIIwTRSBA2QyBjnRJr3rmPQt+V63jebOcn7BeQ+WDul6Y9nRRXpgS?= =?us-ascii?q?FBMCQ2pjKEwvdshb5W9Ury7yd0xJTZNcTMbPc=3D?= X-IPAS-Result: =?us-ascii?q?A2FyDQBFTSBY/wHyM5BdHAEBBAEBCgEBFwEBBAEBCgEBgwM?= =?us-ascii?q?BAQEBAR9YfKMVAQaBHIFtFgGKO4oXIgeBdIYoUwEBAQEBAQEBAgECXyiCMwQDE?= =?us-ascii?q?wV5WzwCAQMBAjcGAQEMIAwCAwkBARcIHwIICAMBLQsKEQ4LBRgEiDcEAa9mgyc?= =?us-ascii?q?4AoJfAQEFiBsMHQiFdIk4EQGFfAGISQeGCIE9ihaGNYoEC4I8h1GGA5EuAlVWJ?= =?us-ascii?q?BuDB4IJcYVceIE1AQEB?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea11.nsa.gov with ESMTP; 07 Nov 2016 09:52:19 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id uA79pnVu015154; Mon, 7 Nov 2016 04:51:56 -0500 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id uA79pmQH196624 for ; Mon, 7 Nov 2016 04:51:48 -0500 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id uA79pmFK015151 for ; Mon, 7 Nov 2016 04:51:48 -0500 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1BjBQBWTiBY/2OteVtdHAEBBAEBCgEBgy4BAQEBAR9YfKMQAQEBAQEBBoEcjD+KNAyIHFMBAgEBAQEBAmIohGIGQAEBOA8gHxI8GxmIXAGvZYMngxkBAQWIRAiFdI9GiEoHhgiBPYoWhjWKBAuCPI1UkS4CVXobgweCCXGICQEBAQ X-IPAS-Result: A1BjBQBWTiBY/2OteVtdHAEBBAEBCgEBgy4BAQEBAR9YfKMQAQEBAQEBBoEcjD+KNAyIHFMBAgEBAQEBAmIohGIGQAEBOA8gHxI8GxmIXAGvZYMngxkBAQWIRAiFdI9GiEoHhgiBPYoWhjWKBAuCPI1UkS4CVXobgweCCXGICQEBAQ X-IronPort-AV: E=Sophos;i="5.31,605,1473134400"; d="scan'208";a="5807566" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 07 Nov 2016 04:51:16 -0500 IronPort-PHdr: =?us-ascii?q?9a23=3AoHl/ihP1zUWrvbmYWtsl6mtUPXoX/o7sNwtQ0KIM?= =?us-ascii?q?zox0KP/zrarrMEGX3/hxlliBBdydsKMezbuN+PqxASQp2tWoiDg6aptCVhsI24?= =?us-ascii?q?09vjcLJ4q7M3D9N+PgdCcgHc5PBxdP9nC/NlVJSo6lPwWB6kO74TNaIBjjLw09?= =?us-ascii?q?fr2zQd+IyZXsnLrjo9X6WEZhvHKFe7R8LRG7/036l/I9ps9cEJs30QbDuXBSeu?= =?us-ascii?q?5blitCLFOXmAvgtI/rpMYwu3cYh/V07MNEUKPnb4wkXLdYC3IgKGlz68r15jfZ?= =?us-ascii?q?Sg7awnIBSGgQjlJiAgfC6g/7WpP8+n/wt+V63gGWMMf3RLZyXi6tufQ4ACT0gT?= =?us-ascii?q?sKYmZquFrcjdZ92fpW?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0FiDQBFTSBY/2OteVtdHAEBBAEBCgEBF?= =?us-ascii?q?wEBBAEBCgEBgwMBAQEBAR9YfKMVAQaBHIFtFgGKO4o0DIF0hihTAQEBAQEBAQE?= =?us-ascii?q?CAQJfKIIzGIEAWzwGQAEBOA8gHxI8GxmIXAGvZoMngxkBAQWIRAiFdI9GiEoHh?= =?us-ascii?q?giBPYoWhjWKBAuCPI1UkS4CVXobgweCCXGICQEBAQ?= X-IPAS-Result: =?us-ascii?q?A0FiDQBFTSBY/2OteVtdHAEBBAEBCgEBFwEBBAEBCgEBgwM?= =?us-ascii?q?BAQEBAR9YfKMVAQaBHIFtFgGKO4o0DIF0hihTAQEBAQEBAQECAQJfKIIzGIEAW?= =?us-ascii?q?zwGQAEBOA8gHxI8GxmIXAGvZoMngxkBAQWIRAiFdI9GiEoHhgiBPYoWhjWKBAu?= =?us-ascii?q?CPI1UkS4CVXobgweCCXGICQEBAQ?= X-IronPort-AV: E=Sophos;i="5.31,605,1473120000"; d="scan'208";a="536458" Received: from anor.bigon.be ([91.121.173.99]) by emsm-gh1-uea11.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 07 Nov 2016 09:51:13 +0000 Received: from anor.bigon.be (localhost.localdomain [127.0.0.1]) by anor.bigon.be (Postfix) with ESMTP id CCB411A1AE for ; Mon, 7 Nov 2016 10:51:12 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=bigon.be; h= references:in-reply-to:x-mailer:message-id:date:date:subject :subject:from:from:received:received:received; s=key1; t= 1478512269; x=1480326670; bh=hvvJZLQAc+Ptq9tIbtPYgYgbI7p2zJMpD59 v1ptZUBE=; b=gKu1IWrJG2QZaKGuxlm6IV6YlviwnpLv9ltbVjeluZiCdCTyh7B 0t/K7A6ysx2c+bMFad6Jm5P0bn7cFVd10XamwJSf4zDWegDzNXrb56N+fTyy6LFm MA9XL9R1dWsTHdoZq2RTpPX8A6DohfAcJH9sB51tWZvojGO8q4KVKgtQ= X-Virus-Scanned: Debian amavisd-new at bigon.be Received: from anor.bigon.be ([127.0.0.1]) by anor.bigon.be (anor.bigon.be [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id uwxXT7dehTRG for ; Mon, 7 Nov 2016 10:51:09 +0100 (CET) Received: from valinor.bigon.be (unknown [193.53.238.201]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) (Authenticated sender: