From patchwork Tue Sep 19 20:49:16 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Nicolas Iooss <nicolas.iooss@m4x.org>
X-Patchwork-Id: 9960401
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	A8AAD6038F for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 19 Sep 2017 22:19:32 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 90F4A28F15
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 19 Sep 2017 22:19:32 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 85D7828F16; Tue, 19 Sep 2017 22:19:32 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from UPBD19PA09.eemsg.mail.mil (upbd19pa09.eemsg.mail.mil
	[214.24.27.84])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D0F7028F1E
	for <patchwork-selinux@patchwork.kernel.org>;
	Tue, 19 Sep 2017 22:19:30 +0000 (UTC)
Received: from emsm-gh1-uea11.ncsc.mil ([214.29.60.3])
	by UPBD19PA09.eemsg.mail.mil with ESMTP/TLS/AES256-SHA;
	19 Sep 2017 22:19:16 +0000
Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1])
	by emsm-gh1-uea11.NCSC.MIL with ESMTP; 19 Sep 2017 22:19:14 +0000
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v8JMIn93006787;
	Tue, 19 Sep 2017 18:18:56 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	v8JMIlxk045820 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Tue, 19 Sep 2017 18:18:47 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id v8JMIkuw006782
	for <selinux@tycho.nsa.gov>; Tue, 19 Sep 2017 18:18:47 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A1CpAgCnlsFZfy0bGNZbHQEFAQsBgy8og?=
	=?us-ascii?q?VUnjwmPApo1E4oFVwECAQEBAQECEwEBCxaHS3uIYYFSAwEBmGiSN4QRhz+DK4I?=
	=?us-ascii?q?CgVGKU4UIHwWKDJcAgi2SHIIgiWiGf0iUb4E5gWQyITGFGgELAXiBUHSIegEBA?=
	=?us-ascii?q?Q?=
X-IPAS-Result: =?us-ascii?q?A1CpAgCnlsFZfy0bGNZbHQEFAQsBgy8ogVUnjwmPApo1E4o?=
	=?us-ascii?q?FVwECAQEBAQECEwEBCxaHS3uIYYFSAwEBmGiSN4QRhz+DK4ICgVGKU4UIHwWKD?=
	=?us-ascii?q?JcAgi2SHIIgiWiGf0iUb4E5gWQyITGFGgELAXiBUHSIegEBAQ?=
X-IronPort-AV: E=Sophos;i="5.42,419,1500955200";
   d="scan'208";a="56948"
Received: from emsm-gh1-uea10.ncsc.mil ([214.29.60.34])
	by goalie.tycho.ncsc.mil with ESMTP; 19 Sep 2017 18:18:46 -0400
Received: from updc3cpa06.eemsg.mail.mil ([214.24.27.45])
	by EMSM-GH1-UEA10.NCSC.MIL with ESMTP; 19 Sep 2017 22:18:45 +0000
X-EEMSG-check-005: 0
X-EEMSG-check-006: 000-001;93a59d24-271c-449f-8025-8652c7ed565d
Authentication-Results: upbd19pa04.eemsg.mail.mil;
	dkim=neutral (message not signed) header.i=none
X-EEMSG-check-008: 255450356|UPBD19PA04_EEMSG_MP4.csd.disa.mil
X-EEMSG-SBRS: 3.5
X-EEMSG-ORIG-IP: 129.104.30.34
X-EEMSG-check-002: true
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A0ADAgD5gcFZhyIeaIFbHAEBBAEBCgEBgy+BfSePCY8CmjUTigVDFAECAQEBAQEBARMBAQEKCwkIKC+HaYhhgVIEAasfhBGHQIMrggKBUYpThQgfBYoMlwCCLZIcgiCJaIZ/SJRvgTk2gS4yITGFGgELAXiBUHSIegEBAQ
X-IPAS-Result: 
 A0ADAgD5gcFZhyIeaIFbHAEBBAEBCgEBgy+BfSePCY8CmjUTigVDFAECAQEBAQEBARMBAQEKCwkIKC+HaYhhgVIEAasfhBGHQIMrggKBUYpThQgfBYoMlwCCLZIcgiCJaIZ/SJRvgTk2gS4yITGFGgELAXiBUHSIegEBAQ
Received: from mx1.polytechnique.org ([129.104.30.34])
	by upbd19pa04.eemsg.mail.mil with ESMTP; 19 Sep 2017 20:50:17 +0000
Received: from localhost.localdomain (abo-251-56-69.avi.modulonet.fr
	[85.69.56.251])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128
	bits)) (No client certificate requested)
	by ssl.polytechnique.org (Postfix) with ESMTPSA id 1E246564696
	for <selinux@tycho.nsa.gov>; Tue, 19 Sep 2017 22:49:45 +0200 (CEST)
From: Nicolas Iooss <nicolas.iooss@m4x.org>
To: selinux@tycho.nsa.gov
Date: Tue, 19 Sep 2017 22:49:16 +0200
Message-Id: <20170919204916.2943-1-nicolas.iooss@m4x.org>
X-Mailer: git-send-email 2.14.1
X-AV-Checked: ClamAV using ClamSMTP at svoboda.polytechnique.org (Tue Sep 19
	22:49:45 2017 +0200 (CEST))
X-Org-Mail: nicolas.iooss.2010@polytechnique.org
Subject: [PATCH v2 1/1] sepolicy: do not fail when
	file_contexts.local or .subs do not exist
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP

