Menu
▾
▴
[Selinux-commits] SF.net SVN: selinux: [2259] trunk
|
From: <ssm...@us...> - 2007-02-22 14:36:10
|
Revision: 2259
http://svn.sourceforge.net/selinux/?rev=2259&view=rev
Author: ssmalley
Date: 2007-02-22 06:36:04 -0800 (Thu, 22 Feb 2007)
Log Message:
-----------
Author: Karl MacMillan
Email: kma...@me...
Subject: sepolgen: leave generated files in current directory
Date: Wed, 21 Feb 2007 13:02:04 -0500
This patch changes sepolgen so that the generated te files are left in
the current directory when generating policy modules (with -M). This
matches the behavior of the old audit2allow and allows review of the te
file before inserting the module.
Signed-off-by: Karl MacMillan <kma...@me...>
Modified Paths:
--------------
trunk/policycoreutils/audit2allow/audit2allow
trunk/sepolgen/src/sepolgen/module.py
trunk/sepolgen/tests/test_module.py
Modified: trunk/policycoreutils/audit2allow/audit2allow
===================================================================
--- trunk/policycoreutils/audit2allow/audit2allow 2007-02-22 14:03:31 UTC (rev 2258)
+++ trunk/policycoreutils/audit2allow/audit2allow 2007-02-22 14:36:04 UTC (rev 2259)
@@ -1,7 +1,7 @@
#! /usr/bin/python -E
# Authors: Karl MacMillan <kma...@me...>
#
-# Copyright (C) 2006 Red Hat
+# Copyright (C) 2006-2007 Red Hat
# see file 'COPYING' for use and warranty information
#
# This program is free software; you can redistribute it and/or
@@ -94,7 +94,6 @@
if not module.is_valid_name(name):
sys.stderr.write("only letters and numbers allowed in module names\n")
sys.exit(2)
-
# Make -M and -o conflict
if options.module_package:
@@ -136,14 +135,14 @@
except IOError, e:
sys.stderr.write('could not open file %s - "%s"\n' % (filename, str(e)))
sys.exit(1)
-
+
if f is not None:
parser.parse_file(f)
f.close()
if messages is not None:
parser.parse_string(messages)
-
+
self.__parser = parser
def __process_input(self):
@@ -182,16 +181,41 @@
perm_maps = objectmodel.PermMappings()
perm_maps.from_file(fd)
-
+
return (ifs, perm_maps)
-
-
+
+ def __output_modulepackage(self, writer, generator):
+ generator.set_module_name(self.__options.module_package)
+ filename = self.__options.module_package + ".te"
+ packagename = self.__options.module_package + ".pp"
+
+ try:
+ fd = open(filename, "w")
+ except IOError, e:
+ sys.stderr.write("could not write output file: %s\n", str(e))
+ sys.exit(1)
+
+ writer.write(generator.get_module(), fd)
+ fd.close()
+
+ mc = module.ModuleCompiler()
+
+ try:
+ mc.create_module_package(filename, self.__options.refpolicy)
+ except RuntimeError, e:
+ print e
+ sys.exit(1)
+
+ sys.stdout.write(_("******************** IMPORTANT ***********************\n"))
+ sys.stdout.write((_("To make this policy package active, execute:" +\
+ "\n\nsemodule -i %s\n\n") % packagename))
+
def __output(self):
g = policygen.PolicyGenerator()
-
+
if self.__options.module:
g.set_module_name(self.__options.module)
-
+
# Interface generation
if self.__options.refpolicy:
ifs, perm_maps = self.__load_interface_info()
@@ -215,34 +239,7 @@
# Module package
if self.__options.module_package:
- g.set_module_name(self.__options.module_package)
-
- fd = tempfile.NamedTemporaryFile()
- writer.write(g.get_module(), fd)
- fd.flush()
-
- mc = module.ModuleCompiler()
- if self.__options.debug:
- clean = False
- else:
- clean = True
-
- if self.__options.refpolicy:
- mc.refpolicy = True
-
- try:
- mc.create_module_package(fd.name, self.__options.module_package + ".pp",
- cleanup=clean)
- except RuntimeError, e:
- print e
- sys.exit(1)
-
- # This should unlink the temporary file
- fd.close()
- sys.stdout.write(_("******************** IMPORTANT ***********************\n"))
- sys.stdout.write((_("To make this policy package active, execute:" +\
- "\n\nsemodule -i %s.pp\n\n") % self.__options.module_package))
-
+ self.__output_modulepackage(writer, g)
else:
# File or stdout
if self.__options.module:
@@ -253,7 +250,7 @@
else:
fd = sys.stdout
writer.write(g.get_module(), fd)
-
+
def main(self):
try:
self.__parse_options()
Modified: trunk/sepolgen/src/sepolgen/module.py
===================================================================
--- trunk/sepolgen/src/sepolgen/module.py 2007-02-22 14:03:31 UTC (rev 2258)
+++ trunk/sepolgen/src/sepolgen/module.py 2007-02-22 14:36:04 UTC (rev 2259)
@@ -92,7 +92,8 @@
module compiler (checkmodule) and module packager (semodule_package).