bigon) by anor.bigon.be (Postfix) with ESMTPSA id 2BC491A1A8 for ; Mon, 7 Nov 2016 10:51:09 +0100 (CET) Received: from bigon (uid 1000) (envelope-from bigon@bigon.be) id 5fb7d by valinor.bigon.be (DragonFly Mail Agent v0.11); Mon, 07 Nov 2016 10:51:08 +0100 From: Laurent Bigonville To: selinux@tycho.nsa.gov Subject: [Patch v2 2/2] policycoreutils: Make sepolicy work with python3 Date: Mon, 7 Nov 2016 10:51:08 +0100 Message-Id: <20161107095108.22306-1-bigon@debian.org> X-Mailer: git-send-email 2.10.2 In-Reply-To: <20161107080117.24030-2-bigon@debian.org> References: <20161107080117.24030-2-bigon@debian.org> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP From: Laurent Bigonville Add python3 support for sepolicy Signed-off-by: Laurent Bigonville --- policycoreutils/sepolicy/selinux_client.py | 6 ++-- policycoreutils/sepolicy/sepolicy.py | 38 ++++++++++++------------ policycoreutils/sepolicy/sepolicy/__init__.py | 16 ++++++---- policycoreutils/sepolicy/sepolicy/communicate.py | 4 +-- policycoreutils/sepolicy/sepolicy/generate.py | 30 +++++++++---------- policycoreutils/sepolicy/sepolicy/interface.py | 14 ++++++--- policycoreutils/sepolicy/sepolicy/manpage.py | 7 +++-- 7 files changed, 65 insertions(+), 50 deletions(-) diff --git a/policycoreutils/sepolicy/selinux_client.py b/policycoreutils/sepolicy/selinux_client.py index 7f4a91c..dc29f28 100644 --- a/policycoreutils/sepolicy/selinux_client.py +++ b/policycoreutils/sepolicy/selinux_client.py @@ -39,6 +39,6 @@ if __name__ == "__main__": try: dbus_proxy = SELinuxDBus() resp = dbus_proxy.customized() - print convert_customization(resp) - except dbus.DBusException, e: - print e + print(convert_customization(resp)) + except dbus.DBusException as e: + print(e) diff --git a/policycoreutils/sepolicy/sepolicy.py b/policycoreutils/sepolicy/sepolicy.py index 3e502a7..5bf9b52 100755 --- a/policycoreutils/sepolicy/sepolicy.py +++ b/policycoreutils/sepolicy/sepolicy.py @@ -262,7 +262,7 @@ def _print_net(src, protocol, perm): if len(portdict) > 0: bold_start = "\033[1m" bold_end = "\033[0;0m" - print "\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end + print("\n" + bold_start + "%s: %s %s" % (src, protocol, perm) + bold_end) port_strings = [] boolean_text = "" for p in portdict: @@ -275,7 +275,7 @@ def _print_net(src, protocol, perm): port_strings.append("%s (%s)" % (", ".join(recs), t)) port_strings.sort(numcmp) for p in port_strings: - print "\t" + p + print("\t" + p) def network(args): @@ -286,7 +286,7 @@ def network(args): if i[0] not in all_ports: all_ports.append(i[0]) all_ports.sort() - print "\n".join(all_ports) + print("\n".join(all_ports)) for port in args.port: found = False @@ -297,18 +297,18 @@ def network(args): else: range = "%s-%s" % (i[0], i[1]) found = True - print "%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range) + print("%d: %s %s %s" % (port, i[2], portrecsbynum[i][0], range)) if not found: if port < 500: - print "Undefined reserved port type" + print("Undefined reserved port type") else: - print "Undefined port type" + print("Undefined port type") for t in args.type: if (t, 'tcp') in portrecs.keys(): - print "%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp'])) + print("%s: tcp: %s" % (t, ",".join(portrecs[t, 'tcp']))) if (t, 'udp') in portrecs.keys(): - print "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp'])) + print( "%s: udp: %s" % (t, ",".join(portrecs[t, 'udp']))) for a in args.applications: d = sepolicy.get_init_transtype(a) @@ -357,7 +357,7 @@ def manpage(args): for domain in test_domains: m = ManPage(domain, path, args.root, args.source_files, args.web) - print m.get_man_page_path() + print(m.get_man_page_path()) if args.web: