| Message ID | 20190103120340.2695-5-plautrba@redhat.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show |
| Series | [v2,1/5] python/semanage: move valid_types initialisations to class constructors | expand |
On Thu, Jan 3, 2019 at 1:03 PM Petr Lautrbach <plautrba@redhat.com> wrote: > > The sorting order seems to be fragile because '100' < '99', so the policy > filename needs to be parsed in order to extract the version as an integer and > sort according to it. > > Based on idea from Nicolas Iooss <nicolas.iooss@m4x.org> > > Signed-off-by: Petr Lautrbach <plautrba@redhat.com> Thanks, merged all 5 commits. Nicolas > --- > python/sepolicy/sepolicy/__init__.py | 25 ++++++++++++++++++------- > 1 file changed, 18 insertions(+), 7 deletions(-) > > diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py > index b69a6b94..6f729472 100644 > --- a/python/sepolicy/sepolicy/__init__.py > +++ b/python/sepolicy/sepolicy/__init__.py > @@ -119,23 +119,34 @@ all_allow_rules = None > all_transitions = None > > > +def policy_sortkey(policy_path): > + # Parse the extension of a policy path which looks like .../policy/policy.31 > + extension = policy_path.rsplit('/policy.', 1)[1] > + try: > + return int(extension), policy_path > + except ValueError: > + # Fallback with sorting on the full path > + return 0, policy_path > + > def get_installed_policy(root="/"): > try: > path = root + selinux.selinux_binary_policy_path() > policies = glob.glob("%s.*" % path) > - policies.sort() > + policies.sort(key=policy_sortkey) > return policies[-1] > except: > pass > raise ValueError(_("No SELinux Policy installed")) > > -def get_store_policy(store, root="/"): > - try: > - policies = glob.glob("%s%s/policy/policy.*" % (selinux.selinux_path(), store)) > - policies.sort() > - return policies[-1] > - except: > +def get_store_policy(store): > + """Get the path to the policy file located in the given store name""" > + policies = glob.glob("%s%s/policy/policy.*" % > + (selinux.selinux_path(), store)) > + if not policies: > return None > + # Return the policy with the higher version number > + policies.sort(key=policy_sortkey) > + return policies[-1] > > def policy(policy_file): > global all_domains > -- > 2.20.1 >
diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py index b69a6b94..6f729472 100644 --- a/python/sepolicy/sepolicy/__init__.py +++ b/python/sepolicy/sepolicy/__init__.py @@ -119,23 +119,34 @@ all_allow_rules = None all_transitions = None +def policy_sortkey(policy_path): + # Parse the extension of a policy path which looks like .../policy/policy.31 + extension = policy_path.rsplit('/policy.', 1)[1] + try: + return int(extension), policy_path + except ValueError: + # Fallback with sorting on the full path + return 0, policy_path + def get_installed_policy(root="/"): try: path = root + selinux.selinux_binary_policy_path() policies = glob.glob("%s.*" % path) - policies.sort() + policies.sort(key=policy_sortkey) return policies[-1] except: pass raise ValueError(_("No SELinux Policy installed")) -def get_store_policy(store, root="/"): - try: - policies = glob.glob("%s%s/policy/policy.*" % (selinux.selinux_path(), store)) - policies.sort() - return policies[-1] - except: +def get_store_policy(store): + """Get the path to the policy file located in the given store name""" + policies = glob.glob("%s%s/policy/policy.*" % + (selinux.selinux_path(), store)) + if not policies: return None + # Return the policy with the higher version number + policies.sort(key=policy_sortkey) + return policies[-1] def policy(policy_file): global all_domains
The sorting order seems to be fragile because '100' < '99', so the policy filename needs to be parsed in order to extract the version as an integer and sort according to it. Based on idea from Nicolas Iooss <nicolas.iooss@m4x.org> Signed-off-by: Petr Lautrbach <plautrba@redhat.com> --- python/sepolicy/sepolicy/__init__.py | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-)