You are likely interested in the create_module_package method.
- Several options are controlled via paramaters:
+ Several options are controlled via paramaters (only effects the
+ non-refpol builds):
.mls [boolean] Generate an MLS module (by passed -M to
checkmodule). True to generate an MLS module, false
@@ -119,8 +120,8 @@
self.semodule_package = "/usr/bin/semodule_package"
self.output = output
self.last_output = ""
+ self.refpol_makefile = "/usr/share/selinux/devel/Makefile"
self.make = "/usr/bin/make"
- self.refpolicy = False
def o(self, str):
if self.output:
@@ -133,8 +134,25 @@
self.o(output)
return rc
+
+ def gen_filenames(self, sourcename):
+ """Generate the module and policy package filenames from
+ a source file name. The source file must be in the form
+ of "foo.te". This will generate "foo.mod" and "foo.pp".
+
+ Returns a tuple with (modname, policypackage).
+ """
+ splitname = sourcename.split(".")
+ if len(splitname) < 2:
+ raise RuntimeError("invalid sourcefile name %s (must end in .te)", sourcename)
+ # Handle other periods in the filename correctly
+ basename = ".".join(splitname[0:-1])
+ modname = basename + ".mod"
+ packagename = basename + ".pp"
+
+ return (modname, packagename)
- def create_module_package(self, sourcename, packagename, cleanup=True):
+ def create_module_package(self, sourcename, refpolicy=True):
"""Create a module package saved in a packagename from a
sourcename.
@@ -150,47 +168,23 @@
On error a RuntimeError will be raised with a descriptive
error message.
"""
- if self.refpolicy:
- self.refpol_build(sourcename, packagename, cleanup)
+ if refpolicy:
+ self.refpol_build(sourcename)
else:
- modfile = tempfile.NamedTemporaryFile()
- self.compile(sourcename, modfile.name)
- self.package(modfile.name, packagename)
- modfile.close()
-
- def refpol_build(self, sourcename, packagename, cleanup):
- # Create a fake directory tree
- parent = tempfile.mkdtemp()
- modname = modname_from_sourcename(packagename)
- tree = ModuleTree(modname)
- tree.create(parent)
-
- # Copy the source
- tefd = open(tree.te_name(), "w")
- sourcefd = open(sourcename)
- tefd.write(sourcefd.read())
- tefd.close()
-
+ modname, packagename = self.gen_filenames(sourcename)
+ self.compile(sourcename, modname)
+ self.package(modname, packagename)
+ os.unlink(modname)
+
+ def refpol_build(self, sourcename):
# Compile
- p = subprocess.Popen(self.make, stdout=subprocess.PIPE,
- stderr=subprocess.PIPE, cwd=tree.dir_name())
- self.o("\n".join(p.communicate()))
+ command = self.make + " -f " + self.refpol_makefile
+ rc = self.run(command)
- # Copy the package
- if p.returncode == 0:
- shutil.copyfile(tree.package_name(), packagename)
-
- # Remove the tree
- if cleanup:
- shutil.rmtree(parent)
- else:
- print "generated module at %s\n" % parent
-
# Raise an error if the process failed
- if p.returncode != 0:
+ if rc != 0:
raise RuntimeError("compilation failed:\n%s" % self.last_output)
-
def compile(self, sourcename, modname):
s = [self.checkmodule]
if self.mls:
Modified: trunk/sepolgen/tests/test_module.py
===================================================================
--- trunk/sepolgen/tests/test_module.py 2007-02-22 14:03:31 UTC (rev 2258)
+++ trunk/sepolgen/tests/test_module.py 2007-02-22 14:36:04 UTC (rev 2259)
@@ -25,11 +25,11 @@
def test(self):
package = "module_compile_test.pp"
mc = module.ModuleCompiler()
- mc.create_module_package("module_compile_test.te", package)
+ mc.create_module_package("module_compile_test.te", refpolicy=True)
os.stat(package)
os.unlink(package)
mc.refpolicy = True
- mc.create_module_package("module_compile_test.te", "module_compile_test.pp")
+ mc.create_module_package("module_compile_test.te", refpolicy=False)
os.stat(package)
- #os.unlink(package)
+ os.unlink(package)
This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.
|