HTMLManPages(manpage_roles, manpage_domains, path, args.os) @@ -418,7 +418,7 @@ def communicate(args): out = list(set(writable) & set(readable)) for t in out: - print t + print(t) def gen_communicate_args(parser): @@ -445,7 +445,7 @@ def booleans(args): args.booleans.sort() for b in args.booleans: - print "%s=_(\"%s\")" % (b, boolean_desc(b)) + print("%s=_(\"%s\")" % (b, boolean_desc(b))) def gen_booleans_args(parser): @@ -484,16 +484,16 @@ def print_interfaces(interfaces, args, append=""): for i in interfaces: if args.verbose: try: - print get_interface_format_text(i + append) + print(get_interface_format_text(i + append)) except KeyError: - print i + print(i) if args.compile: try: interface_compile_test(i) except KeyError: - print i + print(i) else: - print i + print(i) def interface(args): @@ -565,7 +565,7 @@ def generate(args): if args.policytype in APPLICATIONS: mypolicy.gen_writeable() mypolicy.gen_symbols() - print mypolicy.generate(args.path) + print(mypolicy.generate(args.path)) def gen_interface_args(parser): @@ -698,12 +698,12 @@ if __name__ == '__main__': args = parser.parse_args(args=parser_args) args.func(args) sys.exit(0) - except ValueError, e: + except ValueError as e: sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) sys.exit(1) - except IOError, e: + except IOError as e: sys.stderr.write("%s: %s\n" % (e.__class__.__name__, str(e))) sys.exit(1) except KeyboardInterrupt: - print "Out" + print("Out") sys.exit(0) diff --git a/policycoreutils/sepolicy/sepolicy/__init__.py b/policycoreutils/sepolicy/sepolicy/__init__.py index 8fbd5b4..fee6438 100644 --- a/policycoreutils/sepolicy/sepolicy/__init__.py +++ b/policycoreutils/sepolicy/sepolicy/__init__.py @@ -695,7 +695,7 @@ def get_methods(): # List of per_role_template interfaces ifs = interfaces.InterfaceSet() ifs.from_file(fd) - methods = ifs.interfaces.keys() + methods = list(ifs.interfaces.keys()) fd.close() except: sys.stderr.write("could not open interface info [%s]\n" % fn) @@ -752,7 +752,10 @@ def get_all_entrypoint_domains(): def gen_interfaces(): - import commands + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput ifile = defaults.interface_info() headers = defaults.headers() try: @@ -763,7 +766,7 @@ def gen_interfaces(): if os.getuid() != 0: raise ValueError(_("You must regenerate interface info by running /usr/bin/sepolgen-ifgen")) - print(commands.getstatusoutput("/usr/bin/sepolgen-ifgen")[1]) + print(getstatusoutput("/usr/bin/sepolgen-ifgen")[1]) def gen_port_dict(): @@ -1085,8 +1088,11 @@ def get_os_version(): os_version = "" pkg_name = "selinux-policy" try: - import commands - rc, output = commands.getstatusoutput("rpm -q '%s'" % pkg_name) + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput + rc, output = getstatusoutput("rpm -q '%s'" % pkg_name) if rc == 0: os_version = output.split(".")[-2] except: diff --git a/policycoreutils/sepolicy/sepolicy/communicate.py b/policycoreutils/sepolicy/sepolicy/communicate.py index b96c4b9..299316e 100755 --- a/policycoreutils/sepolicy/sepolicy/communicate.py +++ b/policycoreutils/sepolicy/sepolicy/communicate.py @@ -34,8 +34,8 @@ def usage(parser, msg): def expand_attribute(attribute): try: - return sepolicy.info(sepolicy.ATTRIBUTE, attribute)[0]["types"] - except RuntimeError: + return list(next(sepolicy.info(sepolicy.ATTRIBUTE, attribute))["types"]) + except StopIteration: return [attribute] diff --git a/policycoreutils/sepolicy/sepolicy/generate.py b/policycoreutils/sepolicy/sepolicy/generate.py index 65b33b6..5696110 100644 --- a/policycoreutils/sepolicy/sepolicy/generate.py +++ b/policycoreutils/sepolicy/sepolicy/generate.py @@ -31,21 +31,21 @@ import time import types import platform -from templates import