diff mbox series

[v1,2/2] policygen: respect CIL option when generating comments

Message ID 20240801193241.1627605-2-dmitry.sharshakov@siderolabs.com (mailing list archive)
State Accepted
Commit e79a14c77b93
Delegated to: Petr Lautrbach
Headers show
Series [v1,1/2] sepolgen: initialize gen_cil | expand

Commit Message

dmitry.sharshakov@siderolabs.com Aug. 1, 2024, 7:32 p.m. UTC 
From: Dmitry Sharshakov <dmitry.sharshakov@siderolabs.com>

Make explanatory comments follow the common style of comments (Classic language / CIL)

Signed-off-by: Dmitry Sharshakov <dmitry.sharshakov@siderolabs.com>
---
 python/sepolgen/src/sepolgen/policygen.py | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)
diff mbox series

Patch

diff --git a/python/sepolgen/src/sepolgen/policygen.py b/python/sepolgen/src/sepolgen/policygen.py
index 5d59dad7..7715bed5 100644
--- a/python/sepolgen/src/sepolgen/policygen.py
+++ b/python/sepolgen/src/sepolgen/policygen.py
@@ -179,7 +179,9 @@  class PolicyGenerator:
             rule.rule_type = rule.DONTAUDIT
         rule.comment = ""
         if self.explain:
-            rule.comment = str(refpolicy.Comment(explain_access(av, verbosity=self.explain)))
+            comment = refpolicy.Comment(explain_access(av, verbosity=self.explain))
+            comment.set_gen_cil(self.gen_cil)
+            rule.comment = str(comment)
 
         if av.type == audit2why.ALLOW:
             rule.comment += "\n%s!!!! This avc is allowed in the current policy" % self.comment_start