| Message ID | 20181221204333.27445-4-nicolas.iooss@m4x.org (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | [1/4] python/sepolgen: close /etc/selinux/sepolgen.conf after parsing it | expand |
Nicolas Iooss <nicolas.iooss@m4x.org> writes: > Importing sepolicy as non-root on a system with SELinux causes the > following exception to be raised: > > ValueError: No SELinux Policy installed > > Ignore this when using audit2why, which allows using it with option > --policy as a non-root user. > > Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> All 4 merged. Thanks! > --- > python/audit2allow/audit2allow | 11 ++++++++--- > 1 file changed, 8 insertions(+), 3 deletions(-) > > diff --git a/python/audit2allow/audit2allow b/python/audit2allow/audit2allow > index 195f151c6ca1..18fe0a531d02 100644 > --- a/python/audit2allow/audit2allow > +++ b/python/audit2allow/audit2allow > @@ -242,7 +242,10 @@ class AuditToPolicy: > > def __output_audit2why(self): > import selinux > - import sepolicy > + try: > + import sepolicy > + except (ImportError, ValueError): > + sepolicy = None > for i in self.__parser.avc_msgs: > rc = i.type > data = i.data > @@ -262,11 +265,13 @@ class AuditToPolicy: > if len(data) > 1: > print("\tOne of the following booleans was set incorrectly.") > for b in data: > - print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(b[0])) > + if sepolicy is not None: > + print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(b[0])) > print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1])) > else: > print("\tThe boolean %s was set incorrectly. " % (data[0][0])) > - print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(data[0][0])) > + if sepolicy is not None: > + print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(data[0][0])) > print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (data[0][0], data[0][1])) > continue
diff --git a/python/audit2allow/audit2allow b/python/audit2allow/audit2allow index 195f151c6ca1..18fe0a531d02 100644 --- a/python/audit2allow/audit2allow +++ b/python/audit2allow/audit2allow @@ -242,7 +242,10 @@ class AuditToPolicy: def __output_audit2why(self): import selinux - import sepolicy + try: + import sepolicy + except (ImportError, ValueError): + sepolicy = None for i in self.__parser.avc_msgs: rc = i.type data = i.data @@ -262,11 +265,13 @@ class AuditToPolicy: if len(data) > 1: print("\tOne of the following booleans was set incorrectly.") for b in data: - print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(b[0])) + if sepolicy is not None: + print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(b[0])) print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (b[0], b[1])) else: print("\tThe boolean %s was set incorrectly. " % (data[0][0])) - print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(data[0][0])) + if sepolicy is not None: + print("\tDescription:\n\t%s\n" % sepolicy.boolean_desc(data[0][0])) print("\tAllow access by executing:\n\t# setsebool -P %s %d" % (data[0][0], data[0][1])) continue
Importing sepolicy as non-root on a system with SELinux causes the following exception to be raised: ValueError: No SELinux Policy installed Ignore this when using audit2why, which allows using it with option --policy as a non-root user. Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> --- python/audit2allow/audit2allow | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-)