executable -from templates import boolean -from templates import etc_rw -from templates import unit_file -from templates import var_cache -from templates import var_spool -from templates import var_lib -from templates import var_log -from templates import var_run -from templates import tmp -from templates import rw -from templates import network -from templates import script -from templates import spec -from templates import user +from .templates import executable +from .templates import boolean +from .templates import etc_rw +from .templates import unit_file +from .templates import var_cache +from .templates import var_spool +from .templates import var_lib +from .templates import var_log +from .templates import var_run +from .templates import tmp +from .templates import rw +from .templates import network +from .templates import script +from .templates import spec +from .templates import user import sepolgen.interfaces as interfaces import sepolgen.defaults as defaults diff --git a/policycoreutils/sepolicy/sepolicy/interface.py b/policycoreutils/sepolicy/sepolicy/interface.py index c2cb971..8956f39 100644 --- a/policycoreutils/sepolicy/sepolicy/interface.py +++ b/policycoreutils/sepolicy/sepolicy/interface.py @@ -192,10 +192,13 @@ def generate_compile_te(interface, idict, name="compiletest"): def get_xml_file(if_file): """ Returns xml format of interfaces for given .if policy file""" import os - import commands + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput basedir = os.path.dirname(if_file) + "/" filename = os.path.basename(if_file).split(".")[0] - rc, output = commands.getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename) + rc, output = getstatusoutput("python /usr/share/selinux/devel/include/support/segenxml.py -w -m %s" % basedir + filename) if rc != 0: sys.stderr.write("\n Could not proceed selected interface file.\n") sys.stderr.write("\n%s" % output) @@ -208,7 +211,10 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml" exclude_interfaces = ["userdom", "kernel", "corenet", "files", "dev"] exclude_interface_type = ["template"] - import commands + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput import os policy_files = {'pp': "compiletest.pp", 'te': "compiletest.te", 'fc': "compiletest.fc", 'if': "compiletest.if"} idict = get_interface_dict(path) @@ -219,7 +225,7 @@ def interface_compile_test(interface, path="/usr/share/selinux/devel/policy.xml" fd = open(policy_files['te'], "w") fd.write(generate_compile_te(interface, idict)) fd.close() - rc, output = commands.getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp']) + rc, output = getstatusoutput("make -f /usr/share/selinux/devel/Makefile %s" % policy_files['pp']) if rc != 0: sys.stderr.write(output) sys.stderr.write(_("\nCompile test for %s failed.\n") % interface) diff --git a/policycoreutils/sepolicy/sepolicy/manpage.py b/policycoreutils/sepolicy/sepolicy/manpage.py index 7365f93..773a9ab 100755 --- a/policycoreutils/sepolicy/sepolicy/manpage.py +++ b/policycoreutils/sepolicy/sepolicy/manpage.py @@ -27,7 +27,6 @@ __all__ = ['ManPage', 'HTMLManPages', 'manpage_domains', 'manpage_roles', 'gen_d import string import selinux import sepolicy -import commands import os import time @@ -162,7 +161,11 @@ def get_alphabet_manpages(manpage_list): def convert_manpage_to_html(html_manpage, manpage): - rc, output = commands.getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage) + try: + from commands import getstatusoutput + except ImportError: + from subprocess import getstatusoutput + rc, output = getstatusoutput("/usr/bin/groff -man -Thtml %s 2>/dev/null" % manpage) if rc == 0: print(html_manpage, "has been created") fd = open(html_manpage, 'w')