On a system without any file context customizations, "sepolicy gui"
fails to load because it tries to read a non-existing file:

    FileNotFoundError: [Errno 2] No such file or directory:
    '/etc/selinux/refpolicy-git/contexts/files/file_contexts.local'

Once this issue is fixed, another one is triggered:

    FileNotFoundError: [Errno 2] No such file or directory:
    '/etc/selinux/refpolicy-git/contexts/files/file_contexts.subs

Use try/except to catch these exceptions and use OSError/errno.ENOENT to
keep the code compatible with Python 2.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
 python/sepolicy/sepolicy/__init__.py | 36 +++++++++++++++++++++++-------------
 1 file changed, 23 insertions(+), 13 deletions(-)

diff --git a/python/sepolicy/sepolicy/__init__.py b/python/sepolicy/sepolicy/__init__.py
index 03742346caf0..d41fc6ae1543 100644
--- a/python/sepolicy/sepolicy/__init__.py
+++ b/python/sepolicy/sepolicy/__init__.py
@@ -4,6 +4,7 @@
 # Author: Ryan Hallisey <rhallise@redhat.com>
 # Author: Jason Zaman <perfinion@gentoo.org>
 
+import errno
 import selinux
 import setools
 import glob
@@ -523,12 +524,15 @@ def find_entrypoint_path(exe, exclude_list=[]):
 
 
 def read_file_equiv(edict, fc_path, modify):
-    fd = open(fc_path, "r")
-    fc = fd.readlines()
-    fd.close()
-    for e in fc:
-        f = e.split()
-        edict[f[0]] = {"equiv": f[1], "modify": modify}
+    try:
+        with open(fc_path, "r") as fd:
+            fc = fd.readlines()
+            for e in fc:
+                f = e.split()
+                edict[f[0]] = {"equiv": f[1], "modify": modify}
+    except OSError as e:
+        if e.errno != errno.ENOENT:
+            raise
     return edict
 
 
@@ -555,9 +559,13 @@ def get_local_file_paths(fc_path=selinux.selinux_file_context_path()):
     if local_files:
         return local_files
     local_files = []
-    fd = open(fc_path + ".local", "r")
-    fc = fd.readlines()
-    fd.close()
+    try:
+        with open(fc_path + ".local", "r") as fd:
+            fc = fd.readlines()
+    except OSError as e:
+        if e.errno != errno.ENOENT:
+            raise
+        return []
     for i in fc:
         rec = i.split()
         if len(rec) == 0:
@@ -585,10 +593,12 @@ def get_fcdict(fc_path=selinux.selinux_file_context_path()):
     fc += fd.readlines()
     fd.close()
     fcdict = {}
-    if os.path.exists(fc_path + ".local"):
-        fd = open(fc_path + ".local", "r")
-        fc += fd.readlines()
-        fd.close()
+    try:
+        with open(fc_path + ".local", "r") as fd:
+            fc += fd.readlines()
+    except OSError as e:
+        if e.errno != errno.ENOENT:
+            raise
 
     for i in fc:
         rec = i.split()